1. Add rel="noreferrer" to the links you inject.
2. I don't think nested anchors are valid HTML. Try injecting your links after the username link, not inside it. And the underline between each icon on hover (in Firefox on HN pages at least) looks horrible.
3. All those icons look messy. Why not collapse into a single keybase icon which maybe opens a tooltip with more details when you click on it?
2. yeah. I should do that.
3. Yup. Already on my roadmap, just makes things a bit more complicated.
Edit: 1 & 2 done in v2.2
You probably want these icons at 50% opacity to match existing styling of the block.
Also, as others have noted, it makes the page look overly busy with secondary items, so they are probably best kept hidden by default, shown on hover and fronted by a single (smaller) icon, like a checkmark. That is, you hover over the checkmark - you see it expand into the list of icons.
I'd still love if those icons/links were actually hidden in a popup and not removed altogether - they serve a nice discovery purpose for peoples' Github / FB / Twitter accounts and personal websites (inb4 privacy - this is already public info for HN users if you put a keybase proof in your profile, just usually requires extra two clicks to get to).
EDIT: just installed on mobile. Works great, but the clutter introduced by the icons is extra pronounced on the phone.
A popup will happen eventually, but that'll take a bit more development effort.
The as-a-dropdown-from-Keybase is probably the best solution.
That highly limited permission actually makes me more likely to install this.
For my Chrome extension, a change in the Airbnb URLs that it runs on caused a significant spike in uninstalls just because it probably scared people a bit. Not a huge deal or anything. Just wanted to share my experience with this stuff.
Requesting additional permissions without an explanation accompanying it can cause confusion, users may think that the request is unwarranted, or that there is something wrong with the extension. They may also decline it out of habit, given how extensions are auto-updated during the browser session, and the request seemingly pops out of nowhere.
See the version adoption for one of my extensions, 1.1.0 has requested additional permissions. This may be problematic when you are trying to deliver a critical update that requires new permissions.
Still very early stages, https://filigree.app if you'd like to check it out. Invite code kris-75c23bae7837 if you want to register.
Edit: quite a few people registered, so I'm deactivating that invite code.
Edit: The issue is intermittent and it seems to be about displaying badges after the first user on every page; the first user will have their badges displayed correctly while the rest mostly won't.
edit: damnit. now it's duplicating badges. That's what i get for trying to rush a fix.
Apart from that this is a great little extension. I especially like that it only asks for access to the sites it's known to work with, rather than blanket access.
E: It's very cluttered in this thread, for example . Also, in Chrome, a users' verified websites don't appear - they do in Firefox.
And yeah, I do want to get around to making it less cluttery in the interface, but that'll take more work.
Edit: v2.1 is live on the Chrome web store.
Now, I wonder how Keybase decides which services to allow verification through, and if they plan to expand the list further. I've already verified everything except cryptocurrency stuff, and there are couple more things I'd love to (like Mastodon).
If you dont define your own social branding you leave yourself a backdoor to trolls.
Just one feedback, if you can add a setting to increase the space between icons this would be very useful.
One thing: It looks like it shows the DNS badges on Twitter but not HN.
Also, +1 this is awesome.
@dang if you are here: HN should do this natively!
I think this is a better solution.
(Alternatively, anyone have a good guide on building my own safari extensions from a Firefox/Chrome extension? My two minutes of Googling yielded nothing useful.)
For instance, instead of having the Facebook icon appear by a user's Twitter name, couldn't a single icon show they're Proven for Twitter and link to their Keybase where I can see all their Proven identities, including Facebook?
But I guess you got to start somewhere.
Ah. I thought the logo itself meant its verified (like on twitter).
* I'm a dschep, sorry I don't work at keybase
* it's open source
* extensions are easy to unpack & view the source if you don't trust I'm not tampering the extension before upload
* I do no obfuscation of the JS, it's only 201 LOC
Surprised browsers plugin centers (stores?) don't let you just put your github repository and build your extension depending on a given branch (or tags) and then informs the user that the extension was directly pulled from GitHub or other version control sources (and provides a direct link) it would be a little more interesting.