Featured
Following
Wish I could encode emojis in eNuts.
😅
Thank you grandpa for the recipe -
Rice
Butter
Peas
Steaksauce
I miss you.
🫂💜
This is how OTP on npub.cash looks like:
1. Request an OTP via the API
2. Get the OTP from your nostr DM
3. Request an auth token by redeeming the OTP via the API
4. Interact with protected endpoints using the auth token
OTP login coming to npub.cash 🔥
GM nostr! What are you having for breakfast? 🍳
The present is eternally lacking 🔥
It is. Just like having FOSS wallet software
My wife told me that I live in a bubble. When I asked why she thinks that, she pointed out that my bookshelf is Bitcoin, Jordan Peterson and software books to one third each 🤷🏼♂️
One of my primary goals for the next iteration of npub.cash is to make authorization simpler, while keeping a high level of security.
The new version no longer relies on NIP-98 alone but on a mix of NIP-98 and JWTs. Most of the protected endpoints can be accessed by providing a valid auth token. This token can be obtained by providing a valid NIP-98 event ONCE. At the same time, all endpoints still accept valid NIP-98 headers instead of the JWT (this is great for apps that have full access to nsecs).
By default withdrawing is not possible using a JWT. However, users can opt-in to withdrawals using JWTs by signaling this when acquiring their auth token using NIP-98.
This keeps things secure, while at the same time reducing NIP-07 friction a lot. Reduced NIP-07 friction equals higher security as it makes sure users are not bullied into insecure default settings for their signers.
Finally, this opens up the possibility of OTP logins via nostr DMs. Instead of obtaining a JWT using NIP-98, users can get one by providing an OTP that the service sends via a secure nostr DM. I am still figuring out the best defaults for this, but I think the best way would be to require a second OTP on withdrawals.
People fail to understand how important patience is…
100,000 x 1,2^20 = 3,833,760
P2P is beautiful. What the fuck is a Satoshi Test?!
What are the things you want to see in a v2 of npub.cash?
Hi nostr,
What are your favourite affordable sneakers?
- available in EU
- maximal bang for the buck
The latest RC of cashu-ts introduces the concept of Factories. A Factory is a function that lets developers take control over how Cashu outputs will be generated by cashu-ts.
Consumers can also define a "default" factory that is going to be used for all outputs that are considered "keep" outputs (mints + melt / swap change). This paves the way for much easier state management and WAY less code.
In this very simplistic example I show how a simple closure can be used to make sure that all the proofs generated are derived from a seed phrase, while outsourcing the counter management to the factory
- Released cashu-ts v2.2.0-rc3
- Had a massive steak
Today is massive steak day 🥩
📣 Looking for the bravest of the brave
We have just released a new RC of cashu-ts v2.2. This is an experimental canary release, including the output of our revamped build pipeline and the new OutputData / Factory patterns.
While the API is non-breaking, these changes are considered experimental and require some field testing. Therefore, we would highly appreciate any brave testers who would go ahead and take the RC for a test ride. What would be most interesting is whether the new build output can be plugged into existing projects without breaking anything.
This version includes:
New build pipeline (dropped ES5, targeting ES2020)
Custom Output Data
Output Factories
Binary Token En/Decoding
Modern P2PK (locktime, refund keys)
DX:
Migrated to modern TypeScript
Changed bundler to vite
Changed Testing to vitest
Added browser testing using Playwright
Thanks to the new build pipeline we will also be offering a standalone build, available for projects that prefer loading cashu-ts from a script tag, rather than using a bundler. This will be released in a couple of hours
The „Updating nutzap-redemption history“ part of NIP-61 seems to suggestiv that NutZaps can only be claimed into a nutsack wallet. As a kind:7376 event expects to point to a new token event ID. Is that right?
LOAD OLDER THREADS
CANCEL
SEND