This is beautiful 🔥💜

This is how OTP on npub.cash looks like: 1. Request an OTP via the API 2. Get the OTP from your nostr DM 3. Request an auth token by redeeming the OTP via the API 4. Interact with protected endpoints using the auth token

OTP login coming to npub.cash 🔥

GM nostr! What are you having for breakfast? 🍳

The present is eternally lacking 🔥

It is. Just like having FOSS wallet software View quoted note →

My wife told me that I live in a bubble. When I asked why she thinks that, she pointed out that my bookshelf is Bitcoin, Jordan Peterson and software books to one third each 🤷🏼‍♂️

One of my primary goals for the next iteration of npub.cash is to make authorization simpler, while keeping a high level of security. The new version no longer relies on NIP-98 alone but on a mix of NIP-98 and JWTs. Most of the protected endpoints can be accessed by providing a valid auth token. This token can be obtained by providing a valid NIP-98 event ONCE. At the same time, all endpoints still accept valid NIP-98 headers instead of the JWT (this is great for apps that have full access to nsecs). By default withdrawing is not possible using a JWT. However, users can opt-in to withdrawals using JWTs by signaling this when acquiring their auth token using NIP-98. This keeps things secure, while at the same time reducing NIP-07 friction a lot. Reduced NIP-07 friction equals higher security as it makes sure users are not bullied into insecure default settings for their signers. Finally, this opens up the possibility of OTP logins via nostr DMs. Instead of obtaining a JWT using NIP-98, users can get one by providing an OTP that the service sends via a secure nostr DM. I am still figuring out the best defaults for this, but I think the best way would be to require a second OTP on withdrawals.

People fail to understand how important patience is… 100,000 x 1,2^20 = 3,833,760

P2P is beautiful. What the fuck is a Satoshi Test?!

Happy new year 💜

What are the things you want to see in a v2 of npub.cash?

Hi nostr, What are your favourite affordable sneakers? - available in EU - maximal bang for the buck

The latest RC of cashu-ts introduces the concept of Factories. A Factory is a function that lets developers take control over how Cashu outputs will be generated by cashu-ts. Consumers can also define a "default" factory that is going to be used for all outputs that are considered "keep" outputs (mints + melt / swap change). This paves the way for much easier state management and WAY less code. In this very simplistic example I show how a simple closure can be used to make sure that all the proofs generated are derived from a seed phrase, while outsourcing the counter management to the factory

- Released cashu-ts v2.2.0-rc3 - Had a massive steak Today was a good day 🫡

Today is massive steak day 🥩

📣 Looking for the bravest of the brave We have just released a new RC of cashu-ts v2.2. This is an experimental canary release, including the output of our revamped build pipeline and the new OutputData / Factory patterns. While the API is non-breaking, these changes are considered experimental and require some field testing. Therefore, we would highly appreciate any brave testers who would go ahead and take the RC for a test ride. What would be most interesting is whether the new build output can be plugged into existing projects without breaking anything. This version includes: New build pipeline (dropped ES5, targeting ES2020) Custom Output Data Output Factories Binary Token En/Decoding Modern P2PK (locktime, refund keys) DX: Migrated to modern TypeScript Changed bundler to vite Changed Testing to vitest Added browser testing using Playwright Thanks to the new build pipeline we will also be offering a standalone build, available for projects that prefer loading cashu-ts from a script tag, rather than using a bundler. This will be released in a couple of hours https://www.npmjs.com/package/@cashu/cashu-ts/v/2.2.0-rc3

The „Updating nutzap-redemption history“ part of NIP-61 seems to suggestiv that NutZaps can only be claimed into a nutsack wallet. As a kind:7376 event expects to point to a new token event ID. Is that right? Cc @PABLOF7z

Pull Request Looking For Reviewers! ⚠️ The big CustomOutput PR, that has been cooking for 3 weeks, is now finally ready (and looking) for review ⚠️
I would really appreciate everyones help on this one

GitHub

Restructured blinding + custom messages + keep vectors by Egge21M · Pull Request #218 · cashubtc/cashu-ts

Description This PR addresses a couple of things that were discussed in the past: Sorted outputs when swapping, as well as custom outputs. I always...

I can finally empty my nutsack 🙃 View quoted note →