Thread

I heard you like ecash, so we used ecash to secure ecash mints. Blind authentication will allow mint operators to restrict the use of their mint to only registered users, while still providing them great privacy. This is one of the most-requested features for Cashu. image The spec is now open for discussion:
GitHub
NUT-21: Clear authentication โ€“ NUT-22: Blind authentication by callebtc ยท Pull Request #198 ยท cashubtc/nuts
These NUTs describe a blind authentication protocol that uses OAuth2.0 OpenID connect standards to limit access to their mint. Mint operators can r...

Replies (29)

I don't think this does what you want it to do, or am I missing something? Malory creates CAT. Malory presents CAT and mints BATs. Malory sends BAT to Eve. Eve presents BAT in her request for protected endpoint. Malory and Eve cannot rely on the mint to enforce double spending protections, but they can still copy and paste the BAT.
โ†ฉ replying to npub1x0yw...9t7k
We should explore decentralised identity here instead.
Decentralized Identifiers (DIDs) v1.0
Decentralized identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. A DID refers to any subject ...
 OpenID providers are centralised ID providers who devour any data we send to them. Let's try to avoid doing that. Unless, again, I am missing something.
Remember all the people who reposted or liked this note because they are clowns who support KYC and censorship.
calle's avatar calle
I heard you like ecash, so we used ecash to secure ecash mints. Blind authentication will allow mint operators to restrict the use of their mint to only registered users, while still providing them great privacy. This is one of the most-requested features for Cashu. image The spec is now open for discussion:
GitHub
NUT-21: Clear authentication โ€“ NUT-22: Blind authentication by callebtc ยท Pull Request #198 ยท cashubtc/nuts
These NUTs describe a blind authentication protocol that uses OAuth2.0 OpenID connect standards to limit access to their mint. Mint operators can r...
View quoted note →
โ†ฉ replying to npub1v6qj...nzyr
Imagine this: - you want to provide LN/ecash services to your family and friends -you don't want to know who is doing what payments, to offer them better privacy - You end up running an ecash mint - you don't want any rando to be able to use/abuse your mint - you need auth (preferably blinded) Also know this: - It's an optional spec - No one is forced to add auth to their mint - you are not forced to use a mint that implements auth Auth has a lot of drawbacks for ecash mints, but in some cases it is an absolute requirement
โ†ฉ replying to npub1cj6n...86t6
Corporations (custodians) will use it to get more users and it's an attack on self custody. A disrespect for the developers trying to improve self custody. Governments will use it to target other mints that do not comply. Even if optional, providing a tool built in the protocol shows the intent. It is possible for a pool initiator in to add such requirements for others who join the pool but they won't be part of joinstr protocol as it's not defined in the protocol. This also makes it easier to censor users and collect information that affects their privacy.