Allow non-members to publish zap receipts for members #197

Merged

raucao merged 12 commits from feature/strfry_zap_receipts into master 2024-06-22 17:52:03 +00:00

Conversation 5 Commits 12 Files Changed 13 +354 -22

raucao commented 2024-06-19 13:53:05 +00:00

Owner

Copy Link

Only members can publish events to our relay. But if we zap someone, we want their Lightning account server to be able to post a receipt back to our relay.

Only members can publish events to our relay. But if we zap someone, we want their Lightning account server to be able to post a receipt back to our relay.

raucao added the

kredits-2

integration

nostr

labels 2024-06-19 13:53:05 +00:00

raucao added 2 commits 2024-06-19 13:53:05 +00:00

Improve strfry extras usage 0e472bc311

Allow non-members to publish zap receipts for members 0daac33915

raucao requested review from bumi 2024-06-19 13:53:09 +00:00

raucao added 1 commit 2024-06-19 13:57:10 +00:00

Remove obsolete variable 00b73b06d7

raucao added the

feature

label 2024-06-19 22:24:56 +00:00

raucao added

kredits-1

and removed

kredits-2

labels 2024-06-19 23:07:23 +00:00

raucao added a new dependency 2024-06-20 09:55:29 +00:00

#198 Add support for integrated Nostr relay service

raucao removed a dependency 2024-06-20 09:55:35 +00:00

#198 Add support for integrated Nostr relay service

raucao added a new dependency 2024-06-20 09:57:08 +00:00

#198 Add support for integrated Nostr relay service

raucao referenced this pull request 2024-06-20 14:33:27 +00:00

Add support for integrated Nostr relay service #198

bumi approved these changes 2024-06-22 16:58:08 +00:00

bumi left a comment

Owner

Copy Link

smart way of doing this!

smart way of doing this!

bumi commented 2024-06-22 17:24:28 +00:00

Owner

Copy Link

but actually shouldn't we also check if the payer AND the recipient are kosmos members?

but actually shouldn't we also check if the payer AND the recipient are kosmos members?

raucao commented 2024-06-22 17:47:58 +00:00

Author

Owner

Copy Link

smart way of doing this!

Thanks!

but actually shouldn't we also check if the payer AND the recipient are kosmos members?

The point of this is that the recipient doesn't have to be a member. When we zap a non-member, we want their server to be able to post a receipt to our relay, as requested by our nostr clients already, so that we reliably (and quickly) see our outgoing zaps everywhere.

However, I did miss two more validation steps that would make this a tad more efficient for clients:

1. The zap receipt event's pubkey MUST be the same as the recipient's lnurl provider's nostrPubkey (retrieved in step 1 of the protocol flow).
2. The invoiceAmount contained in the bolt11 tag of the zap receipt MUST equal the amount tag of the zap request (if present).

These help with other people sending forged receipts to our relay, but clients are already required to do these validations themselves. So it would only prevent publishing the fake to our relay, in addition to clients ignoring it.

> smart way of doing this! Thanks! > but actually shouldn't we also check if the payer AND the recipient are kosmos members? The point of this is that the recipient doesn't have to be a member. When we zap a non-member, we want their server to be able to post a receipt to our relay, as requested by our nostr clients already, so that we reliably (and quickly) see our outgoing zaps everywhere. However, I did miss two more validation steps that would make this a tad more efficient for clients: 1. The zap receipt event's pubkey MUST be the same as the recipient's lnurl provider's nostrPubkey (retrieved in step 1 of the protocol flow). 2. The invoiceAmount contained in the bolt11 tag of the zap receipt MUST equal the amount tag of the zap request (if present). These help with other people sending forged receipts to our relay, but clients are already required to do these validations themselves. So it would only prevent publishing the fake to our relay, in addition to clients ignoring it.

raucao added 9 commits 2024-06-22 17:51:45 +00:00

Add global setting for own nostr relay 926dc06294

Add own relay to NIP-05 relay list if configured 87d900b627

Publish zap receipts to own relay in addition to requested ones cbfa148051

Consistent formatting 7ac3130c18

Support "_" placeholder username for domain's own NIP-05 48ab96dda9

Fix exception for NIP-05 JSON of "_" with relay configured f401a03590

Add pubkey whitelist to strfry policy ... 01ecea74ff

And allow the local akkounts instance to publish on the local relay

Check in deno lockfile 37c15c7a62

Merge pull request 'Add support for integrated Nostr relay service' (#198) from feature/own_relay into feature/strfry_zap_receipts ... 2e9429bb32

Reviewed-on: #198
Reviewed-by: bumi <bumi@noreply.kosmos.org>

raucao merged commit daed5c1eea into master 2024-06-22 17:52:03 +00:00

raucao deleted branch feature/strfry_zap_receipts 2024-06-22 17:52:04 +00:00

raucao referenced this issue from a commit 2024-06-22 17:52:05 +00:00

Merge pull request 'Allow non-members to publish zap receipts for members' (#197) from feature/strfry_zap_receipts into master

bumi commented 2024-06-22 17:55:03 +00:00

Owner

Copy Link

but if I have my kosmos address configured, don't I want to also have the zaps on my events on the kosmos relay?

but if I have my kosmos address configured, don't I want to also have the zaps on my events on the kosmos relay?

raucao commented 2024-06-22 18:43:32 +00:00

Author

Owner

Copy Link

Ah yes, that was part of #198: https://gitea.kosmos.org/kosmos/akkounts/pulls/198/files#diff-8ddde7434958e8a4b52ba499db984d392bdb06c8

Thanks, I'll factor that in if I add more validations.

Ah yes, that was part of #198: https://gitea.kosmos.org/kosmos/akkounts/pulls/198/files#diff-8ddde7434958e8a4b52ba499db984d392bdb06c8 Thanks, I'll factor that in if I add more validations.

Sign in to join this conversation.

Reviewers

No Reviewers

bumi

Labels

Clear labels

integration

btcpay

integration

discourse

integration

ejabberd

integration

email

integration

ldap

integration

lndhub

integration

mastodon

integration

nostr

integration

remotestorage

bug

Something is not working

design

Graphic/visual design

dev environment

Config, builds, CI, deployment, etc.

docs

Documentation

duplicate

This issue or pull request already exists

enhancement

Improving existing functionality

feature

New functionality

good first issue

Dive in, and start contributing

idea

Something to consider

invalid

Not a bug

kredits-1

Small contribution

kredits-2

Medium contribution

kredits-3

Large contribution

on hold

Currently not actionable

ops

Manual IT ops activities

question

Looking for an answer

release

major

release

minor

release

patch

security

All your base are belong to us

ui/ux

User interface, process design, etc.

wontfix

This won't be fixed

No Label

integration

nostr

feature

kredits-1

Milestone

No items

No Milestone

Assignees

Clear assignees

bkero bumi fsmanuel galfert greg hueso raucao slvrbckt

No Assignees

2 Participants

Notifications

Subscribe

Due Date

No due date set.

Depends on

#198 Add support for integrated Nostr relay service

kosmos/akkounts

Reference: kosmos/akkounts#197

No description provided.