Nostr Web Client

Question: What if a user of a mint that requires authentication sends ecash to another user who's not part of the mint?

Answer: You will be able to send the ecash together with an access token that allows the receiver to withdraw the ecash to their Lightning wallet – but that user will not be able to "join" the mint.

steepdawn974 11mo ago

Why would the mint allow that/issue such an access token??

It would bypass their very own security rule, in that only users who signed up for their mint should be able to use that mint.

Reply to this note

Please Login to reply.

Discussion

calle 11mo ago

it can't be prevented

steepdawn974 11mo ago

Sure.

- Short lived tokens

- ban auth attempts from the same token from different IP

steepdawn974 11mo ago

+2FA