The mint does never store tokens, only wallets do. npub.cash acts as a wallet with LNURL capabilities.
nostr:nprofile1qyt8wumn8ghj7etyv4hzumn0wd68ytnvv9hxgtcpzemhxue69uhks6tnwshxummnw3ezumrpdejz7qgwwaehxw309ahx7uewd3hkctcpremhxue69uhkummnw3ez6ur4vgh8wetvd3hhyer9wghxuet59uq36amnwvaz7tmwdaehgu3wvf5hgcm0d9hx2u3wwdhkx6tpdshszyrhwden5te0dehhxarj9ekk7mf0qy2hwumn8ghj7mn0wd68ytn00p68ytnyv4mz7qghwaehxw309aex2mrp0yhrq7rrdpshgtnrdakj7qg4waehxw309aex2mrp0yhxgctdw4eju6t09uq3wamnwvaz7tmjv4kxz7fwdehhxarj9e3xzmny9uq3wamnwvaz7tmjv4kxz7fwwpexjmtpdshxuet59uq3samnwvaz7tmjv4kxz7fwwd5kzmtnw3ezucm0d5hszxthwden5te0wfjkccte9eekummjwsh8xmmrd9skctcppemhxue69uhhjctzw5hx6ef0qqs9pk20ctv9srrg9vr354p03v0rrgsqkpggh2u45va77zz4mu5p6cczutgzr for your npub.cash implementation, how come we need to store the tokens with the server instead of at the mint where the recipient wallet can query with their p2pk when they come online? I'm still wrapping my head around all the ins and outs of Cashu.
Discussion
The server acts on behalf of the client though right? The wallet has to make a request to the server to claim the tokens once the invoice is fulfilled? I’m trying to do something similar to what you did with npub.cash and make it so users can sign up for a [username]@westernbtc.com by also submitting this p2pk. What I’m hearing from you is that I’d need to implement something in the wallet to claim these tokens when the wallet wakes up?
Correct! What's easier to do is to not mint the tokens on the server though but to create a mint quote that the user can then mint when they come online. That way the server wouldn't have to store any proofs.
You can use NUT-20 to lock a mint quote to a user key so the server can't rug it: https://cashubtc.github.io/nuts/20/
npub.cash is transitioning to this model
> lock a mint quote to a user key so the server can't rug it
That was something I felt uneasy about when I was following this process. Glad to hear this is changing.
Another question. If they want to use LUD16 with https://westernbtc.com, I would still need a static public key from them. Would they just update this whenever they don't want mints to be linked together? And as far as not being able to rug them with the quote id for the mint, is there information in the memo of the lightning invoice the payer would need to verify? Or am I supposed to send back more information for that purpose?