Subnostr

We know the root pubkey because it's included in the delegate tag with the signature and event creation conditions.

The unsigned token is `nostr:delegation::` the "token" aka "root_signature" is `root_sign(sha256(unsigned_token))`

So basically you just sign a token that gives the permission to to create events on your behalf given some conditions (time limit, only certain kinds, etc)

balas 3y ago

and this process is handled internally right now by the issuer? so you need to input that token you received via other means? how is the token verification done?

Reply to this note

Please Login to reply.

Discussion

jb55 3y ago

anyone can verify the token by just checking the signature of sha256(nostr:delegation:publisher-key:conditions) against the pubkey in the delegation tag (which is the root key). also make sure the publisher-key is the pubkey of the nostr note.