How can you know that the payer isn't giving you a fake token?
You check the DLEQ proof the payer includes in the token (which is a proof that the signature of the mint is correct):
https://github.com/cashubtc/nuts/blob/main/12.md
Please Login to reply.
Relevant section: Carol (another user) verifies DLEQ proof
it's a neat little trick. the DLEQ's original purpose was to prevent tagging by the mint but we noticed that it can also be used to make the signature publicly verifiable.
