Replying to Avatar Nice and Kind Vic

Do you use LNURL-Auth to login to any websites?

Why or why not?
Avatar
average_bitcoiner 2y ago

No. Money + identity = surveillance.

Don’t use your money to log in. Use nostr.

Reply to this note

Please Login to reply.

Discussion

Avatar
Nice and Kind Vic 2y ago

LNURL-Auth doesnt provide a common identity as its unique per domain. The tactics used to collate between sites from usage patterns and analytics still applies with a nostr plugin to login

Avatar
average_bitcoiner 2y ago

Is LN just the comms mechanism? Why include LN at all? Why not just some other server daemon?

Avatar
Nice and Kind Vic 2y ago

LNURL Auth spec is the protocol for how to do it but it involves signing and hashing from derived key based on the site domain and lightning private key. resulting pubkey and signature provided to site to be able to verify and consistently assume/prove same id when user coming back to that site

Avatar
Nice and Kind Vic 2y ago

i think something like amber for android could actually implement lnurl-auth on client if it hasnt already which would be a decent way to ensure separation from any funds to some extent

Avatar
average_bitcoiner 2y ago

🤔

Sounds neat but using the same keys for money and “other” is my hesitation/skepticism. Especially now that ppl have nostr keys which are a bit more less sensitive than money keys.

Sounds like you might be able to have a LN node with no funds and still use it?

Avatar
Nice and Kind Vic 2y ago

yes. no funds required