does the protocol have some kind of macaroons or similar with expiry and such? i mean, obviously it must be something like this. but also at the same time, a signed event from a known key will be published without this or?
not important to answer these questions, hah. just wondering what level of sign activity is essential and unavoidable, obviously that has to be maintained if it is required.
It's pretty simple, basically just a challenge string that has to be signed in a particular way — no expiration or anything, because a relay can invalidate the session whenever they feel like it. In the future, I think it would be cool to authenticate with pubkeys other than your own (for example a single purpose pubkey exclusively used for holding a badge awarded by the relay admin). Lots of interesting possibilities.
ah, yeah, that is obviously going to need to be refined and expanded!
