So basically the HTTPS encryption is based not on certificates but on nostr keys? Therefore the relay cannot see the content of the connection?
Huge milestone: First demo of Nostr Web Services (NWS) bringing TCP to Nostr. With NWS, you can host any existing web application on Nostr without having to use DNS or even announce your public IP to the world, simply by sharing your service's npub (or nprofile).
Try it out the demo yourself. Here is a Cashu test mint running with NWS. Let's use curl to retrieve the mint's information. The request travels from your computer to the public NWS entry relay, then through nostr to the service's NWS exit relay. At the other end is a Cashu mint with HTTPS encryption.
```
curl -s -x socks5h://relay.8333.space:8882 https://nprofile1qqs8a8nk09fhrxylcd42haz8ev4cprhnk5egntvs0whafvaaxpk8plgpzemhxue69uhhyetvv9ujuwpnxvejuumsv93k2g6k9kr/v1/info --insecure | jq
```
I can't stress this enough: THE MINT RUNS BEHIND HTTPS!
The NWS entry relay can't read your traffic. It's encrypted. We can host public entry relays that can be used by anyone.
This means we can plug the entire internet to it 🌐.
Let's plug it into Cashu for now. Nutshell wallet supports socks5 proxies (that's how it uses Tor). By setting the public entry relay as the proxy, the wallet can now connect to a mint's npub/nprofile and communicate with it via NWS.
This is going to be so freaking cool. And it's going to be a lot more useful than just for Cashu. There are still bugs and issues that need to be ironed out but the code is coming out soon. Watch this space.
Discussion
It's normal https based on SSL. Otherwise it wouldn't work with anything other than custom software.
So you still need to use certificates and be bound to certificate authorities, unless you use a self signed one and trust it?
So basically this is "only" (I mean it's a lot) an alternative way to reach a web site? And does the website still need to have a public IP or is the NWS component "pulling" the connection from the relay somehow?
