Subnostr

Can the NWC strings not be kept on the user devices hashed and transmitted to relays?

I’m not sure what hashing it would do since that’s a one way function.

As I understand it all Zapple pay does it listen out in relays for a pubkey to send a certain react event referencing a note. When it sees that it uses the nwc string to initiate a zap on behalf of that wallet.

Those strings can be encrypted but the key to decrypt it would need to constantly be available making it a moot point.

The people using Zapple pay aren’t sending any other data for Zapple pay to handle (such as a key to decrypt the nwc string or anything).

Safest thing to do if worried is to run your own or if on Damus run that Nostr script to re-enable zap functionality.

Reply to this note

Please Login to reply.

Discussion

₿² 2y ago

Yeah ok how do I run either of those?

Steven Day 2y ago

Nostr script: https://main--comfy-gnome-e2067d.netlify.app/

₿² 2y ago

Hey nostr:npub13azv2cf3kd3xdzcwqxlgcudjg7r9nzak37usnn7h374lkpvd6rcq4k8m54 you’re using #zapple get in here what do you think of this?

doot 2y ago

i tried this but couldn’t get it to work for me, dunno why

₿² 2y ago

😑

₿² 2y ago

This is devastating news

₿² 2y ago

To click or not to click? That is the question nostr:npub13azv2cf3kd3xdzcwqxlgcudjg7r9nzak37usnn7h374lkpvd6rcq4k8m54

Steven Day 2y ago

Lol if you need some credibility here rather than running a script because a stranger on the Internet said so:

nostr:note1gjd2str0tfqvrcwdttskxkd52vmsagc477gsr858k0ug86nuj60qzn6uas

₿² 2y ago

TBH I don’t know nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s either 😆 it’s all good though at some point there has to be trust I would never get anything done if I always had to check everyone’s work.

Steven Day 2y ago

True and I’m just a nym. He’s a well known dev. I’d trust him over me! 😂

Steven Day 2y ago

Zapple pay backend.

https://github.com/benthecarman/zapple-pay-backend

₿² 2y ago

Nice TY 🙏🏻