Replying to Avatar Keysa - Simplest Bitcoin Edu

And in order to do this the receiver has to be online, right?
Avatar
SPA (Super Phat Arrow) 1y ago 💬 7

Not necessarily, if the token is tied to your public key, but it's a trade off, you need to trust the payer and the mint. Everything is a trade-off

nostr:nevent1qqsf2wk6wqv7khptp69s8gamegq55md883ag2p0wnr9qsrp5cdrzg5qppemhxue69uhkummn9ekx7mp0qgs9pk20ctv9srrg9vr354p03v0rrgsqkpggh2u45va77zz4mu5p6ccrqsqqqqqpkxxlvr

Reply to this note

Please Login to reply.

Discussion

Avatar
calle 1y ago

not the payer, just the mint

Avatar
SPA (Super Phat Arrow) 1y ago

How can you know that the payer isn't giving you a fake token?

Avatar
calle 1y ago

You check the DLEQ proof the payer includes in the token (which is a proof that the signature of the mint is correct):

https://github.com/cashubtc/nuts/blob/main/12.md

Avatar
calle 1y ago

Relevant section: Carol (another user) verifies DLEQ proof

Avatar
SPA (Super Phat Arrow) 1y ago

Avatar
calle 1y ago

it's a neat little trick. the DLEQ's original purpose was to prevent tagging by the mint but we noticed that it can also be used to make the signature publicly verifiable.

Avatar
/dev/fd0 1y ago 💬 1

Tokens tied to public keys can be used to censor individual users even without KYC.

Avatar
SPA (Super Phat Arrow) 1y ago

You could defeat this by using an ephemeral, one time use key pair for this transaction.

Avatar
/dev/fd0 1y ago

But some users lock it with their nostr keys.