there is no specification for what "auth-required" applies nor "payment-required"

just another of the vague stupid things in the spec so far, these are blindspots that people who are being funded by grants don't recognise as important to business use cases (infrastructure i mean)

as a consequence i am getting comfortable with the reality that most nostr devs are isolated from reality and for my current task i've already done enough work to prepare the way for a access control management system, after we are done with the basics (access control is now off the board) then we'll seek more funding to actually develop a client that has some comprehension of "auth to read" and "auth to write" and teh "payment-required" stuff really can at this point be collapsed into subscription model, that is the simplest, lowest frequency way of engaging users to pay for infrastructure

and for business uses, this can be paid for separately, but tied to the user's identity, so there will be some kind of onboarding flow for this use case

but it's not one that anyone in the nostr dev community seems to be even peripherally interested in working on, which is pathetic, and i spit on them all