Nostr Web Client

mint sounds super interesting, what did you learn?

A lot. All keys are birthed inside the enclave, and you need an on-chain smart contract to manage how the keys come out and to whom (if ever, they can also just stay in there unknown to all humans). Once they keys are out and knowable to a human being then the enclave has to self-destruct in essence, because then the pending tokens are unknowable and there's no point of having it in the enclave anymore.

And the smart contract also governs who can attest what from the mint's database while the mint is live in the enclave.

The thing is that to run an enclave governed by a smart contract you need a blockchain that is designed to connect to enclaves, meaning the chain's node has to be of an SPV type that can actually run inside an enclave and has enough stuff pre-loaded to prevent the success of any attempt at injecting forged data via the vsock. You can do this, but not with the Bitcoin chain. Also there are all-in-one chain+TEE combos that use intel SGX enclaves out of the box.

Nostr tends to get touchy when you use a chain that isn't Bitcoin so not sure how all this would fly here. But you can't not have a smart contract in the mix, and that smart contract can't be on Bitcoin unless you preform some very ridiculous ZK proof gymnastics which why would you do that given that chains exist that were purpose-engineered for this exact kind of thing.

Reply to this note

Please Login to reply.

Discussion

calle 3mo ago 💬 3

that sounds insane and extremely interesting. when you say mint, do you mean an actual Cashu mint? If yes, why on earth do I hear about this only now and just by accident holy moly 😆

Garbage nsec 3mo ago 💬 1

Yeah an actual Cashu mint.

The results is mint the code of which you or anyone can attest and the database of which you or anyone can also attest, as long as you trust AWS and their hypervisor. Or Intel and their chip design, whatever path you go.

But again, if you pull the keys out the mint self-destructs, Mission Impossible style.

I really dunno why enclaves aren't more widespread in the nostr zeitgeist. nostr:npub1xdtducdnjerex88gkg2qk2atsdlqsyxqaag4h05jmcpyspqt30wscmntxy has been doing a lot of really interesting work on the enclave side for signers. Maybe because it means some reliance on AWS or Intel for the attestation? For me Nostr relies on DNS anyway so not a big deal, but for others I dunno.

calle 3mo ago 💬 1

I freaking love this and I want to learn everything about it please. We've been thinking about this forever and it's amazing to hear that you've done the work and tried it out. I have so many questions. Is there any code you can share? Can we get on a call so I can ask you a ton of questions?

Garbage nsec 3mo ago

Yeah sure, I'll figure out this matrix and message you there.

Leito 3mo ago 💬 3

I would love to see the code. Is it public?

47 3mo ago 💬 1

I had to read up on secure enclaves.. this was helpful for the left of the bell curve https://www.oblivious.com/blog/so-what-exactly-are-aws-nitro-enclaves

Garbage nsec 3mo ago

Yeah Enclaves are great. The solve so many problems for Nostr.

But they're expensive!

Garbage nsec 3mo ago

Nothing so organised I'm afraid. Full heretical disclosure, we (me and small team here in Southeast Asia) are mostly researching Cashu for last-mile payments for regional stablecoins in Asia and this enclave stuff is part of some dabbling around while waiting for the native-taproot rails on lightning to settle in.

Also there's the need to use other chains for the smart contracts that orchestrate the mint enclaves, and I'm a bit wary of bringing that topic to nostr here. (You can do this in an enclave-only scenario without on-chain smart contracts to orchestrate, but then it becomes hard to scale.)

I'll put together a summary though if people are interested.

calle 3mo ago 💬 1

Very interested. Can you please share the process of setting up such a mint, which service you used, etc? Or does it just work?

Garbage nsec 3mo ago

Sure, also just joined this Cashu research group on telegram.

Technical Debt 3mo ago 💬 1

I don’t think it’s fair game to say nostr relies on DNS.

It’s not like matrix, activity pub and all that federated crap where identities are tied to server names.

We just happen to connect with relays to send and fetch notes, that more often than not do have a DNS.

And we have people building P2P experiments with nostr, which further proves the point.

Garbage nsec 3mo ago 💬 1

What I mean is that every nostr relay and media server is on an ICANN domain, so without connecting to ICANN DNS nothing on Nostr works.

Technical Debt 3mo ago 💬 1

Unless you’re on Damus android pulling notes from nearby peers, or connecting to a tor relay or…

My point is nostr doesn’t halt without DNS, contrary to other protocols which tie DNS into user accounts.

Garbage nsec 3mo ago

Fair enough, I've not yet looked into whatever Damus Android is doing.

Fabio Bonfiglio 3mo ago 💬 1

What about using RGB for the smart contract ?

https://rgb.tech/

Garbage nsec 3mo ago

That would be the ZK proof gymnastics. I mean as a pure cryptographic feat RGB is pretty stunning. But the whole thing is essentially a patch for compute holes in Bitcoin, and it's heavily offline.

Whereas if you just use a blockchain purpose built for Turing-complete smart contracts and ultralight resolvers that can run in enclaves then everything is so much easier and so much more useful for everyone involved in preserving the Cashu mint's integrity.

The only thing Bitcoin has in its favour in this scenario is security, but it's not as if these other chains are going to cease to exist or be 51% attacked to oblivion any time before our teeth all fall out.

brugeman 3mo ago

Tell me more on why blockchain is needed? To set policies for how to get the keys out? Why would you want the keys out?