Huge milestone: First demo of Nostr Web Services (NWS) bringing TCP to Nostr. With NWS, you can host any existing web application on Nostr without having to use DNS or even announce your public IP to the world, simply by sharing your service's npub (or nprofile).
Try it out the demo yourself. Here is a Cashu test mint running with NWS. Let's use curl to retrieve the mint's information. The request travels from your computer to the public NWS entry relay, then through nostr to the service's NWS exit relay. At the other end is a Cashu mint with HTTPS encryption.
```
curl -s -x socks5h://relay.8333.space:8882 https://nprofile1qqs8a8nk09fhrxylcd42haz8ev4cprhnk5egntvs0whafvaaxpk8plgpzemhxue69uhhyetvv9ujuwpnxvejuumsv93k2g6k9kr/v1/info --insecure | jq
```
I can't stress this enough: THE MINT RUNS BEHIND HTTPS!
The NWS entry relay can't read your traffic. It's encrypted. We can host public entry relays that can be used by anyone.
This means we can plug the entire internet to it 🌐.
Let's plug it into Cashu for now. Nutshell wallet supports socks5 proxies (that's how it uses Tor). By setting the public entry relay as the proxy, the wallet can now connect to a mint's npub/nprofile and communicate with it via NWS.
This is going to be so freaking cool. And it's going to be a lot more useful than just for Cashu. There are still bugs and issues that need to be ironed out but the code is coming out soon. Watch this space.
so theres a nostr based name resolution in the relay side? And you need to announce the relay that host the webapp (that most probably has his static ip)? That seems to reimplement dns on upper layer, doesnt go beyond it. Or I lost something?
If I correctly understood, I see two advantages here:
1) every npub can sign their own entry on the hash-table to be reachble without requiring third party dns-like trust.
2) ip static decorrelated from webapps for a better censorship resistance.
The current design is for internal "nostr services" only which doesn't need name resolution, the npub is the target.
In the next stage, it will allow connecting to the Internet at which point the DNS resolution at the entry node must probably be intercepted and replaced by the npub of the exit relay.
And how does the entry node know which relay hosts the npub service?
