If a relay published a white list as a bloom filter, is it possible for clients to prove their user is inside of the list without revealing the pubkey to the relay?
It would be nice to evolve nip42 auth in a way that doesn't require exposing the user signing in.
Should be possible using ring signatures, I'd tell you more if I had any idea what I was talking about π€£
Maybe we can have a whole debate in these replies if we just pretend to know how ring signatures work π
I had an idea to ask the relays for an id and the answers from Alice Bob and Carol is something like that possible?
In cashu, you can use your public key to get an "Auth token", but it's blinded
Therefore, when you log in later, the server can't link the token to any particular pubkey
And, if the user requests multiple tokens in advance and uses a separate token for each session, then those sessions can't be linked to each other
a bloom filter would allow you to assert a pk is definitely NOT in the set.
you cant prove itβs in the set due to false positives
Yes.
