Damn now I really have to implement wallet connect into Ligess.
Discussion
Yaaaaas!
That requires the admin macaroon on a service that is exposed to the internet, so securitywise I don't think it's the best idea.
The lightning node is exposed to the internet, so 🤷
But I'm planning to add spending caps, so it can't get drained. Basically its giving all apps that can sign events spending power, which is a bigger risk imo.
Yeah but it changes the security model of what was before just in lnurl webapp with invoice permissions.
Alby's nostr-wallet-connect implementation uses the admin macaroon but it's not associated with a public webserver, it simply talks to nostr relays.
I much likely won't integrate it in nostdress as it requires admin keys and you don't want to enter these on potentially somebody's webserver. Ligess works for a single user so it's fine to use the admin key.
I did help a bit with Albys nwc app tho. I'm also hosting a slightly modified version that supports Lnd and additionally LNbits.
Ok makes sense, would get quite a big honeypot with a admin macaroon db