nips/26.md

NIP: 26
=======

Delegated Event Signing
-----

`draft` `optional` `author:markharding` `author:minds`

This NIP defines how events can be delegated so that they can be signed by other keypairs.

Another application of this proposal is to abstract away the use of the 'root' keypairs when interacting with clients. For example, a user could generate new keypairs for each client they wish to use and authorize those keypairs to generate events on behalf of their root pubkey, where the root keypair is stored in cold storage. 

#### Introducing the 'delegation' tag

This NIP introduces a new tag: `delegation` which is formatted as follows:

```json
[
  "delegation",
  <pubkey of the delegator>,
  <conditions query string>,
  <64-bytes schnorr signature of the sha256 hash of the delegation token>
]
```

##### Delegation Token

The **delegation token** should be a 64-bytes schnorr signature of the sha256 hash of the following string:

```
nostr:delegation:<pubkey of publisher (delegatee)>:<conditions query string>
```

For example, the token `c33c88ba78ec3c760e49db591ac5f7b129e3887c8af7729795e85a0588007e5ac89b46549232d8f918eefd73e726cb450135314bfda419c030d0b6affe401ec1` is signed by `86f0689bd48dcd19c67a19d994f938ee34f251d8c39976290955ff585f2db42e` and consists of:

```json
nostr:delegation:62903b1ff41559daf9ee98ef1ae67cc52f301bb5ce26d14baba3052f649c3f49:kind=1&created_at>1640995200
```

#### Example

Below is an example of an event published by `62903b1ff41559daf9ee98ef1ae67cc52f301bb5ce26d14baba3052f649c3f49`, on behalf of `86f0689bd48dcd19c67a19d994f938ee34f251d8c39976290955ff585f2db42e`.

```json
{
  "id": "a080fd288b60ac2225ff2e2d815291bd730911e583e177302cc949a15dc2b2dc",
  "pubkey": "62903b1ff41559daf9ee98ef1ae67cc52f301bb5ce26d14baba3052f649c3f49",
  "created_at": 1660896109,
  "kind": 1,
  "tags": [
    [
      "delegation",
      "86f0689bd48dcd19c67a19d994f938ee34f251d8c39976290955ff585f2db42e",
      "kind=1&created_at>1640995200",
      "c33c88ba78ec3c760e49db591ac5f7b129e3887c8af7729795e85a0588007e5ac89b46549232d8f918eefd73e726cb450135314bfda419c030d0b6affe401ec1"
    ]
  ],
  "content": "Hello world",
  "sig": "cd4a3cd20dc61dcbc98324de561a07fd23b3d9702115920c0814b5fb822cc5b7c5bcdaf3fa326d24ed50c5b9c8214d66c75bae34e3a84c25e4d122afccb66eb6"
}
```


#### Relay & Client Querying Support

Relays should answer requests such as `["REQ", "", {"authors": ["A"]}]` by querying both the `pubkey` and delegation tags `[1]` value.
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00			`NIP: 26`
			`=======`

			`Delegated Event Signing`
			`-----`

Changes based on feedback 2022-08-24 08:24:50 -04:00			`draft` `optional` `author:markharding` `author:minds`
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00
Changes based on feedback 2022-08-24 08:24:50 -04:00			`This NIP defines how events can be delegated so that they can be signed by other keypairs.`
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00
			`Another application of this proposal is to abstract away the use of the 'root' keypairs when interacting with clients. For example, a user could generate new keypairs for each client they wish to use and authorize those keypairs to generate events on behalf of their root pubkey, where the root keypair is stored in cold storage.`

Changes based on feedback 2022-08-24 08:24:50 -04:00			`#### Introducing the 'delegation' tag`
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00
Changes based on feedback 2022-08-24 08:24:50 -04:00			This NIP introduces a new tag: `delegation` which is formatted as follows:
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00
			```json
			`[`
Changes based on feedback 2022-08-24 08:24:50 -04:00			`"delegation",`
			`<pubkey of the delegator>,`
			`<conditions query string>,`
			`<64-bytes schnorr signature of the sha256 hash of the delegation token>`
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00			`]`
			```

Changes based on feedback 2022-08-24 08:24:50 -04:00			`##### Delegation Token`
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00
Changes based on feedback 2022-08-24 08:24:50 -04:00			`The delegation token should be a 64-bytes schnorr signature of the sha256 hash of the following string:`
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00
Changes based on feedback 2022-08-24 08:24:50 -04:00			```
			`nostr:delegation:<pubkey of publisher (delegatee)>:<conditions query string>`
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00			```

Changes based on feedback 2022-08-24 08:24:50 -04:00			For example, the token `c33c88ba78ec3c760e49db591ac5f7b129e3887c8af7729795e85a0588007e5ac89b46549232d8f918eefd73e726cb450135314bfda419c030d0b6affe401ec1` is signed by `86f0689bd48dcd19c67a19d994f938ee34f251d8c39976290955ff585f2db42e` and consists of:
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00
			```json
Changes based on feedback 2022-08-24 08:24:50 -04:00			`nostr:delegation:62903b1ff41559daf9ee98ef1ae67cc52f301bb5ce26d14baba3052f649c3f49:kind=1&created_at>1640995200`
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00			```

			`#### Example`

			Below is an example of an event published by `62903b1ff41559daf9ee98ef1ae67cc52f301bb5ce26d14baba3052f649c3f49`, on behalf of `86f0689bd48dcd19c67a19d994f938ee34f251d8c39976290955ff585f2db42e`.

			```json
			`{`
Changes based on feedback 2022-08-24 08:24:50 -04:00			`"id": "a080fd288b60ac2225ff2e2d815291bd730911e583e177302cc949a15dc2b2dc",`
			`"pubkey": "62903b1ff41559daf9ee98ef1ae67cc52f301bb5ce26d14baba3052f649c3f49",`
			`"created_at": 1660896109,`
			`"kind": 1,`
			`"tags": [`
			`[`
			`"delegation",`
			`"86f0689bd48dcd19c67a19d994f938ee34f251d8c39976290955ff585f2db42e",`
			`"kind=1&created_at>1640995200",`
			`"c33c88ba78ec3c760e49db591ac5f7b129e3887c8af7729795e85a0588007e5ac89b46549232d8f918eefd73e726cb450135314bfda419c030d0b6affe401ec1"`
			`]`
			`],`
			`"content": "Hello world",`
			`"sig": "cd4a3cd20dc61dcbc98324de561a07fd23b3d9702115920c0814b5fb822cc5b7c5bcdaf3fa326d24ed50c5b9c8214d66c75bae34e3a84c25e4d122afccb66eb6"`
First draft of Delegated Event Signing 2022-08-04 04:33:38 -04:00			`}`
			```

Changes based on feedback 2022-08-24 08:24:50 -04:00
			`#### Relay & Client Querying Support`

			Relays should answer requests such as `["REQ", "", {"authors": ["A"]}]` by querying both the `pubkey` and delegation tags `[1]` value.