diff --git a/01.md b/01.md index 80bc3997..058be493 100644 --- a/01.md +++ b/01.md @@ -107,3 +107,4 @@ A relay may choose to treat different message kinds differently, and it may or m - Clients should not open more than one websocket to each relay. One channel can support an unlimited number of subscriptions, so clients should do that. - The `tags` array can store a tag identifier as the first element of each subarray, plus arbitrary information afterward (always as strings). This NIP defines `"p"` --- meaning "pubkey", which points to a pubkey of someone that is referred to in the event ---, and `"e"` --- meaning "event", which points to the id of an event this event is quoting, replying to or referring to somehow. See [NIP-10](https://github.com/nostr-protocol/nips/blob/127d5518bfa9a4e4e7510490c0b8d95e342dfa4b/10.md) for a detailed description of "e" and "p" tags. - The `` item present on the `"e"` and `"p"` tags is an optional (could be set to `""`) URL of a relay the client could attempt to connect to fetch the tagged event or other events from a tagged profile. It MAY be ignored, but it exists to increase censorship resistance and make the spread of relay addresses more seamless across clients. +- Clients should use the created_at field to judge the age of a metadata event and completely replace older metadata events with newer metadata events regardless of the order in which they arrive. Clients should not merge any filled fields within older metadata events into empty fields of newer metadata events. diff --git a/11.md b/11.md index f5de2370..797906f3 100644 --- a/11.md +++ b/11.md @@ -65,18 +65,18 @@ are rejected or fail immediately. ```json { ... - limitation: { - max_message_length: 16384, - max_subscriptions: 20, - max_filters: 100, - max_limit: 5000, - max_subid_length: 100, - min_prefix: 4, - max_event_tags: 100, - max_content_length: 8196, - min_pow_difficulty: 30, - auth_required: true, - payment_required: true, + "limitation": { + "max_message_length": 16384, + "max_subscriptions": 20, + "max_filters": 100, + "max_limit": 5000, + "max_subid_length": 100, + "min_prefix": 4, + "max_event_tags": 100, + "max_content_length": 8196, + "min_pow_difficulty": 30, + "auth_required": true, + "payment_required": true, } ... } @@ -137,11 +137,11 @@ all, and preferably an error will be provided when those are received. ```json { ... - retention: [ - { kinds: [0, 1, [5, 7], [40, 49]], time: 3600 }, - { kinds: [[40000, 49999], time: 100 }, - { kinds: [[30000, 39999], count: 1000 }, - { time: 3600, count: 10000 } + "retention": [ + { "kinds": [0, 1, [5, 7], [40, 49]], "time": 3600 }, + { "kinds": [[40000, 49999]], "time": 100 }, + { "kinds": [[30000, 39999]], "count": 1000 }, + { "time": 3600, "count": 10000 } ] ... } @@ -150,7 +150,7 @@ all, and preferably an error will be provided when those are received. `retention` is a list of specifications: each will apply to either all kinds, or a subset of kinds. Ranges may be specified for the kind field as a tuple of inclusive start and end values. Events of indicated kind (or all) are then limited to a `count` -and or time period. +and/or time period. It is possible to effectively blacklist Nostr-based protocols that rely on a specific `kind` number, by giving a retention time of zero for those `kind` values. @@ -170,8 +170,8 @@ It is not possible to describe the limitations of each country's laws and policies which themselves are typically vague and constantly shifting. Therefore, this field allows the relay operator to indicate which -country's' laws might end up being enforced on them, and then -indirectly on their users's content. +countries' laws might end up being enforced on them, and then +indirectly on their users' content. Users should be able to avoid relays in countries they don't like, and/or select relays in more favourable zones. Exposing this @@ -180,7 +180,7 @@ flexibility is up to the client software. ```json { ... - relay_countries: [ 'CA', 'US' ], + "relay_countries": [ "CA", "US" ], ... } ``` @@ -202,9 +202,9 @@ To support this goal, relays MAY specify some of the following values. ```json { ... - language_tags: [ 'en', 'en-419' ], - tags: [ 'sfw-only', 'bitcoin-only', 'anime' ], - posting_policy: 'https://example.com/posting-policy.html', + "language_tags": [ "en", "en-419" ], + "tags": [ "sfw-only", "bitcoin-only", "anime" ], + "posting_policy": "https://example.com/posting-policy.html", ... } ``` @@ -214,7 +214,7 @@ To support this goal, relays MAY specify some of the following values. the major languages spoken on the relay. - `tags` is a list of limitations on the topics to be discussed. - For example `sfw-only` indicates hat only "Safe For Work" content + For example `sfw-only` indicates that only "Safe For Work" content is encouraged on this relay. This relies on assumptions of what the "work" "community" feels "safe" talking about. In time, a common set of tags may emerge that allow users to find relays that suit @@ -239,11 +239,11 @@ Relays that require payments may want to expose their fee schedules. ```json { ... - payments_url: "https://my-relay/payments", - fees: { - "admission": [{ amount: 1000000, unit: 'msats' }], - "subscription": [{ amount: 5000000, unit: 'msats', period: 2592000 }], - "publication": [{ kinds: [4], amount: 100, unit: 'msats' }], + "payments_url": "https://my-relay/payments", + "fees": { + "admission": [{ "amount": 1000000, "unit": "msats" }], + "subscription": [{ "amount": 5000000, "unit": "msats", "period": 2592000 }], + "publication": [{ "kinds": [4], "amount": 100, "unit": "msats" }], }, ... } diff --git a/47.md b/47.md index 70a50864..7f5b8147 100644 --- a/47.md +++ b/47.md @@ -10,8 +10,16 @@ This NIP describes a way for clients to access a remote Lightning wallet through ## Terms -- **client**: Nostr app on any platform that wants to pay Lightning invoices -- **wallet service**: Nostr app that typically runs on an always-on computer (eg. in the cloud or on a Raspberry Pi). +- **client**: Nostr app on any platform that wants to pay Lightning invoices. +- **user**: The person using the **client**, and want's to connect their wallet app to their **client**. +- **wallet service**: Nostr app that typically runs on an always-on computer (eg. in the cloud or on a Raspberry Pi). This app has access to the APIs of the wallets it serves. + +## Theory of Operation + +1. **Users** who which to use this NIP to send lightning payments to other nostr users must first acquire a special "connection" URI from their NIP-47 compliant wallet application. The wallet application may provide this URI using a QR screen, or a pasteable string, or some other means. +2. The **user** should then copy this URI into their **client(s)** by pasting, or scanning the QR, etc. The **client(s)** should save this URI and use it later whenever the **user** makes a payment. The **client** should then request an `info` (13194) event from the relay(s) specified in the URI. The **wallet service** will have sent that event to those relays earlier, and the relays will hold it as a replaceable event. +3. When the **user** initiates a payment their nostr **client** create a `pay_invoice` request, encrypts it using a token from the URI, and sends it (kind 23194) to the relay(s) specified in the connection URI. The **wallet service** will be listening on those relays and will decrypt the request and then contact the **user's** wallet application to send the payment. The **wallet service** will know how to talk to the wallet application because the connection URI specified relay(s) that have access to the wallet app API. +4. Once the payment is complete the **wallet service** will send an encrypted `response` (kind 23195) to the **user** over the relay(s) in the URI. ## Events @@ -23,7 +31,8 @@ There are three event kinds: The info event should be a replaceable event that is published by the **wallet service** on the relay to indicate which commands it supports. The content should be a plaintext string with the supported commands, space-seperated, eg. `pay_invoice get_balance`. Only the `pay_invoice` command is described in this NIP, but other commands might be defined in different NIPs. -Both the request and response events SHOULD contain one `p` tag, containing the public key of the **wallet service** if this is a request, and the public key of the **client** if this is a response. The response event SHOULD contain an `e` tag with the id of the request event it is responding to. + +Both the request and response events SHOULD contain one `p` tag, containing the public key of the **wallet service** if this is a request, and the public key of the **user** if this is a response. The response event SHOULD contain an `e` tag with the id of the request event it is responding to. The content of requests and responses is encrypted with [NIP04](https://github.com/nostr-protocol/nips/blob/master/04.md), and is a JSON-RPCish object with a semi-fixed structure: @@ -80,6 +89,7 @@ The **wallet service** generates this connection URI with protocol `nostr+wallet - The user can have different keys for different applications. Keys can be revoked and created at will and have arbitrary constraints (eg. budgets). - The key is harder to leak since it is not shown to the user and backed up. - It improves privacy because the user's main key would not be linked to their payments. +- `lud16` Recommended. A lightning address that clients can use to automatically setup the `lud16` field on the user's profile if they have none configured. The **client** should then store this connection and use it when the user wants to perform actions like paying an invoice. Due to this NIP using ephemeral events, it is recommended to pick relays that do not close connections on inactivity to not drop events. @@ -124,7 +134,7 @@ Errors: ## Example pay invoice flow 0. The user scans the QR code generated by the **wallet service** with their **client** application, they follow a `nostr+walletconnect:` deeplink or configure the connection details manually. -1. **client** sends an event to with **wallet service** service with kind `23194`. The content is a `pay_invoice` request. The private key is the secret from the connection string above. +1. **client** sends an event to the **wallet service** service with kind `23194`. The content is a `pay_invoice` request. The private key is the secret from the connection string above. 2. **wallet service** verifies that the author's key is authorized to perform the payment, decrypts the payload and sends the payment. 3. **wallet service** responds to the event by sending an event with kind `23195` and content being a response either containing an error message or a preimage.