nostr/nips
1
0
Fork 0
mirror of https://github.com/nostr-protocol/nips.git synced 2024-09-19 22:35:50 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
5f911b1b00
nips/39.md
Ioan Bizău 5f911b1b00 Add Twitter verification caveat to NIP-39.
2023-10-31 15:56:17 +02:00

69 lines
3.5 KiB
Markdown
Raw Blame History

NIP-39
======
External Identities in Profiles
-------------------------------
`draft` `optional` `author:pseudozach` `author:Semisol`
## Abstract
Nostr protocol users may have other online identities such as usernames, profile pages, keypairs etc. they control and they may want to include this data in their profile metadata so clients can parse, validate and display this information.
## `i` tag on a metadata event
A new optional `i` tag is introduced for `kind 0` metadata event contents in addition to name, about, picture fields as included in [NIP-01](https://github.com/nostr-protocol/nips/blob/master/01.md):
```json
{
"id": <id>,
"pubkey": <pubkey>,
...
"tags": [
["i", "github:semisol", "9721ce4ee4fceb91c9711ca2a6c9a5ab"],
["i", "twitter:semisol_public", "1619358434134196225"],
["i", "mastodon:bitcoinhackers.org/@semisol", "109775066355589974"]
["i", "telegram:1087295469", "nostrdirectory/770"]
]
}
```
An `i` tag will have two parameters, which are defined as the following:
1. `platform:identity`: This is the platform name (for example `github`) and the identity on that platform (for example `semisol`) joined together with `:`.
2. `proof`: String or object that points to the proof of owning this identity.
Clients SHOULD process any `i` tags with more than 2 values for future extensibility.
Identity provider names SHOULD only include `a-z`, `0-9` and the characters `._-/` and MUST NOT include `:`.
Identity names SHOULD be normalized if possible by replacing uppercase letters with lowercase letters, and if there are multiple aliases for an entity the primary one should be used.
## Claim types
### `github`
Identity: A GitHub username.
Proof: A GitHub Gist ID. This Gist should be created by `<identity>` with a single file that has the text `Verifying that I control the following Nostr public key: <npub encoded public key>`.
This can be located at `https://gist.github.com/<identity>/<proof>`.
### `twitter`
Identity: A Twitter username.
Proof: A Tweet ID. The tweet should be posted by `<identity>` and have the text `Verifying my account on nostr My Public Key: "<npub encoded public key>"`.
This can be located at `https://twitter.com/<identity>/status/<proof>`.
Caveat: fetching `https://twitter.com/<identity>/status/<proof>` and looking for the `<npub>` is not sufficient as a validation, because Twitter can automatically redirect if you use the wrong identity (but the correct tweet ID) as part of the URL! So after fetching `https://twitter.com/saylor/status/1701877505437675910` one must re-check the *actual* URL (or avoid redirects in the first place) before concluding that the person using `1701877505437675910` as a proof matches the @saylor identity on Twitter!
### `mastodon`
Identity: A Mastodon instance and username in the format `<instance>/@<username>`.
Proof: A Mastodon post ID. This post should be published by `<username>@<instance>` and have the text `Verifying that I control the following Nostr public key: "<npub encoded public key>"`.
This can be located at `https://<identity>/<proof>`.
### `telegram`
Identity: A Telegram user ID.
Proof: A string in the format `<ref>/<id>` which points to a message published in the public channel or group with name `<ref>` and message ID `<id>`. This message should be sent by user ID `<identity>` and have the text `Verifying that I control the following Nostr public key: "<npub encoded public key>"`.
This can be located at `https://t.me/<proof>`.
Reference in New Issue View Git Blame Copy Permalink