NUT-XX: Authentication #106
Conversation
This NUT describes a mechanism for obtaining time-bounded OAuth bearer tokens for accessing protected endpoints for a mint. The registration process for authorizing public keys is outside the scope of this NUT.
Updated and removed based on Calle's initial feedback.
Thanks for the great feedback and discussion during last month's Dev call! I've made some updates based on the suggestions provided. Regarding point 1, I've taken out the references to Mint and Melt and instead implemented authentication for any endpoint. This will make it more flexible and allow for easier integration with other platforms. Point 2 was a game-changer! @trbouma's suggestion to look at LUD-04 LNURL Auth was super helpful, and I was able to incorporate some of the implementation logic to simplify and enhance the privacy of our solution. Specifically, I've implemented the linking key concept from LNURL-Auth to create private/pub keys based on the auth URL. This means that each user will have a unique key for each mint, preventing any tied keys to multiple mints. The wallet can still calculate the keys easily from the seed, but the user will have full control over their keys. Finally, I've introduced an "action" enum to determine the type of action the user is authorized to perform. This will help us keep track of the user's permissions and ensure they only have access to the appropriate actions. There were some other minor cleanups and code optimization, but these are the main updates. I'm excited about the progress and looking forward to the nextDev call to get more feedback and continue improving the protocol 🚀
starbackr-dev
changed the title
|
Thanks for the great feedback and discussion during last month's Dev call! I've made some updates based on the suggestions provided. 1, I've taken out the references to Mint and Melt and instead implemented authentication for any endpoint. This will make it more flexible and allow for easier integration. 2 @trbouma's suggestion to look at LUD-04 LNURL Auth was super helpful, and I was able to incorporate some of the implementation logic to simplify and enhance the privacy. Specifically, I've implemented the linking key concept from LNURL-Auth to create private/pub keys based on the mint URL. This means that each user will have a unique key for each mint, preventing any tied keys to multiple mints. The wallet can still calculate the keys easily from the seed. Finally, I've introduced an "action" enum to determine the type of action the user is authorized to perform. This will help us keep track of the user's permissions and ensure they only have access to the appropriate actions. There were some other minor cleanups and code optimization, but these are the main updates. I'm excited about the progress and looking forward to the to get more feedback 🚀 |
| action:"mint", | ||
| k1:"8278e1a48e61c261916791dabb6af760488e4f01932e11fe7054f59754e3de6e" | ||
| signature:c568f78e4b234a5f7d8c3b2a679e48d1234567890abcdef | ||
| linkingKey:7345786068584cd33000582ba87a9ddf77db5377c67910ab59d7e9a5f44 |
There was a problem hiding this comment.
| action:"mint", | |
| k1:"8278e1a48e61c261916791dabb6af760488e4f01932e11fe7054f59754e3de6e" | |
| signature:c568f78e4b234a5f7d8c3b2a679e48d1234567890abcdef | |
| linkingKey:7345786068584cd33000582ba87a9ddf77db5377c67910ab59d7e9a5f44 | |
| "action":"mint", | |
| "k1":"8278e1a48e61c261916791dabb6af760488e4f01932e11fe7054f59754e3de6e" | |
| "signature": "c568f78e4b234a5f7d8c3b2a679e48d1234567890abcdef" | |
| "linking_key": "7345786068584cd33000582ba87a9ddf77db5377c67910ab59d7e9a5f44" |
| ```json | ||
| { | ||
| "nuts": { | ||
| "15": { |
There was a problem hiding this comment.
| "15": { | |
| "16": { |
| signature:c568f78e4b234a5f7d8c3b2a679e48d1234567890abcdef | ||
| linkingKey:7345786068584cd33000582ba87a9ddf77db5377c67910ab59d7e9a5f44 | ||
| } | ||
|
|
There was a problem hiding this comment.
Missing a ``` here to end the code block
|
|
||
| } | ||
|
|
||
| ``` |
There was a problem hiding this comment.
| ``` |
| @@ -28,7 +28,7 @@ Wallets and mints `MUST` implement all mandatory specs and `CAN` implement optio | |||
| | [11][11] | Pay-To-Pubkey (P2PK) | [Nutshell][py] | [Nutshell][py] | | |||
| | [12][12] | DLEQ proofs | [Nutshell][py] | [Nutshell][py] | | |||
| | [13][13] | Deterministic secrets | [Nutshell][py], [Moksha][cashume], [cashu-ts][ts] | - | | |||
|
|
|||
| | [15][16] |Authentication with Schnorr Signatures | | |||
There was a problem hiding this comment.
| | [15][16] |Authentication with Schnorr Signatures | | |
| | [16][16] | Authentication | |
| @@ -74,3 +74,4 @@ Wallets and mints `MUST` implement all mandatory specs and `CAN` implement optio | |||
| [11]: 11.md | |||
| [12]: 12.md | |||
| [13]: 13.md | |||
| [15]: 15.md | |||
There was a problem hiding this comment.
| [15]: 15.md | |
| [16]: 16.md |
| { | ||
| "access_token": "9876543210fedcba", | ||
| "token_type": "Bearer", | ||
| "expires_in": 3600 |
There was a problem hiding this comment.
| "expires_in": 3600 | |
| "expiry": 1711917473 |
I think this should be the unix time the token expires at more in line with mint/melt quote expiry feilds
| ```http | ||
| GET https://bob.com/v1/auth/challenge?&tag=<(action enums)> | ||
| ``` | ||
| Bob's mint generates a challenge `k1` consisting of randomly generated 32 bytes, for example: |
There was a problem hiding this comment.
| Bob's mint generates a challenge `k1` consisting of randomly generated 32 bytes, for example: | |
| Bob's mint generates a challenge `k1` consisting of a 64 character hex string generated from 32 random bytes, for example: |
|
|
||
| - `linkingKey` This is a public key derived from `linkingPrivKey` | ||
| - `linkingPrivKey` To keep the derived public key unique to each mint, the `linkingPrivKey` should be derived as follows | ||
| - Use the derivation path m/138'/0 from the master key to get `hashingkey` |
There was a problem hiding this comment.
Is it necessary to specify the exact derivation path used by the client?
callebtc
added
needs implementation
|
Is the access token intended to be stateful? Ideally, the mint server would not keep a complete list of active tokens in its database. An alternative could be to specify the claims in a JWT. Additionally, has something like an HMAC signing been considered instead of an access token? The HMAC secret can be an ECDH exchange with the user’s linking key and the mint’s key, published in the info endpoint. The user’s public key and a timestamp would be required as request headers for the server to validate the request and prevent replay attacks. |
Currently, access to mint endpoints are open to anyone. Since Cashu tokens are IOUs, the mint should have an optional way of restricting access to some end points if needed. We propose a new feature to provide optional access control for specific endpoints. This will address the need to restrict sensitive operations like minting and melting to authorized parties. This NUT is completely optional and may not be supported by mints and wallets.
We have developed a (NUT) specification for implementing authentication through bearer tokens. This approach is easy to integrate into wallet provdiders, allowing mints to control access to their endpoints.
Selective Endpoint Authentication
Mints have the flexibility to authenticate certain endpoints selectively. For example, they could restrict minting while allowing unrestricted swapping and melting.
Ofcourse, this will compromise privacy. Both the mint and wallet should be explicit in informing the users about this.
Example Scenario
Consider a mint such as the one I am currently running (https://stablenut.umint.cash) connected to Strike, a platform enforcing KYC for users transacting with its API. By enabling authentication, the mint can limit minting and melting only to KYC-compliant users. Meanwhile, tokens minted through this restricted channel can continue to be swapped between users freely without restrictions. (Calle can still post them on Nostr/twitter)
Each mint will clearly indicate its access policy on their /info endpoint, empowering wallet providers with the necessary information to guide their users' decisions.
Registration Process is out of scope for this NUT - The registration process for authorized public keys is scoped out of this NUT. Mints can implement their own authentication mechanisms and include authed pubkeys table inside mint database
We invite your review and comments on this proposal.