Cashu Browser Wallet \ stacker news ~bitcoin

10.7k sats \ 71 comments \ @gandlaf21 11 Jan 2023 bitcoin

Cashu is an eCash system built on Lightning. Its main purpose is to offer more privacy to users of custodial Lightning wallets by anonymizing tokens. I think it was mainly developed by @calle

Find the reference implementation here:

https://github.com/cashubtc/cashu

I think a lot of cool things can be built with Cashu, and it would be nice if more custodial LN services would make use of it.

In the process of playing around with Cashu, I ended up developing a couple of things:

A JavaScript library that simplifies interaction with the cashu Mint:
- git: https://bitbucket.org/gandlaf21/cashu-js/
- npm: https://www.npmjs.com/package/@gandlaf21/cashu-js
A Browser based Wallet, that can interact with multiple mints:
- app: https://cashu-wallet.vercel.app/
- git: https://bitbucket.org/gandlaf21/cashu-wallet

I will drop some tokens here, you can go to https://cashu-wallet.vercel.app/ , add my mint (it's already prefilled in the input field), and recieve the tokens. In order to spend them on the Lightning network, you have to melt them.

Disclaimer: If you use my Mint, I am the central bank. Please, if you play with your own sats, consider them lost. The software is probably still very buggy and sats may be lost due to errors. If you want to play around with your own sats, then I recommend adding your own mint, then you should be fine.

Thanks for trying it! Please let me know if you encounter any bugs

view all related items

121 sats \ 1 reply \ @calle 12 Jan 2023

WOW! That's insane! You have built an entirely independent JS wallet? The UX is great! I'm speechless. Ser, how do I reach you :)

Ignore my post below please btw, I've assumed this was linking to the LNbits wallet itself, I didn't realize that you've built an entirely new thing! Congrats!

0 sats \ 0 replies \ @gandlaf21 OP 12 Jan 2023

Thanks calle! That means a lot coming from the OG!

can you shoot me a mail? gandlaf @proton.me

32 sats \ 21 replies \ @nerd2ninja 11 Jan 2023

What is cross site scripting https://en.m.wikipedia.org/wiki/Cross-site_scripting

1 sat \ 10 replies \ @calle 12 Jan 2023

1 sat \ 9 replies \ @nerd2ninja 12 Jan 2023

calle? Oh goodness fine.

Step 1: Javascript reverse tcp shell https://github.com/shelld3v/JSshell

Request localhost page from within the shell.

1 sat \ 8 replies \ @calle 12 Jan 2023

How would anyone except the wallet provider be able to inject this?

94 sats \ 7 replies \ @nerd2ninja 12 Jan 2023

We are assuming the user is trying to stream pirated movies and this code is injected via an ad or something (oddly specific I know)

Anyway, its always fun to read: https://stackoverflow.com/questions/6506518/javascript-how-to-read-local-file

This solution was particularly fun to read:

Find below the activeX script to read a local file. (works fine in IE).

    var fso = new ActiveXObject("Scripting.FileSystemObject");
    //specify the local path to Open
    var file = fso.OpenTextFile("C:\\your path\\ filename", 1);
    var fileContent = file.ReadAll();
    file.Close();

    //Parse the contents
    // ex: if the content is in JSON format
    var obj = eval('(' + fileContent+ ')');

    for (var i = 0; i < obj.length; i++) {
        //Access each element
        alert(obj[i].name);
    }

"But this is patched out! Everyone uses chrome or edge now. IE is deprecated and so is ActiveX!"

Yeah well we use old vulnerabilities to guess what the new vulnerabilities might look like in the future (a lot of vulnerabilities are the same mistakes made in new code) If you're really looking for a 0 day just to be convinced not to put money in your browser maybe go to 0 day today or something lmao

Looking through CVEs can be informative too: https://www.cvedetails.com/vulnerability-list/vendor_id-1224/product_id-15031/Google-Chrome.html

It also usually isn't 1 exploit and everything is gone. A lot of exploits that get an attacker a foothold might be written off as "yeah but they don't have admin privileges" for example, but getting admin privileges is a different step. "Privilege escalation"

The hacker methodology for those who don't know is

Planning

Footprinting - Getting information about the target without interacting with the target system. (Looking up who works at a company on social media for example)

Scanning - Using what was learned during footprinting to gain more information in a direct way. Typically port scanning, but in social engineering, this would be asking an employee questions, or people who know that employee questions about the employee

Enumeration - Deconstructing information gained during the scanning phase to determine a useful exploit that might be performed on the target. In social engineering, this would be figuring out based on the questions you asked the employee, how they might respond to certain situations.

Exploitation

System hacking - This is where you perform the exploit. You are not on the computer or in general have access to the system. Again, do not limit this to remote access. This could be physical access.

Escalation of privilege - This is where you gain higher level permissions on the target system

Post Exploitation

Covering Tracks - Erasing and planting false logs on the target system to hide that you're there

Planting backdoors - Allows for you to easily get back into the system without going through all the previous steps.

After one system is exploited, the process starts over to attempt to gain access to the next system within the same network or otherwise connected to the same system.

If you post about your money on social media, this enables the footprinting phase If you are comfortable talking openly about yourself, this enables the scanning phase (at least in terms of social engineering) If you react without thinking, knowledge that you react in this way would be gained during the enumeration phase.

I was going to talk about extra vulnerabilities browser extensions can create, but I'll save that for a different time.

So anyway, as you can see, when I think about my security, I might think about how it could have been done with an older version of software, partly because people may still be running old software, but also because if we know about an exploit, it gets patched. So instead, I might look to old vulnerabilities to inform myself for what to look for in new code, or if I can't do a code review, I might apply general security practices that can help me even if I were running old known vulnerable software because it keeps me the most safe. There have been so many browser exploits over the years in particular, that it should be general practice at this point, not to do anything web related that would have consequences that are too dire if it were exploited.

16 sats \ 5 replies \ @gandlaf21 OP 12 Jan 2023

Nice write-up. A little bit on the paranoid side, but i mean this as a good thing. I tend to do the same when thinking about exploits. Sometimes it "doesn't sound realistic" or "black swany" but it's still a good mental exercise to go through possible vulns

32 sats \ 4 replies \ @nerd2ninja 12 Jan 2023

Its not really that paranoid though. The web browser is the most targeted and attacked software we use.

16 sats \ 1 reply \ @calle 12 Jan 2023

Thanks for this super detailed post! I agree with all you've said.

That said, I don't think that ecash web wallets are the end of the story. There is a Python and a Golang CLI client already as well. We have to prove that the protocol is easy to implement, and that's what @gandlaf21 has achieved here miraculously!

view replies

15 sats \ 1 reply \ @rijndael 20 Jan 2023

Browsers are also insanely complicated virtual machines that execute code downloaded on-demand. Absolutely wild environment.

view replies

15 sats \ 0 replies \ @rijndael 20 Jan 2023

solid post.

0 sats \ 9 replies \ @gandlaf21 OP 11 Jan 2023

The app has only local persistence, how can that be attacked with xss? Honest question, i might be missing something

0 sats \ 8 replies \ @nerd2ninja 11 Jan 2023

Well the wiki is trying to talk about all xss, but the particular one I was thinking of is the clever attack where you make a keylogger with JavaScript or CSS and its able to gather what you type even if the danger site is merely tabbed away.

15 sats \ 5 replies \ @gandlaf21 OP 11 Jan 2023

oh! feel free to audit ;) code is open-source.

It's good to be cautious though, so I understand if you don't wanna expose yourself. You can spin up a VM and open the site in there, then you don't have to trust me.

You should be doing that anyway, since most of the Internet runs on JS.

30 sats \ 4 replies \ @nerd2ninja 11 Jan 2023

Well I didn't mean you put a keylogger in your code, I just meant someone could visit a website that has a keylogger and then keylog a cashu token in order to take money.

The larger point being "Yo can we stop trying to put our money in web browsers?" lol

15 sats \ 3 replies \ @gandlaf21 OP 11 Jan 2023

I got you now!

True.. that is a big issue. Also why we should move on from passwords.

I would hope these kind of apps only hold amounts that are not worth stealing. Pennies or maybe a couple bucks

10 sats \ 2 replies \ @nerd2ninja 11 Jan 2023

Yes! Holy shit the password is so fucking dead. Try to make a password you can remember? Get rainbow tabled. Work hard to learn a difficult password? 1 website gets hacked and now all your accounts are compromised. Password manager? Password manager stores passwords on their server and that server gets hacked. 2fa? Sim swapping.

Just use asymmetric cryptography already!

15 sats \ 1 reply \ @gandlaf21 OP 11 Jan 2023

Hell yeah!

The only fear I have wit PubK PrivK is that the Elliptic curve doesn't offer password reset.. heheheh

view replies

0 sats \ 1 reply \ @randy 11 Jan 2023

" able to gather what you type even if the danger site is merely tabbed away"

What vulnerability allows an inactive tab to gather what's typed outside of its context?

There are many vulnerabilities on the web but most big browsers have pretty good sandboxing with regard to tabs.

0 sats \ 0 replies \ @nerd2ninja 11 Jan 2023

I was going to write a whole post about how it is so so so much worse than this, but then I decided I didn't want to give anyone any ideas lmao

0 sats \ 0 replies \ @melvincarvalho 11 Jan 2023

I think this is some sats:

W3siaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjEsInNlY3JldCI6IkFGTStHVm9wbTRxbjlXS1V6bDlKTUtVYzlpOU1KWUxOZ204T3NpVitqVWs9IiwiQyI6IjAzZmJiZDExMDYwOTM2ZWM0OTFhNWQ3ZDk2Y2U4N2UyNTg4ODAwNTM3ZjNlZWE5Y2U2MWZkN2JhOTc1NzBiZTgzMSJ9LHsiaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjQsInNlY3JldCI6IjNHZ3d2MUw2RFVCcTg5Q0R2b1FNcXY1aGhnTXBydGdueUdlTVhjOWxUeGc9IiwiQyI6IjAyNDM1NzQyMDc5N2I3ODA3MWEyMzEwNWI4OTNkMDI3OTNlMmIzODhlMDFmMjkyMjVjODI4OTA2OTZhZWM5NzM1ZiJ9XQ==

51 sats \ 10 replies \ @thebtctoto 11 Jan 2023

Is there a white paper esque document i can read to understand what this does / attempts to solve ?

20 sats \ 8 replies \ @gandlaf21 OP 11 Jan 2023

https://github.com/cashubtc/cashu/docs

1 sat \ 7 replies \ @thebtctoto 11 Jan 2023

Thanks, that link didnt work but i was able to find more info with it. Still not understanding why do this instead of say a fedimint protocol that uses sats and provides privacy. Why mint your own ecash ? Thanks for the post and replies.

20 sats \ 6 replies \ @lightcoin 11 Jan 2023

cashu is a centralized alternative to fedimint. simply running your own cashu server with only yourself as the user doesn't give you any privacy benefit. but if you use a cashu server that a bunch of other people use, then you have a crowd to hide in which increases your anonset.

0 sats \ 1 reply \ @calle 12 Jan 2023

Is it centralized if anyone can run an instance? We don't call LNbits centralized, do we? Or web servers.

21 sats \ 0 replies \ @lightcoin 12 Jan 2023

any given instance is centralized. we generally call a service that relies on a central server "centralized".

0 sats \ 3 replies \ @thebtctoto 12 Jan 2023

So i could mint totoro coin for my totoro market, people use sats to convert to totoro coin and trade goods all day in totoro market...and then convert their totoro coin at end of day back to sats when they want to exit. Is that right? Is it like a casino with chips essentially ?

20 sats \ 2 replies \ @gandlaf21 OP 12 Jan 2023

pretty much yeah. But you can ask the casino to make payments for you directly (hiding in the crowd)

0 sats \ 1 reply \ @thebtctoto 12 Jan 2023

And when i ask the casino to make payments for me not even they know if it was me or some other patron of the casino ? I appreciate the replies everyone.

170 sats \ 0 replies \ @gandlaf21 OP 12 Jan 2023

Yes exactly! the tokens are created with blind signatures, the casino will only know that it is a valid token, but not who created it.

watch @calle explain it here:

reply on another page

0 sats \ 0 replies \ @calle 12 Jan 2023

Work in Progress: https://github.com/cashubtc/cashu/blob/main/docs/specs/README.md

306 sats \ 0 replies \ @heidi 12 Jan 2023

0 sats \ 0 replies \ @heidi 12 Jan 2023

Nice work Gandalf! Here's some sats/cashus for someone else- W3siaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjIsInNlY3JldCI6Ikl3S3BPZW1XWVJ6N29xc21idEIzZHhrQS9uT1lwNU1TdWg2S2kvZUJoUmM9IiwiQyI6IjAyZTNhMjRlZGYyMzU2NDBjZWViN2ZmMmMzMjdhYTA1NWMzNjhkNjFjOTQ5ODJmMWQ2ZWE2MjdjMjJjN2U0NTJhNiJ9XQ==

8 sats \ 3 replies \ @saunter 11 Jan 2023

Ready to receive some sats sir!

3 sats \ 2 replies \ @gandlaf21 OP 11 Jan 2023

W3siaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjI1Niwic2VjcmV0Ijoia1dsSnNVdHBuUGlIOTZOektoNVlmZUx0OFcvd2pEaUtqZXpnRWtIZHFsdz0iLCJDIjoiMDNiOGE3MDk3NjRlNmNhMDA1NjRiODc2NDNhM2YyZDYwODM4N2RjN2VmODQ0OGM3NmZhZTYyZjk0NThlODBmZWY5In1d

0 sats \ 1 reply \ @saunter 11 Jan 2023

daamn, someone just took it! no honour!

0 sats \ 0 replies \ @faithandcredit 13 Jan 2023

It was you wasn't it

0 sats \ 13 replies \ @gandlaf21 OP 11 Jan 2023

W3siaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjIsInNlY3JldCI6IjFiWXFKb3VjNC9IR055V1A0Y3R1U0dMTkluMjRoTUo4blN6a2ZYU0dKUTA9IiwiQyI6IjAyZjEwY2VkNzM5OGJiOWFjY2FiODg4ZjUxNzk5NmMzMmViYjEwZGFmY2VjZDQzYWIzMTE2MzcyNjZlNTM3NWVkZiJ9LHsiaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjgsInNlY3JldCI6IjFYaUQ2YzBORjhBT1dPdE5qeFhHSzExL1BWRzYrYkRIRHUvWEl3YU51VFk9IiwiQyI6IjAyZWYzMzIyMThhMjZhMjg3ZGYwYmJkNzUwNzdiMTc4ZjllNDZmYjRlZWQ3Zjg0MjMwZWUyNDZiZTlhODIwY2E0NyJ9XQ==

0 sats \ 12 replies \ @gandlaf21 OP 11 Jan 2023

W3siaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjIsInNlY3JldCI6Im80VFRFUERzL2VSNVRqZWlEem1vTFdKdVJGMWpTUS9JdThjSjhJMm9hd1E9IiwiQyI6IjAzY2YxMzU3NjA0N2RmNDk2OGM4NmIyZGY0NTI0MTY2YzQ0MDA4OTdjOWVlMDU1Y2U1MzBkOWIyMmJjODc4MmJjYyJ9LHsiaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjgsInNlY3JldCI6IkdqQ0Y2QVdycG9SQk9xWjM2eW9ISFMxYWZDRWNlOXZoaWp0ZVA2cWJVSzg9IiwiQyI6IjAyYThhY2MzMjI2YTE0NmI2NmQyNmY4YWMyNmVkMTcyYmJkNjY1ZGE4ZmYxYmU4ZjUzYjMxOGI2ZjhkYzc0ZTA0MCJ9LHsiaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjE2LCJzZWNyZXQiOiJ3Z2kwMDd1d1dOYWZQNkNRWVg3OENzVTZsQitNSll1cWF2QmNqdDJpcU1BPSIsIkMiOiIwMjVkOWEyYjZkNTkyNjA1NDJkZWQzZGYzMjg2NWQwODlmNDYyMzZjMTNmYjJjNjk0M2IxN2Q2ZDIyNDUyMGM5ZDAifSx7ImlkIjoiME5JM1RVQXMxU2Z5IiwiYW1vdW50IjozMiwic2VjcmV0IjoiUG50N2JucmZBTkp6MGlOcXNqT21RK1dwVlA4UzZoSURIa0l0bkJJKzY4OD0iLCJDIjoiMDJjYTMyMTkzNzQ5NzY5ZDZhZDliMzQ0YzBjZGQ3YTYwM2IyZjM2MmI3MjI0OTk5NmI3MWNiNmUzMjYzMjgxMzI4In0seyJpZCI6IjBOSTNUVUFzMVNmeSIsImFtb3VudCI6NjQsInNlY3JldCI6ImlBYnZxSVF3RnNXNDlRZVl6d2pCbWMyVFE0bFNlQjlxUWl6YUVTUlJNTzg9IiwiQyI6IjAzOGEwMjI5OTQzMTI5YjMzOGYwNDMzZDY0ZmYzNTdmMzA1MmM2YTNmNWQxODQ2NTRkOGYxODI3YzcyNGVmMTBkZSJ9LHsiaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjEyOCwic2VjcmV0IjoiQ3ptdmFHRC81RXZ0RVBPbEFzSkVpd0czT1hpLzhhdjJMNUxuTFdpUk5sUT0iLCJDIjoiMDM4NWQ1ZWVjZGJmNjg1NmExMjA5M2ZmZmEwZDg1MWZjNjVkYWJkNTFhYmU4OWNlZGNjMGM1MDA5OGE5MThiMzM4In1d

10 sats \ 10 replies \ @notgeld 11 Jan 2023

It looks like Hosted channels are still ahead of chaumian e-cash if these are e-cash tokens indeed.

0 sats \ 9 replies \ @gandlaf21 OP 11 Jan 2023

Yeah they both have their pros and cons I think

0 sats \ 8 replies \ @notgeld 11 Jan 2023

I still value cashu more than Fedimint. It is strange that on the one hand federations are welcomed on the other they are evil like in Liquid (i am fine with both).

0 sats \ 0 replies \ @gandlaf21 OP 11 Jan 2023

W3siaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjI1Niwic2VjcmV0IjoiM2JOc0ZBdVRLbmp2eElNWXJaMmlIYzRZNVNFQmpTQWVLUml4R21RZ05ibz0iLCJDIjoiMDNmMDE0ZTNjMDA1ZTAzMmVhZTM5ZDA2NmJhZDlkZmFjN2FkNGNmZWI4MzViNGQzYjEwNDNlYTY5MmZlZjM0OTlmIn1d

0 sats \ 1 reply \ @om 11 Jan 2023

wait why Liquid is evil?

10 sats \ 0 replies \ @notgeld 12 Jan 2023

Some bitcoiners think that Liquid is no different than for example FTX.

I think that it is kind of a protocol which has its own benefits and trade-offs. And not bad custodial solution at all.

0 sats \ 4 replies \ @gandlaf21 OP 11 Jan 2023

Some people don't want any custodial solution ever, which is fair enough, but not always convenient. We can at least try to improve custodial solutions, since it's not realistic for everyone to open their own LN channels. I hope someday we get there though

0 sats \ 3 replies \ @gandlaf21 OP 11 Jan 2023

W3siaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjEyOCwic2VjcmV0IjoiNnU2QVF6aFgwSldYTEY4UXdnbEJwL0pRNkZGWHRFakM2d05IT1o2NndlRT0iLCJDIjoiMDJjMWQ4YmM2YjJmYmMxYTJjM2M2OGM3OGRmOWRhYTYzZTNjMGQ0NWIzMGE2NzhkOWM5M2M0ZWNiNWRiNmY0NjkwIn1d

0 sats \ 2 replies \ @ski 11 Jan 2023

thank you! worked great :) can you send via lightning yet? I think Calle's mint has this ability, but can't send to different mints

view replies

0 sats \ 0 replies \ @BlokchainB 11 Jan 2023

Whoa

13 sats \ 0 replies \ @00 11 Jan 2023

https://legend.lnbits.com/events/XKNFEY9Cw2G8KS9ZHreB73

1 sat \ 0 replies \ @gandlaf21 OP 11 Jan 2023

W3siaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjI1Niwic2VjcmV0IjoiQyt1LzdDckY5YmdiTVFBM2FnY1k2YmV0UTdyM3RMdHhLZ25NaFZHY1p6dz0iLCJDIjoiMDIyMzkxNmUwYjJkZmM3ZGI2ZTI0ZjMxMzNmOTE3Njg1MWFiZDI1MjY4MDZhODFkYzBhMGIyN2I2ZWNjMTYwMzdlIn1d

0 sats \ 0 replies \ @SqNr65 16 Jan

cashuAeyJ0b2tlbiI6W3sicHJvb2ZzIjpbeyJpZCI6IjltbGZkNXZDemdHbCIsImFtb3VudCI6Miwic2VjcmV0IjoiOUZqSWFJYWRyVVAzVzRNRExkMldRa2p2SDlDT0tQMFZsSnFJVTVzampqOD0iLCJDIjoiMDNkYjNjMWZhZGZjYWIyMTVmNzI5MDdjY2Q0ZWU4ZjFkNDNiOWM5NDFjMGRkYmU5Yjg2YjU2Zjg5YWIzMDA3OTM1In1dLCJtaW50IjoiaHR0cHM6Ly9taW50Lm1pbmliaXRzLmNhc2gvQml0Y29pbiJ9XX0

Very very tiny amount, just testing, please let me know if you claim this

0 sats \ 0 replies \ @llamabyte 4 Jul 2023

cashu feels like bleeding edge bitcoin dev.

0 sats \ 1 reply \ @TheBTCManual 12 Jan 2023

Very cool, why do I picture people having mutliple mints like nostr relays on their clients, would that be a thing? and how do you pay someone using another mint? Are mints interoperable or would one need to share a mutual mint at all times to pay

0 sats \ 0 replies \ @gandlaf21 OP 12 Jan 2023

Mint interoperability happens over the lightning network. So as of now, tokens have to be melted at one mint, sent over LN to the other mint, and then minted at the other mint. This is what has to happen under the hood.

The tokens are created using the mints private keys for signing, so there is no way of sending a token from a different mint, because the mint won't be able to verify the token.

In practice though, a user can create a mint request from one mint, and pay it with a melt from another mint. So it is almost the same 2-step process of sending/receiving (using invoice instead of token), just what happens under the hood is different. Maybe a good wallet can abstract a lot of this away, but for now, i think it's important for users to know the difference, we're still learning

0 sats \ 1 reply \ @calle 12 Jan 2023

Hey, thanks for sharing this! Very happy to see people trying things out and I'm glad to receive feedback and comments on Cashu!

There is also a Python implementation (more advanced in functionality) and a fully independent implementation in Go. Both are Terminal-only but easy to install.

The protocol is relatively simple so it should be easy to build Cashu clients and mints as a dev who can use secp256k1 libraries. We're currently in the process of speccing out the protocol in a series of NUTs which I'm happy to receive comments on and I'm preparing for review.

Anyways, ecash is a wonderful, strange, and old technology for building anonymous payment systems. I believe that many of the custodial relationships we enter could be upgraded with ecash and I've received great feedback so far.

In case you got interested in Cashu, the best way to contribute would be to build a client from the spec which would be very helpful in finding and fixing weaknesses in the protocol. There are also two unclaimed developer bounties from the guys at Nodesignal podcast that you can grab!

Hide yo sats! 🥜😎

0 sats \ 0 replies \ @calle 12 Jan 2023

Oh wow, please ignore all this, I was completely wrongly assuming that this was linking to the LNbits wallet implementation.

On the contrary, @gandlaf21 has build a whole separate implementation! Amazing work!!!!

0 sats \ 0 replies \ @zuferrino1 11 Jan 2023

0 sats \ 0 replies \ @rolator 11 Jan 2023

chashhh: W3siaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjMyLCJzZWNyZXQiOiJ5OVVaQmY0MWN6YXZQajRSc2kyd1loNkNZc3hpUnVaTTlFeU02Rkd4OWZvPSIsIkMiOiIwMjA0ZDU4MTJkNzQ1MTE2ZWZiN2RlZDQxMDViYTk2NTVlYjg5YWJjNzI2MDc1NTczMWY1NGI1MWYzOWNjNGEwODcifV0=

0 sats \ 4 replies \ @melvincarvalho 11 Jan 2023

I've added sats, but how to melt? It asks for an invoice?

0 sats \ 1 reply \ @melvincarvalho 11 Jan 2023

figured it out, you need an ln invoice, very cool app!

0 sats \ 0 replies \ @gandlaf21 OP 11 Jan 2023

Thanks!

0 sats \ 1 reply \ @gandlaf21 OP 11 Jan 2023

yeah generate one with your ln wallet and paste it

0 sats \ 0 replies \ @gandlaf21 OP 11 Jan 2023

W3siaWQiOiIwTkkzVFVBczFTZnkiLCJhbW91bnQiOjI1Niwic2VjcmV0IjoiNkkvcENBbkwzbVJGNWd4dXJPemlzT1llUWhlanlwdVBTMUErZ0x6R3l5WT0iLCJDIjoiMDIyZWVlNWJlYjM1ODQ3NDkxMjdlYzdjZGNmNTZhZjFiM2QxYWRhMGJiYjQ5ZTI3Y2IwNTc0ZjAyYzJjMDI4YmIyIn1d