pull down to refresh

121 sats \ 2 replies \ @grimtechnet 6 Oct \ on: How Does Lightning Authentication Work? bitcoin_beginners

I was wondering the same thing so I looked it up.

Any website/app can implement LNURL-auth, the spec for it is here https://github.com/lnurl/luds/blob/luds/04.md

The auth works like this. Instead of taking the traditional username/password, LNURL-auth uses key based login. The user has to prove they control a domain-specific linkingKey derived from their wallet seed.

The procedure goes like this

  1. LNURL-auth uses a keypair called a linkingKey, which is derived from a combination of your master seed, and the domain name that you're logging into.
  2. The website sends a challenge to you, which contains a random string.
  3. Your wallet signs the challenge using it's private linkingKey, and sends it back to the website.
  4. The website can check the signed challenge and verify that it matches the public linkingKey. If it matches, it knows you're in control of the private linkingKey.

So to answer your questions directly,

  1. Instead of an e-mail primary key, LNURL-auth uses the linkingKey as the unique user identifier.
  2. Compatible wallets are listed in the table following the text, "Auth base spec." https://github.com/lnurl/luds/tree/luds#lnurl-documents
write
preview
0 sats \ 1 reply \ @spiderman OP 6 Oct

Thanks for the explanation, sounds like Nostr then, basically those linkingKeys acting like like npub. Wonder whichever server chooses that method for sign in why do not they fall back on nostr? Or is this emerging as a competitor to nostr itself?

reply
21 sats \ 0 replies \ @grimtechnet 6 Oct

Nostr gives you an identity on a separate system. With LNURL-auth, the lightning wallet is the identity. I'd call that a competitor to parts of Nostr. Nostr NIP-98 maybe. But it's probably not a competitor to Nostr NIP-46 which most websites use to auth via Nostr. But it does win against Nostr NIP-26 which was essentially abandoned.

reply