So basically this open source code could replace the 3rd step in this guide, so that you don't have to use ln.cash and can use this instead running in your own server.
This basically closes the loop and makes everything necessary to make lightning tap payments open source, and peer-to-peer, with no need of any intermediaries.
This system uses SUN authentication on the NXP 424 card. The card tap data changes on each tap and this is used to verify that you have the actual card and haven't just copied the data.
The setup of the card to achieve this is described in the documents on this repo as well.
It's easy for merchants to accept on Android mobile with Breez POS.
For self sovereign merchants, there is BtcPayServer with the POS app & NFC plugin. This also works nicely on Android mobile without even having to install an app, just a shortcut. It then opens full screen (as a Chrome PWA).
Or if they want to flip direct to fiat (for simpler accounting or to mitigate volatility worries), in some countries they can use the CoinCorner POS app (with KYC).
In the UK, there are organised and motivated individuals who help businesses to onboard and this is proving to be very effective.
And if you host your own Bolt Card then you can set up your own payment rules on your hosting server.
There is a fair amount of innovation possible here, from the obvious limit per tx or per day to only paying invoices from certain nodes or checking with your app for larger amount authorisation or other checks.
Interesting.... if I can be bothered to run such a thing, anyone using my v4v.app service could potentially use a Bolt card. Will have to see if it is easy enough to set up.
Love this! I’m very curious what the security model is. What prevents the merchant from stealing funds? Do you only want to keep a small amount of funds on the card? Or is the payment amount limited?
Self Sovereign
Merchants