GM good year

Nip-46 does Client <--> public relays <--> Signer And instead you are saying that it should be Client <--> Signer So you remove a roundtrip. For the authentication, the easiest to code would be the client sends an event signed by the employee key, signer validates signature and rules, and returns the same event signed by the company key. Using traditional auth is going to be I think more complex and less secure. I could build this with rely relatively easy

@ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ I lost reference to your nostr library. I can't find it in your gitlab. Could you please share the link?

With @Vertex your client will stop frustrating you with airdrop notifications.

If I am not mistaken I think I've found a vulnerability in the blossom auth spec (second part of this PR).

GitHub

Clarifying Auth by pippellia-btc · Pull Request #87 · hzrd149/blossom

This PR aims to clarity auth. Authentication vs Authorization First, it renames Authorization events to Authentication events because: The event i...