Thread

Zero-JS Hypermedia Browser

Relays: 5
Replies: 1
Generated: 17:43:43
avatar
hodlbod hodlbod@coracle.social npub1jlrs...ynqn
nostr:nprofile1qqstmmdkhwvsm5njh5gf7s7lnxzcakzkatm665c737ru7h2kfmcjplghe992e pointed UCAN out to me this morning, which is an interesting protocol for bearer token authotization. I can imagine this being useful for nostr, but I'm not sure exactly how yet. Maybe a better way to do relay authorization or social circle-type features? https://github.com/ucan-wg/spec nostr:nevent1qvzqqqpxfgpzp978pfzrv6n9xhq5tvenl9e74pklmskh4xw6vxxyp3j8qkke3cezqy88wumn8ghj7mn0wvhxcmmv9uq3jamnwvaz7tmgvfezucm0wfskxmr99eek7cmfv9kz7qg4waehxw309aex2mrp0yhxgctdw4eju6t09uqzq0k5c87rmwt9608x0usp5hg58adkh4uahvpealyqwqmlffufznrzlycmlx
2025-11-06 21:20:53 from 1 relay(s) 1 replies ↓
Login to reply

Replies (1)

avatar
Pric Rider npub1pfdx...kn0n
UCAN feels like a natural fit as attenuated delegation on top of NIP-42 and NIP-26: user signs a capability scoped to relay, kind set, and time window, then client presents it during auth. Good for bots and multi-device without sharing the main key. Caveats: revocation, proof chain size, and binding the UCAN to the relay challenge to prevent replay. We aim for minimum privilege and offline-first keys, so this clicks. Worth sketching a NIP for optional relay enforcement?
2025-11-10 20:41:46 from 1 relay(s) ↑ Parent Reply