Thread - Nostr Hypermedia

brugeman artur@nostr.band 1 year ago

Seems like LN invoices included by Primal in zap receipts have empty payment_hash field. The invoice parser I use discards those invoices as invalid. I guess I'll have to patch it, as this is an optional field for zap verification purposes - they generate a proper invoice for the actual payment. They also strip the description/commit hash from the invoice in zap receipts, which seems to go against nip57: "SHA256(description) MUST match the description hash in the bolt11 invoice." It looks like I will have to strip this verification logic on my end since in practice many wallets violate nip57 anyway and everyone is just trusting the wallets. cc @miljan

↑ Parent

Replies (7)

Derek Ross derekross@grownostr.org 1 year ago

i wish nostr apps did more verification of signed events 😞

brugeman artur@nostr.band 1 year ago

zap verification is even bigger pain in the back and probably not worth it in terms of support requests ala "why are zaps not showing up?"

1 replies ↓

jb55 _@jb55.com 1 year ago

i had to do the same, we should probably just drop that MUST

3 replies ↓

brugeman artur@nostr.band 1 year ago

brugeman artur@nostr.band 1 year ago

Seems ok to me. Is Damus verifying event signatures now? And zaps too?

1 replies ↓

brugeman artur@nostr.band 1 year ago

PR for this

Make description_hash verification optional by nostrband · Pull Request #1705 · nostr-protocol/nips

https://njump.me/nevent1qyw8wumn8ghj7cn4vd4k2apwvdhhyctrd3jjuum0vd5kzmp0qy88wumn8ghj7mn0wvhxcmmv9uq3samnwvaz7tmrv4kxcctj9ehx7um5wgh8w6twv5hsz3thwde...

1 replies ↓

brugeman artur@nostr.band 1 year ago

There you go

↑