Proxnut: #BuildinPublic getting up to speed \ stacker news ~bitcoin

Proxnut: #BuildinPublic getting up to speed

10.5k sats \ 9 comments \ @supratic 12 Oct 2023 bitcoin

zaps forwarded to @erik_ (20%) @calle (20%) @gandlaf21 (20%) @mo (20%) @sectore (20%)

#intros #activity #announcements #L402 #legends-of-lightning

https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/c793b4f3-e2f7-4870-32e9-9618177bf700/public

Nutcases, Assemble!!

The nutcases from the cashu community have decided to enter the Legends of Lightning Hackathon.

Let's introduce our team:

Gandlaf, the Wizard

It is said that gandlaf has mastered that way of the nut. What is the secret to bending a nut? The secret to bending a nut is to realizing the truth. There is no nut...

https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/e7274bec-e81d-489d-030f-a3bce3406a00/public

Dr. Calle, the Doc

The Doc discovered the ways of the nut when he wrote his PhD thesis. From this day on he's carrying the message wide and far, and found his first followers not long after. Among them? You guessed it. Gandlaf.

https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/9c144706-eaf8-4df0-092f-a61fc20fab00/public

Erik, the Architect

If you're gonna build something, you'll need an Erik. Or whatever you build is gonna look like crap.

https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/6d7578bb-9994-4f22-1479-8c42311cca00/public

M A R C, the Operator

You can't have a bunch of nutcases running wild without guidance. M A R C has been there done that before. He'll guide us to victory without casualties.

https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/46be4031-c0e9-473c-2f60-ebf87f7d1800/public

JK, the Hacker

Not much is known about this mysterious hacker's background. But give him a keyboard and he will turn bytes into nuts.

https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/dced858a-06ec-4729-7628-74faeb8ee300/public

What are we building?

Well, revealing that has to wait a little bit longer. But it will include and make use of PROXNUT extensively.

This week the team assembled to get everyone up to speed...

https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/71eea3b8-00f6-4cf3-c437-d9d6b263a200/public https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/b0dc4cba-56d2-4480-1d22-fc8cf45fa700/public https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/9d251616-e19b-4847-f9ed-a982f2fe8200/public

Even dream a bit? .....

https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/4260ab58-b1aa-4fd6-94fc-121dbee73600/public

....Explain the setups...

https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/7da4f5ed-f973-4acd-1be3-62b67169e300/public https://imagedelivery.net/wyrwp3c-j0gDDUWgnE7lig/0ca32317-ca97-413a-5b26-89f986a2e800/public

and discuss tasks. We dissected PROXNUT and identified our targets.

Now, we started on prototyping a Proof of Concept.

To find out what exactly that is, stay tuned.

Sincerely,

🥜

view all related items

21 sats \ 0 replies \ @anon 12 Oct 2023

great sucess, i like

15 sats \ 7 replies \ @TonyGiorgio 12 Oct 2023

Basically like LL's middleware aperture project but with ecash as the API token instead of macaroons?

Really interested to seeing this work. Anonymous paid API tokens is critical work IMO, if I'm understanding it correctly. Nice write up.

100 sats \ 6 replies \ @gandlaf21 fwd 13 Oct 2023

Yes! I think Very similar to LL's L402 but some nuanced differences.

Check this answer on the AMA post for more details: #268791

1123 sats \ 5 replies \ @TonyGiorgio 13 Oct 2023

Interesting, yup I like it. I can see it working for some use cases better than others. Some things work well stateless, but some might not.

Could you reuse the ecash token if you need to meter or retain history?

Example: support requests

1 paid support request per month, so give out one ecash token that expires at end of month. However, once that token is used to open a new issue, they should be able to keep hitting the API call. I can see a few ways to handle this.

Only block the "/support/new" call behind ecash
Each successful redemption will return a response containing a new ecash token
Turn ecash into jwt to track / meter things once consumed

Either of those three ways would accomplish something I do find special about using ecash as an API token: cuts off source of identity from the original acquisition of the ecash, even if you need to associate after first consumption.

1667 sats \ 3 replies \ @gandlaf21 fwd 13 Oct 2023

I think you could definitely hack something like that, but IMO as soon as you strart to introduce statefulness, other protocols start to make more sense.

Therfore, In the above example, i like number 3 the most, it leverages another protocol that is great for managing state

Ecash is kinda inherently stateless, because links get broken after every token creation. So you would have to manually upkeep that state somehow, which kinda defeats the purpose.

But I think that's OK, because there are other things (like L402, JWT, etc..) that handle state well!

wow, i said state so many times.... We need to separate the web from the state

1411 sats \ 2 replies \ @gandlaf21 fwd 13 Oct 2023

One thing worth mentioning, the complexity of a stateless system is just so much lower than a stateful one, that it makes sense from an engineering perspective to consider if state is really necessary or if it's just an excuse to track users :P

But of course, sometimes you definitely need state/accounts/users , in which case PROXNUT may not help much

30 sats \ 1 reply \ @TonyGiorgio 13 Oct 2023

Thanks for the feedback!

I know a few companies in the space looking for something that I've described above so I appreciate your thoughts there. I do like method 3 as well and like that ecash API tokens would still be useful even if it is not being used for a forward-looking privacy preserving method, for state requirement reasons.

0 sats \ 0 replies \ @gandlaf21 fwd 13 Oct 2023

appreciate your insights too!

100 sats \ 0 replies \ @calle fwd 19 Oct 2023

Only block the "/support/new" call behind ecash Each successful redemption will return a response containing a new ecash token Turn ecash into jwt to track / meter things once consumed Either of those three ways would accomplish something I do find special about using ecash as an API token: cuts off source of identity from the original acquisition of the ecash, even if you need to associate after first consumption.

Ecash is perfect for this. You don't even need to recycle once. If you buy it with a payment (or some other "proof of humanity" or something), you can use it immediately (and privately). Ecash systems without the ability to transact between users definitely has applications people are interested in (such as resource access control).