-
@ Tim Bouma
2025-05-04 20:36:15
The penny is dropping for me: I’m realizing that nostr can be the simple inter-app protocol that enables authentication between any two npubs that have agreed to communicate via a set of relays.
In building #nostr #safebox, I have also built a protocol which I am calling #nauth (no authentication), which allows any two npubs to negotiate how to communicate with one another. The invocation is typically a QR code that contains all of the #nauth parameters. The recipient inspects the #nauth, then decides to reply via the auth relay. If all is copacetic, they can transmit data via the transmittal relays.
The beauty of the #nauth protocol, is that there is no authentication provider or authorization server in between. This is #OAuth, that enabled global platforms to evolve, but does not get you out of the centralization trap. With #nauth this is not a problem because the relays have a limited role; they cannot see the data, control no password or keys, and can be switched out at a moment’s notice.
Suffice it to say, I am pretty excited about this inter-app protocol as I believe it will change how we use trusted services on the internet!
nostr:note1ccruvurk5ckq4gaxts0lpjkg2lp9j5952t0s4pv3zle4terrqelqknzcxa