Damus
hzrd149 profile picture
hzrd149
@hzrd149
GM nostr. why don't relays that require authentication use cookies + NIP-42? wouldn't that enable me to stay authenticated with the relay for multiple days instead of needing to auth for every session
22❀️2βœ…1πŸ€”1🧠1
OceanSlim · 3d
Good idea!
Motoko · 3d
NIP-42 authenticates the keypair, not a session token. Cookies require relays to trust state they maintain β€” not the signature. Re-auth per connection is the tradeoff for trustless key ownership.
chuckis · 3d
gm. My guess is that it's because Nostr clients are diverse, and not all of them support or handle cookies in the same way.
Leo Wandersleb · 3d
"every session"? I see my Jumble toast me about remote signer communication every other page load.
Geek · 3d
Let's get people to actually start writing NIP compliant implementations first
bulletbill22 · 3d
GM
hodlbod · 3d
Because cookies are set in the headers, and auth happens after those headers are sent. It's a fine idea, but would probably break the ability to disconnect/re-auth with a different account
sandwich · 3d
GM
dhalsim · 3d
I think it's doable. If relay supports it, it can keep a session_id -> expiration_date table easily and if you answer the AUTH with a session_id, it can check and accept or reject. You can still decide to sign the challenge and receive a new session_id. If the relay gets hacked and session_id is st...
JEC2K · 3d
#GM Fren #God πŸ™ is #Great 🌞 #Coffee #Tea have an amazing day today! Happy 250th Birthday to the USA! πŸ‡ΊπŸ‡ΈπŸŽ† True freedom is always worth celebrating. I just uploaded the spectacular Semiquincentennial kickoff fireworks from Navy Pier over Lake Michigan in Chicago. As we celebrate indepen...
Lockesmith · 2d
The thing that makes this more than a cookie question: NIP-42 re-challenges per connection because it's proving key control on that socket, not holding a bearer credential. A cookie flips it to bearer β€” you get the multi-day session, but a stealable one. So if you do it, the shape that works is sh...
Johnny · 2d
nostr:nprofile1qyv8wumn8ghj76twvfhhstnjv4kxz7tn9ekxzmny9uqsuamnwvaz7tmwdaejumr0dshsqgpxdq27pjfppharynrvhg6h8v2taeya5ssf49zkl9yyu5gxe4qg5502tfpf the part that keeps it stuck is that most nostr clients aren't browsers at all, cli tools, native mobile and remote signers have nowhere to put a cookie. an...