diff options
| -rw-r--r-- | 46.md | 16 |
1 files changed, 13 insertions, 3 deletions
| @@ -45,15 +45,25 @@ _remote-signer_ provides connection token in the form: | |||
| 45 | bunker://<remote-signer-pubkey>?relay=<wss://relay-to-connect-on>&relay=<wss://another-relay-to-connect-on>&secret=<optional-secret-value> | 45 | bunker://<remote-signer-pubkey>?relay=<wss://relay-to-connect-on>&relay=<wss://another-relay-to-connect-on>&secret=<optional-secret-value> |
| 46 | ``` | 46 | ``` |
| 47 | 47 | ||
| 48 | _user_ passes this token to _client_, which then sends `connect` request to _remote-signer_ via the specified relays. Optional secret can be used for single successfully established connection only, _remote-signer_ SHOULD ignore new attempts to establish connection with old secret. | 48 | _user_ passes this token to _client_, which then sends `connect` request to _remote-signer_ via the specified relays. Optional secret can be used for single successfully established connection only, _remote-signer_ SHOULD ignore new attempts to establish connection with old secret. |
| 49 | 49 | ||
| 50 | ### Direct connection initiated by the _client_ | 50 | ### Direct connection initiated by the _client_ |
| 51 | 51 | ||
| 52 | _client_ provides a connection token in the form: | 52 | _client_ provides a connection token using `nostrconnect://` as the protocol, and `client-pubkey` as the origin. Additional information should be passed as query parameters: |
| 53 | |||
| 54 | - `relay` (required) - one or more relay urls on which the _client_ is listening for responses from the _remote-signer_. | ||
| 55 | - `secret` (required) - a short random string that the _remote-signer_ should return as the `result` field of its response. | ||
| 56 | - `perms` (optional) - a comma-separated list of permissions the _client_ is requesting be approved by the _remote-signer_ | ||
| 57 | - `name` (optional) - the name of the _client_ application | ||
| 58 | - `url` (optional) - the canonical url of the _client_ application | ||
| 59 | - `image` (optional) - a small image representing the _client_ application | ||
| 60 | |||
| 61 | Here's an example: | ||
| 53 | 62 | ||
| 54 | ``` | 63 | ``` |
| 55 | nostrconnect://<client-pubkey>?relay=<wss://relay-to-connect-on>&metadata=<json metadata: {"name":"...", "url": "...", "description": "...", "perms": "..."}>&secret=<required-secret-value> | 64 | nostrconnect://83f3b2ae6aa368e8275397b9c26cf550101d63ebaab900d19dd4a4429f5ad8f5?relay=wss%3A%2F%2Frelay1.example.com&perms=nip44_encrypt%2Cnip44_decrypt%2Csign_event%3A13%2Csign_event%3A14%2Csign_event%3A1059&name=My+Client&secret=0s8j2djs&relay=wss%3A%2F%2Frelay2.example2.com |
| 56 | ``` | 65 | ``` |
| 66 | |||
| 57 | _user_ passes this token to _remote-signer_, which then sends `connect` *response* event to the `client-pubkey` via the specified relays. Client discovers `remote-signer-pubkey` from connect response author. `secret` value MUST be provided to avoid connection spoofing, _client_ MUST validate the `secret` returned by `connect` response. | 67 | _user_ passes this token to _remote-signer_, which then sends `connect` *response* event to the `client-pubkey` via the specified relays. Client discovers `remote-signer-pubkey` from connect response author. `secret` value MUST be provided to avoid connection spoofing, _client_ MUST validate the `secret` returned by `connect` response. |
| 58 | 68 | ||
| 59 | ## Request Events `kind: 24133` | 69 | ## Request Events `kind: 24133` |