-
Notifications
You must be signed in to change notification settings - Fork 145
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Link wallet LUD #256
base: luds
Are you sure you want to change the base?
Link wallet LUD #256
Conversation
why not just use lnurl-withdraw here? |
@capitalistdog lnurl-withdraw won't work for this use case - we don't want the receiver to manually confirm every incoming payment. |
gotchya... perhaps though the lnurl-p/address endpoint may be better simply as an extra parameter on the existing withdraw tag (similar to balanceNotify) Where most wallets will already support withdraw, users will still be able to get funds out now, as opposed to an unsupported wallet not knowing the new tag at all I think that would also be easier to implement wallet-side |
Thanks this is very interesting, seems like it could be a much better solution (it would work even if someone changes his lightning address). I'll think and revise my LUD soon! |
I may be missing something, but the full flow is not clear to me: First, the LN Wallet interacts with Service to associate a LN Address with a k1 value. What does the other app (ZBD) do then to get or lookup the LN Address? It would need to call Service with k1 as arg, no? And if so, how does it get k1? |
There are two requests:
The wallet calls LNURL and gets k1 and callback url, then calls the callback with k1 and the lightning address. EDIT: Oh wait, I see what is the problem here - the service pays to the wallet, not the other way around! |
Smth similar to LUD19 (paylink discoverable from withdraw link) - but reverse. |
@capitalistdog @arbadacarbaYK A fine-grained scheme for this use case would work better on iOS (as pointed out in LUD 17), for us this is a huge problem because people have multiple wallets and we never know which wallet will handle the link. Now I believe the optimal solution is to combine two elements: a new lnurl scheme that enables requesting the wallet to send lnurl-withdraw to the service. Advantages of this strategy:
What do you think? |
I'm not clear on what the LUD17 conventions help with here, you're not using a QR so size isn't a concern, I'd think all this does it make it work with less wallets vs. LUD03 Are there any particularly popular iOS wallets that you're concerned with supporting Another thing to consider is that LNURL is probably not the future given it's pre-disposition to custodial solutions and only a handful of LUD's being used broadly. It's good for making things work with what exists today- not so much for getting wallets to incorporate new things. I wont talk my stack in depth here, but mentioned to Jack that I'll reach out once I have a production demo of what we're doing for LightningVideo withdrawals since we're on the subject of new specs. |
In general I like the idea of being able to share your address for automatic payouts this way. About this spec: In this scheme you could even put serviceName in the querystring of the initial link, so only one http request has to be made. Other idea: |
It would be really cool to be able to sign and prove you have control ownership of an LN address, to prevent user error, but AFAIK it's not possible - you can only prove ownership of your node pubkey |
@capitalistdog
I meant fine-grained url schemes, not bech32 encoding.
Assuming your approach (new tag with a callback to send lnurl in lnurl-withdraw) I am concerned about wallets that implement
Yes, you are right - this could work exactly like a fast withdraw.
What is your top use case for this? Maybe we can somehow add such verification |
Let me know if the constrains assumed here are correct: Problem:
Current solution:
Proposed solution:
My 2 cents: There is already a protocol that would allow this and many other use cases widely used in the industry: OAuth2. If Wallet providers implemented it (some already did, like Alby) I think that is the road that we should follow as the industry matures: OAuth2 with a "standard" set of actions/permissions that the app can perform in the wallet (not only get the LN address's but things like load your app credit by spending from that wallet, etc..) However, if we want something specific (simpler?) in LNURL we could copy a small part of the OAuth 2 flow.
I would keep it simple and only return "read only info". No token that can be used with the wallet api or anything like that. The application A encoding the info in a QR may be useful if we want the user to use ANY wallet, not only the ones "approved" by the app. Also notice that in this proposal, I can set serviceName to whatever I want to ("HI, I am Cash APP, trust me!") and the wallet will show exactly in the permissions request page. OAuth 2 solve this with a client_id/client_secret. But that means that apps need to register to be able to use the protocol with that OAuth provider. I think we need something to prevent this "attack". From well known public keys linked to well known apps to apps registering with the wallet. |
Data point from THNDR, in Jan '24, 84.5% of our payments went to Lightning Address enabled wallets. A one click solution to link a Lightning Address during onboarding for new users would be a great improvement! |
Yes, in our case we use deeplinks instead of QR codes, but the flow is exactly like you described.
I need a small clarification here - how does the app know what is the user id? I think it must be somehow passed from the wallet to the app.
This sounds like additional protection, I believe the whole lnurl spec needs something like this - imagine someone paying for stuff from Amazon using lnurlp, it would be cool if wallets could display a "verified" merchant badge on the invoice. |
There is no need for the app to know what user is being linked a priory. It will basically be whoever logs in in the wallet (or is already logged in)
This is the first thing that pop out into my mind when I was reading the proposal. It's ok to not fix this proposal is ok, but it is good to keep in mind that this may be a security concern. |
We have implemented the service side of this LUD in our game "Club Bitcoin: Solitaire". Download on Apple or Google. Here is an example of how the flow works. If you want to test this with your wallet or app as the withdrawal wallet, you will need to contact me so I can enable this feature on your THNDR account, as it is not available publicly. |
Ack |
Based on feedback in the telegram group. We updated the proposal to include an optional 'redirect' such that the Wallet can offer to send the user back to the Service. We have updated our implementation to support this, if you wish to test. Reminder: In our games, this is a hidden feature and you will need to contact me to get it activated for testing. |
ZBD released wallet side of this proposal google play it's available for everyone. we handle |
Is NWC an alternative option for this? |
Hey,
We (THNDR Games) have one major UX issue when it comes to withdrawing sats from our games via Lightning Address, let me show you how it works right now:
After interviewing users we found users had the following pain points with the manual process:
I propose to use LNURL to create a “One Click” solution to allow the user to auto-send their lightning address directly to the service from the wallet.
This way we can prevent human errors and jumping between apps = significantly improve UX of paying apps.