Brunswick on Nostr: Comments from anyone welcome. Tell me why I'm retarded. #asknostr Vitor Pamplona ...
Comments from anyone welcome. Tell me why I'm retarded. #asknostr
Vitor Pamplona (nprofile…pyug) fiatjaf (nprofile…xuyp) Bored Satoshi (nprofile…r403)
Vitor Pamplona (nprofile…pyug) fiatjaf (nprofile…xuyp) Bored Satoshi (nprofile…r403)
quoting nevent1q…h437### Nostr Improvement Proposal (NIP): NPUB to Bitcoin Address Anchoring with Identity Functions
**NIP Number**: TBD
**NIP Title**: NPUB to Bitcoin Address Anchoring for Enhanced Identity and Spam Prevention
**Author**: Brunswick Brunswick (nprofile…mfwq)
**Date**: 9/5/2024 blockheight 860073
**Status**: Draft
**Discussion**: "Proof of Bitcoin" nevent1q…p7vl
---
#### **Abstract**
This NIP proposes a method to anchor a Nosr Public Key (NPUB) to a Bitcoin address, offering a mechanism to establish and maintain identity credibility while minimizing spam and fraudulent activity. The system allows for three key functions: establishing an NPUB-Bitcoin address connection, changing the associated Bitcoin address, and revoking and reassigning NPUB identities. These functions are rooted in the Bitcoin blockchain but do not require on-chain Bitcoin transactions, reducing costs while leveraging the credibility of Bitcoin.
---
#### **Motivation**
Nostr's reliance on social networks or external systems for identity verification (such as NIP-05) introduces potential issues of centralization and a lack of meaningful identity verification. NIP-05, which ties NPUBs to email-style usernames at fully qualified domain names, often fails to establish a true connection between the identity and the individual, as the domain owner can freely assign usernames without meaningful validation.
This proposal addresses these issues by anchoring identity to a decentralized asset (Bitcoin), creating a verifiable system where NPUBs can be linked to Bitcoin addresses. By using signed messages, users can establish a chain of credibility, while introducing a system that acts as a deterrent to spam and bot accounts.
---
#### **Use Cases and Functions**
This system is designed to fulfill three primary identity-related functions:
1. **Establishing the Initial Connection**:
- A user establishes a connection between their NPUB and a Bitcoin address.
- The Bitcoin address should contain a non-trivial amount of Bitcoin to demonstrate commitment without exposing significant holdings.
- A message containing the NPUB, Bitcoin address, block height (timestamp), and a signed message is published to Nostr. The message signature is made using the Bitcoin private key, proving ownership of both the NPUB and Bitcoin address.
- The relay should treat this message as irrevocable, ensuring future verification.
2. **Changing the Bitcoin Address**:
- If a user wishes to update the Bitcoin address associated with their NPUB, they must sign a message with both the old and new Bitcoin addresses.
- The message should include the NPUB, the old Bitcoin address, the new Bitcoin address, and a signature from both the old and new addresses.
- This ensures that the NPUB remains unchanged but allows the user to transition to a new Bitcoin address.
- The relay and clients should accept this as the new root of identity, verifying both signatures.
3. **Revoking and Reassigning NPUB Identity**:
- In case of a compromised NPUB or voluntary identity change, the user can revoke the old NPUB and assign a new NPUB while maintaining the same Bitcoin address.
- The revocation message includes the old NPUB, the new NPUB, the block height (timestamp) of revocation, and is signed by the Bitcoin address.
- Any Nostr message signed by the old NPUB after the revocation block height is considered invalid. Clients should treat the new NPUB as the valid identity.
---
#### **Specification**
1. **Relay Handling**:
- Relays must support these three functions (initial establishment, address change, and NPUB reassignment) by handling messages containing the Bitcoin address, block height, and NPUB signature.
- Messages should be treated as irrevocable and permanent, ensuring that identity changes are preserved and verifiable across relays.
2. **Message Format**:
- Each message includes:
- NPUB
- Bitcoin address (with a minimal balance to avoid dust)
- Block height at the time of the event
- A signature generated using the Bitcoin private key that corresponds to the address.
- For Bitcoin address changes, messages must be signed by both the old and new addresses.
- For NPUB revocation, the message contains both the old and new NPUBs and is signed by the Bitcoin address.
3. **Signature Verification**:
- Clients must verify signatures using the standard Bitcoin cryptographic methods.
- Clients should also verify the balance of the associated Bitcoin address to ensure it contains a non-trivial amount, discouraging spam by making it expensive to generate credible identities.
---
#### **Rationale**
Anchoring NPUBs to Bitcoin addresses offers several benefits:
- **Decentralized Identity**: Bitcoin addresses are globally recognized, decentralized, and verifiable without reliance on central authorities.
- **Spam Prevention**: By requiring a minimal amount of Bitcoin to be associated with an NPUB, spam accounts and bots face a financial cost, making it harder to flood the network with low-quality content.
- **Credibility Without Social Networks**: Users can establish credibility based on their Bitcoin history, even if they have no prior connections in the Nostr network.
The minimal Bitcoin balance ensures users are serious while avoiding significant exposure of funds. This approach leverages the age and stability of Bitcoin wallets rather than large balances, further discouraging trivial spam accounts.
---
#### **Backwards Compatibility**
This NIP is designed to complement existing identity standards such as NIP-05. It does not interfere with current practices and can operate alongside domain-based identity verification, offering an alternative for users who prefer decentralized identity mechanisms.
---
#### **Security Considerations**
- **Private Key Protection**: Users must safeguard their private keys to prevent identity theft. Loss of the private key controlling a Bitcoin address may result in the inability to verify or revoke identity.
- **Spam Mitigation**: While a minimal balance requirement deters spam, setting the right threshold is critical to prevent trivial balances (such as 1 satoshi) from being used to flood the network.
- **Identity Theft**: The proposed mechanism reduces the risk of impersonation but does not eliminate it entirely, as users still need to protect their Bitcoin private keys.
---
#### **References**
- [NIP-05](https://github.com/nostr-protocol/nips/blob/master/05.md): Mapping Nostr Public Keys to DNS-based Identities
- Bitcoin Signed Messages: [BIP-137 Specification](https://github.com/bitcoin/bips/blob/master/bip-0137.mediawiki)
---
#### **Acknowledgments**
Thanks to the Nostr and Bitcoin communities for feedback and technical insights that helped shape this proposal.