Re: Lightning Service Authentication Tokens (LSATs) from Anthony Ronning on 2020-02-20 (public-credentials@w3.org from February 2020)

From: Anthony Ronning <anthonyronning@gmail.com>
Date: Thu, 20 Feb 2020 17:44:06 -0600
To: "Buck O Perley" <buck.perley@protonmail.com>
Cc: public-credentials@w3.org
Message-ID: <73C1AF5A-D45F-4D33-B7AA-39DA0BBCDA17@gmail.com>

Hey Buck,

+1 on this, really excited to see you share it here. The sort of 
“pay-per-permission” model this enables is really interesting to me. 
For another example of LSAT in the wild, my implementation here: 
https://www.satreon.net

Would love to see and help contribute to any w3c standardization efforts 
/ documentations related to it. As 402 hasn’t been implemented much to 
date, there’s a real opportunity for it here.

Further, I am curious how those in the Verifiable Credentials scene 
think of macaroons and how LSAT fits into it. I can see how a mapping 
over to VC’s could work and be verified by more than just the macaroon 
signer - that’s one of the shortcomings I see with macaroons, without 
diving into 3rd party caveats which is something I do need to look into 
more. I have seen a lightning based DID method at a hackathon before 
which could help here but even then, any DID / signing method could work 
as long as they are signing the preimage hash.

Looking forward to next Tuesday!

Anthony Ronning

On 20 Feb 2020, at 14:28, Buck O Perley wrote:

> Hello CCG Mailing List,
>
> As a quick introduction, I was introduced to the list via Christopher 
> Allen who I've been chatting with recently regarding work around 
> authentication with Lightning (Bitcoin's Layer 2 payment network) 
> payments, macaroons, and the 402 HTTP status code. Specifically, with 
> the support of Tierion, I've been implementing a JS version of the 
> Lightning Service Authentication Token (LSAT) proposal shared by 
> Lightning Labs last Fall. Christopher thought this would be of 
> interest to the work you all are doing and invited me to share some of 
> this work in a call next week. 
>
> To provide some context before then, here are some relevant links:
>
> Blog 
> Post: https://medium.com/tierion/lsats-pseudonymous-authentication-using-bitcoin-lightning-payments-459e209b4b36
>
> Slides: These will be updated before next week's call, including with 
> some more information on some of the mechanics of how Lightning 
> payments work for those that aren't familiar, but it should be enough 
> to help get 
> started! https://docs.google.com/presentation/d/1YE5UJk05Q9I2k7hhlM6oSVARGIajPF5u50r1LNCe-x4/edit?usp=sharing
>
> Boltwall: (Nodejs server middleware for using LSAT auth) 
> https://github.com/Tierion/boltwall
>
> LSAT-JS: JavaScript implementation of the LSAT proposal from lightning 
> labs. Includes helper functions and utilities for interacting with 
> LSATs https://github.com/Tierion/lsat-js
>
> LSAT Playground: UI Playground for interacting with, testing, parsing, 
> and creating LSATs: https://lsat-playground.bucko.now.sh/
>
> - Buck
>
> Sent with ProtonMail Secure Email.

Received on Thursday, 20 February 2020 23:45:10 UTC