- From: Tim Bouma <trbouma@gmail.com>
- Date: Tue, 12 Aug 2025 08:24:07 -0400
- To: Melvin Carvalho <melvincarvalho@gmail.com>
- Cc: Adrian Gropper <agropper@healthurl.com>, W3C Credentials Community Group <public-credentials@w3.org>
- Message-ID: <CAPzZSkjoYL6YCnVO74vqxJxrr=vfOBKjDHxLb_6hrbcGWjztWw@mail.gmail.com>
It’s what I learned from implementing Nostr Wallet Connect that prompted me to write this post. I’ve been expanding the protocol to offer and share records, which prompted me to review the family of protocols from OAuth2.0. I realized what was a great tradeoff decision in 2012, delegating security to the TLS pipes, no longer holds. Too many seams and external dependencies. I also concluded that there was no longer a need to have separate entities for Client, Authorization Server, and Relying Party because you could reduce the flow down to two equally capable counterpartied. All said, OAuth is still fine for the current generation of solutions, but now I am looking past this horizon where every party in an interaction needs to be cryptographically assured from end to end. OAuth goes part way, and there are some great enhancements, but no longer enough. As for payments, that was the starting point of my project. I am now expanding into sharing of records with Nostr Wallet Connect. https://open.substack.com/pub/trbouma/p/why-i-can-no-longer-support-oauth <https://open.substack.com/pub/trbouma/p/why-i-can-no-longer-support-oauth?r=3r59&utm_medium=ios> On Tue, Aug 12, 2025 at 2:34 AM Melvin Carvalho <melvincarvalho@gmail.com> wrote: > > > út 12. 8. 2025 v 3:00 odesílatel Adrian Gropper <agropper@healthurl.com> > napsal: > >> I'm so tired of Venmo. >> > > Might be closer than you think. > > Now that we have did:nostr and BIP340 VCs it should be fairly > straightforward to do payments. Here is an example use case: > > https://bitcoinmagazine.com/technical/nostr-wallet-connect-bitcoin-usb > > >> >> - Adrian >> >
Received on Tuesday, 12 August 2025 12:24:23 UTC