1.9 KiB
NUT-1 - Mint public key exchange
This describes the basic exchange of the public mint keys that the wallet user Alice uses to unblind Bob's signature.
Description
Wallet user Alice receives public keys from mint Bob via GET /keys and stores them in a key-value store like a dictionary. The set of all public keys for each supported amount is called a keyset.
Mint Bob responds with his active keyset [02]. The active keyset is the keyset a mint currently uses to sign promises with. The active keyset can change over time, for example due to key rotation. A mint MAY support older keysets indefinetely. Note that a mint can support multiple keysets at the same time but will only respond with the active keyset on the endpoint GET /keys. A wallet can ask for the keys of a specific (non-active) keyset by using the endpint GET /keys/{keyset_id} (see #2 [TODO: Link #2]).
See [TODO: Link #2] for how a wallet deals with multiple keysets.
Keysets are received as a JSON of the form {<amount_1> : <mint_pubkey_1>, <amount_2> : ...} for each <amount_i> of the amounts the mint Bob supports and the corresponding public key <mint_pubkey_1>, that is K_i (see #0 [TODO: Link #0]).
Example
Request of Alice:
GET https://mint.host:3338/keys
With curl:
curl -X GET https://mint.host:3338/keys
Response of Bob:
{
"1": "03a40f20667ed53513075dc51e715ff2046cad64eb68960632269ba7f0210e38bc",
"2": "03fd4ce5a16b65576145949e6f99f445f8249fee17c606b688b504a849cdc452de",
"4": "02648eccfa4c026960966276fa5a4cae46ce0fd432211a4f449bf84f13aa5f8303",
"8": "02fdfd6796bfeac490cbee12f778f867f0a2c68f6508d17c649759ea0dc3547528",
...
}