You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After some tests, we found that Amethyst does not support redirections for NIP-05. Our service is deployed at api.numeraire.tech but our addresses are (also) reachable at username@numeraire.tech. We have a permanent (301) redirection in place from api.numeraire.tech to numeraire.tech for the addresses to look nicer.
This works fine in other services but fails on Amethyst. As you can see from BTCPayServer docs, there is even a tutorial explaining how to implement such a redirect, which is very common: here
We would very much like to fix this bug and will do the necessary on our end if you could point us to the reason of the error. Nevertheless, we consider this to be a bug on your end:
The NIP-05 protocol allows for redirects
Looking forward to collaborating on this,
PS: WalletOfSatoshi had a similar bug for LN Addresses that we pointed out and they fixed it.
Hi @vitorpamplona and thanks for pointing out the section in the NIP-05.
I wrongly assumed that NIP-05 was similar to Lightning Addresses and given that most implementations (Alby, Blink, WalletOfSatoshi, Phoenix, Breez, etc.) allow redirections, I assumed NIP-05 as well.
Given that it is part of the specification, I will of course not ask for you to change the implementation and will implement a workaround.
That being said, I argue that it is not true that allowing redirections causes a security concern for NIP-05 and I started a discussion about it here if you're interested: nostr-protocol/nips#1544.
Hopefully the discussion will either clarify the reasons HTTP redirections were prohibited or allow them, especially when pointing to subdomains.
Hi @vitorpamplona,
After some tests, we found that Amethyst does not support redirections for NIP-05. Our service is deployed at
api.numeraire.tech
but our addresses are (also) reachable atusername@numeraire.tech
. We have a permanent (301) redirection in place from api.numeraire.tech to numeraire.tech for the addresses to look nicer.This works fine in other services but fails on Amethyst. As you can see from BTCPayServer docs, there is even a tutorial explaining how to implement such a redirect, which is very common: here
We would very much like to fix this bug and will do the necessary on our end if you could point us to the reason of the error. Nevertheless, we consider this to be a bug on your end:
Looking forward to collaborating on this,
PS: WalletOfSatoshi had a similar bug for LN Addresses that we pointed out and they fixed it.
To Reproduce
Easiest way would be:
yourusername@numeraire.tech
and see it failyourusername@api.numeraire.tech
and see it succeedExpected behaviour
yourusername@numeraire.tech
should be a valid NIP-05 address following the redirectDevice (please complete the following information):
The text was updated successfully, but these errors were encountered: