I’ve finally decided to get my hands dirty and look into Nostr.
I learned something interesting that I thought might be useful to others.
A domain can be used to validate user accounts. This is done in practice by creating a file called “nostr.json”, populating it with a list of usernames and their public keys (in hex format), and making it reachable at https://{domain}/.well-known/nostr.json
For more detailed instructions, see: https://nostr.how/en/guides/get-verified
The syntax of the nostr.json file is:
{
"names": {
"YOUR_NOSTR_NAME1": "YOUR_NOSTR_PUBLIC_KEY_HEX1",
"YOUR_NOSTR_NAME2": "YOUR_NOSTR_PUBLIC_KEY_HEX2"
}
}
This file can be presented via nginx with a block such as this one:
location = /.well-known/nostr.json {
alias /path/to/nostr.json;
add_header Access-Control-Allow-Origin *;
}
Here is the list of mander.xyz: https://mander.xyz/.well-known/nostr.json
And here is an example of a large list: https://nostr-check.com/.well-known/nostr.json
Once a user is added to this file, they need to go to their settings and add their Nostr address. If using iris.to as the client, it looks like this:
In Iris, I had the best results when I writethe address and then did not click anything else for like a minute.
After verification, your profile gets labeled with the verified username:
This is not permanent. The Nostr address can be easily removed or changed to a different one.
I can think of two benefits of “verifying”. One is that it is easier to share your username. For example, if one uses iris.to as a client, they can find me at: iris.to/Sal@mander.xyz, or search for Sal@mander.xyz. This is a lot better than using the public key or trying to search only with the username that can be duplicated.
The other benefit is that the nostr.json file can serve as a directory to link members in other communities in Nostr. Theoretically, if members of mander.xyz were to join the nostr.json file, then they would also be able to easily find each other in the site. That’s a good feature now since Nostr is not very populated.
If any user from Mander would like me to add them to the “verified” list, just send me a message with your public key and I will add you!
Oh, what’s the normal way of doing this?
I’m not formally educated in web development or computer science, so everything I do is kind of a hack. It’s funny that you say this, because now I think I might have done something strange here 😅 😂
Actually, the nginx block with the direct location using an alias was provided by ChatGPT. I didn’t know how to route directly to that location since the /.well-known/ location is already linked above and it points to the Lemmy docker container.
It’s probably just as easy to implement it in a programming language than nginx configs. I just never even thought to do it in nginx. That’s a good way to do it! Especially since you already have your certs set up there
Interesting, thanks for letting me know. I don’t know to do this in a programming language, but it’s good to be aware that this is a possibility.