SIGIL - Secure Interoperable Generic JSON Layer #65
Labels
No labels
bug
documentation
duplicate
enhancement
good first issue
help wanted
invalid
question
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
mosaic/nostr-next#65
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
SIGIL defines a deterministic envelope that lets any JSON object be hashed and authenticated with a Nostr key‑pair using RFC 8785 canonicalisation and BIP‑340 Schnorr signatures. The envelope keeps the familiar id and pubkey/sig fields while removing the 6‑item Nostr signing tuple, making the format suitable for off‑relay storage, cross‑protocol bridges and application‑specific events.
https://nostrhub.io/naddr1qvzqqqrcvypzphn7e50zja4x4ke0lf05mwq60kqjezakdx92qrw0rem2md27l4j9qqzhx6t8d9kqkdhr00
NIP-XX: SIGIL – Secure Interoperable Generic JSON Layer
1 Abstract
SIGIL defines a deterministic envelope that lets any JSON object be hashed and authenticated with a Nostr key‑pair using RFC 8785 canonicalisation and BIP‑340 Schnorr signatures. The envelope keeps the familiar
idandpubkey/sigfields while removing the 6‑item Nostr signing tuple, making the format suitable for off‑relay storage, cross‑protocol bridges and application‑specific events.2 Motivation
[0, pubkey, created_at, kind, tags, content]tuple.3 Terminology
sigfield empty.4 Envelope Format
Additional application keys are allowed but MUST NOT begin with
sig,pubkeyorid.5 Signing Procedure
sigandid.sig:""(empty string) temporarily.id = sha256(canonical_bytes).id,pubkey,sigback into the Event.6 Verification
To verify a candidate Event:
sigfield to the empty string.idfield.sig) over the canonical bytes withpubkey.7 Reference Implementation (Node 18+)
8 Rationale
9 Compatibility
Existing relays that ignore unknown keys can forward SIGIL events unchanged. Clients that understand SIGIL can validate and display them; others can treat
contentas opaque text.10 Security Considerations
11 Test Vectors
TBD (include BIP‑340 test vectors serialised as SIGIL).
12 References
End of specification.
I like the premise here. We need to broaden things within the context of sovereign identity keypairs. Require only the minimum: pubkey, id, signature.
I noticed a few minor mistakes related to whether to clear or remove the id field and when under sections 5 and 6.
I would call it SIGJL (looks nordic, the J forces pronounciation as Sih-Jill rather than Sih-Gill, the J being JSON).
I personally don't like JSON as a data format, but I can't push back the ocean.