https://lsat.tech/

 
[spaces]
LSAT
 
[spaces]
LSAT
[                    ]
LSAT: Lightning Service Authentication Token
Introduction
Authentication Flow
Protocol Specification
Macaroon Minting & Verification
 
Powered by GitBook

LSAT: Lightning Service Authentication Token

In this document, we outline the design for a Lightning Service
Authentication Token (LSAT) for future services created by Lightning
Labs. This specification is open source, with contributions accepted
at our LSAT specification repository. LSATs are a new standard
protocol for authentication and paid APIs developed by Lightning
Labs. LSATs can serve both as authentication, as well as a payment
mechanism (one can view it as a ticket) for paid APIs. In order to
obtain a token, we require the user to pay us over Lightning in order
to obtain a pre-image, which itself is a cryptographic component of
the final LSAT token.

The implementation of the authentication token is chosen to be
macaroons, as they allow us to package attributes and capabilities
along with the token. This system allows us to automate pricing on
the fly and allows for a number of novel constructs such as automated
tier upgrades. In another light, this can be viewed as a global HTTP
402 reverse proxy at the load balancing level for all our services.

  *  Introduction 

  *  Authentication flow 

  *  Protocol Specification 

  *  Macaroon Minting & Verification 

Implementations 

  *  Aperture: A gRPC/HTTP authentication reverse proxy using LSATs 

  *  lsat-js: A utility library for working with LSATs 

  *  boltwall: Nodejs middleware-based authentication using LSATs 

External links / References 

  *  LSAT: Your Ticket Aboard the Internet's Money Rails 

    slides to Olaoluwa Osuntokun's (@roasbeef) presentation at The
    Lightning Conference 2019 in Berlin.

  *  LSAT Playground 

  *  Macaroons: Cookies with Contextual Caveats 

    the 2014 paper published on Google Scholar.

  *  HTTP/1.1 RFC, Section 6.5.2: 402 Payment Required 

  *  Proposal for OAuth style delegated authentication using LSATs 

 
Next
Introduction
[998190]
Last updated 1 year ago
Contents
 
Implementations
 
External links / References