[HN Gopher] LSAT: Lightning Service Authentication Token
___________________________________________________________________
LSAT: Lightning Service Authentication Token
Author : thinkmassive
Score : 47 points
Date : 2021-09-08 16:50 UTC (6 hours ago)
(HTM) web link (lsat.tech)
(TXT) w3m dump (lsat.tech)
| roasbeef wrote:
| Hi y'all, roasbeef here, the co-creator of the LSAT protocol!
|
| Was really thrilled to see this link organically get so far up on
| HN. Since we initially released the linked website and
| corresponding blog post [1] a year ago, we've continued to
| develop Aperture [2], a pure-Go reverse proxy that natively
| speaks the LSAT protocol. We use Aperture in front of all our
| Lightning/Bitcoin related services, with the LSAT credential
| itself serving as richly featured API tokens.
|
| We have a lot of cool stuff planned to bridge the gap here
| between the server-side/protocol and the web itself, in the form
| of a new "Lightning Browser Kernel" that'll abstract away a lot
| of the underlying flow, to make logging in or beginning to stream
| payments for a computational API as easy as clicking a button.
| Excited to be able to share more in this direction towards the
| end of the year.
|
| On the web application side, since then developers like Buck have
| also started to release wrappers around _existing_ web
| application frameworks to allow developers to add Lightning-based
| monetization/metering/authentication directly into their web apps
| [3]. If you want to see the web app wrapper live, then check out
| this LSAT playground that lets you interactively
| produce/verify/satisfy an LSAT right from your browser [4].
|
| Happy to field any questions related to LSAT our our vision of
| the Lightning Native web!
|
| [1]: https://lightning.engineering/posts/2020-03-30-lsat/
|
| [2]: https://github.com/lightninglabs/aperture
|
| [3]: https://github.com/tierion/now-boltwall
|
| [4]: https://lsat-playground.bucko.vercel.app/
| jlrubin wrote:
| I've heard around the net that bitcoin can't really scale in
| terms of raw # of users -- even with LN, it's pretty capped
| (same number of users, but more txps).
|
| If I want to build a web-scale startup how could I rely on
| something like LSATs to accomodate hockey stick growth?
| roasbeef wrote:
| I wouldn't necessarily agree that Bitcoin can't scale the
| number of raw users with something like LN. In fact, LN
| allows Bitcoin to reach a _wider array_ of users that may be
| priced out of doing routine transactions on the base chain.
| Excited to continue to see how the situation in El Salvador
| develops, as we now have our patient zero in the form of an
| entire country!
|
| It is the case however that either scaling ceiling or costs
| prevent everyone from possibly _creating_ a root UTXO
| eventually. In this direction I'm excited about concepts like
| multi-party channels that allow users to conjointly share a
| UTXO and perform off-chain transactions using it. Another
| very powerful upgrade on the horizon for Bitcoin are the
| various flavors of covenants like BIP-119, that'll allow us
| to do things like open 100k Lightning channels in a single on
| chain transaction, in an irrevocable manner.
|
| LSATs are interesting for start ups, as they allow for a lot
| of new experimentation w.r.t business models and pricing.
| Most say SaaS start ups typically allow for a free trial,
| then force users directly onto a subscription payment.
| Combined with the open nature of Bitcoin (anyone around the
| world can use it), LSATs and LN allows developers and
| entrepreneurs to potentially capture some of the user base
| that drops off after the free trial by advertising an in-
| between tier: stream the payment as you go.
|
| Services like bitclouds.sh capture this spirit, as you just
| need to top off your account (zero log in, zero sign up, just
| sats) and you gain access to a VPS you can access. Sure you
| don't want to do anything very sensitivity in a instance like
| this, but it's perfect for running CI tests, building
| containers, etc.
|
| The natural progression of LSAT powered bitclouds.sh-like
| services is a sort of programmatically driven distributed
| Function-as-a-Service network, wherein agents of the network
| are able to programmatically gain access to various
| computational resource or services all without being locked
| into any particular platform or having to be worried that a
| data leak will expose all their private information. So stuff
| like robots renting VPS space (payments streamed by the
| minute over LN) to be able to transcode some captured video
| to submit to a mechanical turk-like job listing.
|
| [1]: https://www.bitclouds.sh/
|
| [2]: https://github.com/bitcoin/bips/blob/master/bip-0119.med
| iawi...
| buck-o wrote:
| One nice thing about lsats is that you can have access to
| some network-based endpoint gated by payments but that
| authorization kind of carries its state around with it (to an
| extent). So you can do micro-payments as opposed to... nano-
| payments where one small payment can be re-used to access
| gated content and the lsat itself can be shared, delegated,
| even potentially sold and re-sold. On its own this probably
| doesn't take care of the number of users that can onboard
| onto lightning (I heard on the net that something like the
| Check template verify opcode, OP_CTV, can help even more on
| that end), but it does expand the scale of what could be done
| with a single channel which itself expands on what can be
| done with a single UTXO.
| thinkmassive wrote:
| Awesome to see you drop in here! Great summary and related
| links.
|
| For anyone interested in the Lightning Network in general, I'll
| mention one more great resource:
|
| Builder's Guide to the LND Galaxy
| https://docs.lightning.engineering/
| Rafeeki9 wrote:
| From the blog post link [1]: "This is rather powerful as it
| enables a strong decoupling of authentication and payment logic
| from application logic."
|
| So an application could leverage the LSAT protocol for both
| auth and payments instead of Oauth and Apple Pay?
| roasbeef wrote:
| Exactly! Within the protocol, an atomic exchange happens
| where the user satisfies a payment over Lightning, and they
| receive the second half to "complete" their authentication
| token.
|
| If this token is say 10 sats, then maybe it's just basic spam
| prevention for you to make an account on some online form. If
| it's say 100k sats, then maybe the LSAT itself also functions
| as a sort of licensing key or guards a download of some other
| artifact/file.
|
| From the PoV of the application logic, all this happens
| "before" the main request even reaches the handler. If you're
| familiar with Python, it's as if you had a decorator on a
| handler that handled the auth+payment and only passed on
| valid requests once everything has been satisfied. Going even
| further, applications can start to utilize the power of
| macaroons to create LSATs that: expire after 24 hrs, or allow
| you to take your credential and make it read-only to give to
| your friend.
___________________________________________________________________
(page generated 2021-09-08 23:01 UTC)