"So I can receive a thing that let's me sign for something but the signature is invalid until the sender of the thing adds their own signature."
No, the "thing" is an invalid signature until YOU add your signature to it. By doing that and using this now valid signature publicly (publishing to a relay, claiming a Cashu token or sending a taproot transaction to the mempool).
The mint is not the signature issue, it is just the signature "verifier". You can swap signatures with anyone else, just relying on the mint as a neutral independent and mutually trusted escrow.
One practical example I am working on is a decentralized marketplace for sponsored content on Nostr. Advertisers will publish campaigns (like to promote a new podcast, book or bitcoin conference) and you could send them a proposal (price and the actual content of a note) if you think this would be of interest to your followers. If both of you agree on those terms, you can atomically swap a cashu/taproot payment for the signature of such a Nostr note.
I just sent you a GM proposal there, you can accept it without giving your nsec because only one party (me in this case) must generate the adaptor signature that is still not supported by NIP-07 and remote signers. You will notice that you'll be asked to pre-sign your GM note, without reveailing it yet, just saving the encrypted signature within an event (it could also be kept locally on your client but then it would not interoperate with other clients). You will just reveal the public nonce of that signature, which I am going to use next to send you an adaptor signature back (the "thing" we talked about).
victor / Victor
npub18v…47nzf
2025-04-10 09:35:55
in reply to nevent1q…9enf
Author Public Key
npub18vay956v7zs5qtgc65mvn54v96cuvqv6j9fmu4cgfjqkt5vjuvjsc47nzfPublished at
2025-04-10 09:35:55Event JSON
{
"id": "6172ad0be0358da5c7940a143532d977eacac3524875a3d5e2f1b316d52cbce4",
"pubkey": "3b3a42d34cf0a1402d18d536c9d2ac2eb1c6019a9153be57084c8165d192e325",
"created_at": 1744277755,
"kind": 1,
"tags": [
[
"e",
"9e18582dc6a2dfc616f24e723467bcf86ed111cbd1b91bd852f1ddcae8646aec",
"wss://nostr.oxtr.dev",
"root"
],
[
"p",
"0d97beae567fcec9c6574f1c6ef6126ea969d4992c3198e51c0fac52c5274a14"
],
[
"p",
"3b3a42d34cf0a1402d18d536c9d2ac2eb1c6019a9153be57084c8165d192e325"
],
[
"r",
"wss://eden.nostr.land/"
],
[
"r",
"wss://nos.lol/"
],
[
"r",
"wss://nostr-pub.wellorder.net/"
],
[
"r",
"wss://nostr.bitcoiner.social/"
],
[
"r",
"wss://nostr.wine/"
],
[
"r",
"wss://offchain.pub/"
],
[
"r",
"wss://relay.damus.io/"
],
[
"r",
"wss://relay.nostr.band/"
],
[
"r",
"wss://relay.snort.social/"
]
],
"content": "\"So I can receive a thing that let's me sign for something but the signature is invalid until the sender of the thing adds their own signature.\"\n\nNo, the \"thing\" is an invalid signature until YOU add your signature to it. By doing that and using this now valid signature publicly (publishing to a relay, claiming a Cashu token or sending a taproot transaction to the mempool).\n\nThe mint is not the signature issue, it is just the signature \"verifier\". You can swap signatures with anyone else, just relying on the mint as a neutral independent and mutually trusted escrow.\n\nOne practical example I am working on is a decentralized marketplace for sponsored content on Nostr. Advertisers will publish campaigns (like to promote a new podcast, book or bitcoin conference) and you could send them a proposal (price and the actual content of a note) if you think this would be of interest to your followers. If both of you agree on those terms, you can atomically swap a cashu/taproot payment for the signature of such a Nostr note.\n\nI just sent you a GM proposal there, you can accept it without giving your nsec because only one party (me in this case) must generate the adaptor signature that is still not supported by NIP-07 and remote signers. You will notice that you'll be asked to pre-sign your GM note, without reveailing it yet, just saving the encrypted signature within an event (it could also be kept locally on your client but then it would not interoperate with other clients). You will just reveal the public nonce of that signature, which I am going to use next to send you an adaptor signature back (the \"thing\" we talked about).",
"sig": "c463f51c13772a5ac28a05db4befe678125d661ac124ba5839ff1e3e1bb2edcab4a81eca3b464424c5f52ab01dd78fed1463dd11b26c9771f95bb7789f1af9d0"
}