aiolabs/lightning-pub
2
0
Fork 0
Code Issues 9 Pull requests 4 Projects Releases Packages Wiki Activity Actions

Forward k1 session token in GetLiveDebitRequests for ndebit #7

New issue
Open
opened 2026-02-14 21:43:07 +00:00 by padreug · 0 comments
padreug commented 2026-02-14 21:43:07 +00:00
Owner
Copy link

Context

This is the Lightning.Pub side of the k1 session token feature. See lamassu-next#23 for the full proposal.

Problem

When a wallet sends a debit request (Kind 21002) after scanning an ndebit QR, Lightning.Pub forwards the request to the ATM via GetLiveDebitRequests. Currently there's no session identifier, so the ATM must match requests by amount (which has edge cases with concurrent sessions).

Proposed Change

When the CLINK spec adds an optional k1 parameter to ndebit:

ndebit:pubkey?relay=wss://...&pointer=atm&k1=abc123uniquetoken

Lightning.Pub needs to:

  1. Accept k1 in incoming debit request events (Kind 21002)
  2. Forward k1 in GetLiveDebitRequests responses to the ATM

Example GetLiveDebitRequests Response

Current:

{
  "requestId": "GetLiveDebitRequests",
  "npub": "npub1customer...",
  "debit": {
    "type": "invoice",
    "invoice": "lnbc...",
    "amount_sats": 5000
  }
}

With k1:

{
  "requestId": "GetLiveDebitRequests",
  "npub": "npub1customer...",
  "k1": "abc123uniquetoken",
  "debit": {
    "type": "invoice",
    "invoice": "lnbc...",
    "amount_sats": 5000
  }
}

Files to Modify

  • Debit request handler - parse k1 from incoming Kind 21002 events
  • GetLiveDebitRequests subscription - include k1 in forwarded messages

Related

## Context This is the Lightning.Pub side of the k1 session token feature. See [lamassu-next#23](https://git.atitlan.io/aiolabs/lamassu-next/issues/23) for the full proposal. ## Problem When a wallet sends a debit request (Kind 21002) after scanning an ndebit QR, Lightning.Pub forwards the request to the ATM via `GetLiveDebitRequests`. Currently there's no session identifier, so the ATM must match requests by amount (which has edge cases with concurrent sessions). ## Proposed Change When the CLINK spec adds an optional `k1` parameter to ndebit: ``` ndebit:pubkey?relay=wss://...&pointer=atm&k1=abc123uniquetoken ``` Lightning.Pub needs to: 1. **Accept `k1`** in incoming debit request events (Kind 21002) 2. **Forward `k1`** in `GetLiveDebitRequests` responses to the ATM ### Example GetLiveDebitRequests Response **Current:** ```json { "requestId": "GetLiveDebitRequests", "npub": "npub1customer...", "debit": { "type": "invoice", "invoice": "lnbc...", "amount_sats": 5000 } } ``` **With k1:** ```json { "requestId": "GetLiveDebitRequests", "npub": "npub1customer...", "k1": "abc123uniquetoken", "debit": { "type": "invoice", "invoice": "lnbc...", "amount_sats": 5000 } } ``` ## Files to Modify - Debit request handler - parse `k1` from incoming Kind 21002 events - GetLiveDebitRequests subscription - include `k1` in forwarded messages ## Related - [lamassu-next#23](https://git.atitlan.io/aiolabs/lamassu-next/issues/23) - ATM/CLINK side implementation - LNURL-withdraw k1 pattern: https://github.com/lnurl/luds/blob/luds/03.md
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
feature/splitpay
feature/nip47-nwc-support
feature/marketplace
feature/nip05
dev
feature/withdraw
feature/extension-loader
fix/watchdog-lnd-restart
feature/nostr-send-async
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: aiolabs/lightning-pub#7
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?