NUT-XX: Token possession proof #360

Open

joemphilips wants to merge 1 commit from joemphilips/nut-token-possession into main

joemphilips commented

2026-04-06 09:01:24 +00:00

(Migrated from github.com)

Context: When I was updating the spec for Conditional Token Framework (https://github.com/cashubtc/nuts/pull/337/),
I noticed that I want to grant access to some Mint endpoints only to the user who holds the token.
22.md was not good enough because it was only proof-of-authentication, what I wanted was proof of possession.
24.md was also not good because it requires a payment from the user.

To give more details, I want to introduce a new kind of token in https://github.com/cashubtc/nuts/pull/337/, so to speak, "Market Owner token".
Market owner will receive this token when they register a condition for the CTF.
A mint can take an additional swap fee for each conditional token transaction, and then later, the Market Owner Token holders can redeem the fee collected in exchange for that market owner token. This incentivizes users to create a more popular market.
If the market is a company, then this token is like a stock.
I want to have an endpoint that only the market owner can access. e.g. "total fee accumulated for this market". This spec is the prerequisite

Define a mechanism for mints to restrict endpoint access based on possession of tokens from a specific keyset with a minimum token count requirement. Generalizes NUT-22 from identity-based auth to possession-based authorization without spending proofs. Context: When I was updating the spec for Conditional Token Framework (https://github.com/cashubtc/nuts/pull/337/), I noticed that I want to grant access to some Mint endpoints only to the user who holds the token. 22.md was not good enough because it was only proof-of-authentication, what I wanted was proof of possession. 24.md was also not good because it requires a payment from the user. To give more details, I want to introduce a new kind of token in https://github.com/cashubtc/nuts/pull/337/, so to speak, "Market Owner token". Market owner will receive this token when they register a `condition` for the CTF. A mint can take an additional swap fee for each conditional token transaction, and then later, the Market Owner Token holders can redeem the fee collected in exchange for that market owner token. This incentivizes users to create a more popular market. If the market is a company, then this token is like a stock. I want to have an endpoint that only the market owner can access. e.g. "total fee accumulated for this market". This spec is the prerequisite

This pull request has changes conflicting with the target branch.

error_codes.md

View command line instructions

Manual merge helper

Use this merge commit message when completing the merge manually.

Merge commit title

Merge pull request 'NUT-XX: Token possession proof' (#360) from joemphilips/nut-token-possession into main

Merge commit body

Reviewed-on: https://git.cashu.dev/forgejo-admin/nuts/pulls/360

Merge pull request 'NUT-XX: Token possession proof' (#360) from joemphilips/nut-token-possession into main

Reviewed-on: https://git.cashu.dev/forgejo-admin/nuts/pulls/360

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin joemphilips/nut-token-possession:joemphilips/nut-token-possession

git switch joemphilips/nut-token-possession

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch main

git merge --no-ff joemphilips/nut-token-possession

git switch joemphilips/nut-token-possession

git rebase main

git switch main

git merge --ff-only joemphilips/nut-token-possession

git switch joemphilips/nut-token-possession

git rebase main

git switch main

git merge --no-ff joemphilips/nut-token-possession

git switch main

git merge --squash joemphilips/nut-token-possession