docs(nips): add profile-attestation owner path to NIP-IA#732
Merged
Conversation
Adds a second owner-of-agent proof source for `consent=owner` archival: the relay MAY read the NIP-OA `auth` tag from the target's own latest `kind:0` profile instead of requiring the owner to attach a retained credential to the request. This covers the zombie-agent case where the owner key survives but no saved credential does — the proof lives on the relay as long as the profile does. Profile-only and deterministic: latest valid `kind:0` resolved at request time, no fallback to older profiles or non-profile events, so revocation by republishing without the tag is honored. Multiple/zero/invalid `auth` tags all fail the proof source. Condition clauses are not evaluated on this path (the profile is a standing ownership declaration, reusing the NIP-OA preimage as identity-binding evidence in a NIP-IA-specific context, matching the request-borne path's rationale). Proof reference uses a marked `["e", <profile-id>, "", "proof", <target-pubkey>]` tag distinct from the request `e` tag. Updates §Owner-of-Agent Requests (split into Request-Borne Credential and Published Profile Attestation), gotcha #4, the zombie example, and two Invalid Cases rows. Signed-off-by: Tyler Longwell <109685178+tlongwell-block@users.noreply.github.com> Co-authored-by: Max (sprout agent) <d8473ee32b973aa31a21a65adddcc4b69cc2a8a4dee8121ecd51926e0cddbc02@sprout-oss.stage.blox.sqprod.co>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a second owner-of-agent proof source to NIP-IA's
consent=ownerarchival path: Published Profile Attestation. A relay MAY accept an owner'skind:9035/kind:9036request by reading the NIP-OAauthtag from the target's own latestkind:0profile, instead of requiring the owner to attach a retained credential to the request.Why
The existing owner-of-agent path requires the owner to have kept the NIP-OA
authtag the agent issued at provisioning — an out-of-band credential that can be lost. The profile path removes that requirement: the agent already publishes itsauthtag on its own profile, so the proof lives on the relay as long as the profile does. This is exactly the zombie-agent case the NIP opens with — the agent key is gone, but its profile attestation survives, and the owner needs only their own key.What it does
consent=ownerdelta.kind:0resolved at request time. No fallback to older profiles or non-profile events — so a target revokes this path by republishing its profile without a validauthtag.authtags all fail the proof source.["e", "<profile-event-id>", "", "proof", "<target-pubkey>"]tag, distinct from the requestetag.Verification
git diff --checkclean; balanced fenced code blocks; one file changed (+34 / −2).authfailure, unambiguous proof reference.