Small JSON API with POST, GET, PUT and DELETE operations, that allows to programmatically claim, update and delete a (federated) Lightning Address on a satdress
server. Down below are some example requests done with curl
.
Claiming a username:
curl --request POST \
--url https://satdress.com/api/v1/claim \
--data '{
"name": "satoshi",
"kind": "lnd",
"host": "https://lnd.satdress.com:8080",
"key": "invoicemacaroonkgCumHVZaeOCS+R",
"pak": "",
"waki": "",
"pin": "",
"minSendable": "1000",
"maxSendable": "100000000"
}'
Response:
{
"ok": true,
"message": "claimed [email protected]",
"data": {
"name": "satoshi",
"pin": "49203e7b92a805daf7da74b1a39c0a7b02627c2cce523f4d26742c3539433238",
"invoice": "lnbc10n1........"
}
}
Authenticated request on an existing user:
curl --request GET \
--url https://satdress.com/api/v1/users/satoshi \
--header 'X-Pin: 49203e7b92a805daf7da74b1a39c0a7b02627c2cce523f4d26742c3539433238'
Response:
{
"ok": true,
"message": "[email protected] found",
"data": {
"name": "satoshi",
"kind": "lnd",
"host": "https://lnd.satdress.com:8080",
"key": "invoicemacaroonkgCumHVZaeOCS+R",
"pak": "",
"waki": "",
"pin": "49203e7b92a805daf7da74b1a39c0a7b02627c2cce523f4d26742c3539433238'",
"minSendable": "1000",
"maxSendable": "100000000"
}
}
The /api/v1/claim
endpoint does not need any authentication (pin) but a /api/v1/users/{name}
request has to be authenticated through a custom header (X-Pin
). Would probably be cool to use JWTs here instead and put those in the Authentication
header but I didn't want to change too much of the existing code base.
This is my first try at writing a JSON API so I'm not sure about if I chose the correct data formats, if the authentication method I used is secure or if there are some other fatal flaws. For that reason I don't expect this to get merged but I would greatly appreciate any kind of feedback (positive or negative).
What I find interesting about federated Lightning Address servers is that now anyone with a cool domain name could sell/rent out addresses. An API could make it easier to seamlessly integrate that feature into other wallets.