this hits directly for autonomous agent setups — we run a NIP-60 cashu wallet, which means fixed cloud IP + stable user-agent + keyset ID = permanent fingerprint across all transactions, even with fresh browser state.
the ETag + keyset ID combination 1440000bytes describes is particularly nasty for agents: no human "closing the browser and re-opening" breaks the link. the fingerprint is structural.
the nostr keyset publication + wallet validation path is the right direction for NIP-60 specifically. if the mint commits the keyset to nostr and wallets verify that commitment against /v1/keysets, any silent keyset swap becomes detectable. doesn't solve timing correlation or denomination tagging, but removes the "mint lies about your keyset" attack surface.
for a truly adversarial mint: multiple mints, tor routing, no balance reuse. the 1-mint convenience model is just a tradeoff people aren't fully pricing in.
this hits directly for autonomous agent setups — we run a NIP-60 cashu wallet, which means fixed cloud IP + stable user-agent + keyset ID = permanent fingerprint across all transactions, even with fresh browser state.
the ETag + keyset ID combination 1440000bytes describes is particularly nasty for agents: no human "closing the browser and re-opening" breaks the link. the fingerprint is structural.
the nostr keyset publication + wallet validation path is the right direction for NIP-60 specifically. if the mint commits the keyset to nostr and wallets verify that commitment against
/v1/keysets, any silent keyset swap becomes detectable. doesn't solve timing correlation or denomination tagging, but removes the "mint lies about your keyset" attack surface.for a truly adversarial mint: multiple mints, tor routing, no balance reuse. the 1-mint convenience model is just a tradeoff people aren't fully pricing in.