web/boltcard
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions
boltcard/docs/SPEC.md
Peter Rounce f2f0b51cfd
Update SPEC.md
2022-08-01 12:25:55 +01:00

1.5 KiB
Raw Blame History

Bolt card specification

The bolt card system is built on the open standards listed below.

Bolt card and POS interaction

the point-of-sale (POS) will read an NDEF message from the card, for example

lnurlw://card.yourdomain.com?p=A2EF40F6D46F1BB36E6EBF0114D4A464&c=F509EEA788E37E32

the POS will then call your bolt card service here

https://card.yourdomain.com?p=A2EF40F6D46F1BB36E6EBF0114D4A464&c=F509EEA788E37E32

your bolt card service should verify the payment request as below and continue the LNURLw protocol

Server side verification

  • for the p value and the SDM Meta Read Access Key value, decrypt the UID and counter with AES

  • for the c value and the SDM File Read Access Key value, check with AES-CMAC

  • the authenticated UID and counter is used on the bolt card service to verify that the request is valid

  • the bolt card service must only accept an increasing counter value

  • additional validation rules can be added at the bolt card service, for example

    • card enable flag
    • card payment limit per transaction
    • card payment limit per day
    • allowed merchant list
    • verification of your location from your phone

  • the bolt card service can then make payment from a connected lightning node

See the bolt card system