Legacy Identity Providers (LIDP)
A Legacy Identity Provider (LIDP) is any traditional identity or telecommunications service that a Zap Settlement Provider (ZSP) queries to verify user identity during the Claim Flow.
As an open protocol, Zapf allows developers to integrate new Legacy Identity Providers dynamically. By binding these LIDP accounts to Nostr public keys, anyone with a Discord, X, or Email account can receive Lightning payments—even if they've never interacted with Nostr or Lightning before.
Supported LIDPs
Example supported LIDPs:
| LIDP | Identifier Format | Verification Method |
|---|---|---|
| Discord | discord_id (Snowflake) | OAuth 2.0 |
| X | @handle | OAuth 1.0a/2.0 |
| Meta | instagram_id / facebook_id | OAuth 2.0 |
| TikTok | @username | OAuth 2.0 |
u/username | OAuth 2.0 | |
user@gmail.com | OpenID Connect (OIDC) | |
user@example.com | One-Time Password (OTP) | |
| Phone | +1234567890 | RCS One-Time Password (OTP) |
The Privacy Model
Every connection is identified by a hashed key — the raw identifier (like your email or username) is never published to the network.
The user controls the visibility of their profile metadata (Name, Avatar, Bio) through their Identity Connection event:
| Mode | What's Visible | Use Case |
|---|---|---|
| Public | Profile metadata is readable by anyone. | Social discovery — ideal for public handles like Discord or X. |
| Private | Profile is fully encrypted, only readable by the user. | Privacy-sensitive identifiers like Email or Phone. |
| Empty | Nothing exposed. | Same as Private, without encrypted backup. |
Verification Models
LIDPs generally fall into three distinct verification flows:
1. OAuth Identity Providers (Discord, X, Meta, TikTok, Reddit): The ZSP redirects the user to the provider, receives an access token, and queries the user's profile to permit generation of their identity connection.
2. OpenID Connect (Google, Apple): Built on top of OAuth 2.0, OIDC provides a dedicated identity layer. The provider issues a cryptographically signed token identifying the user, which serves directly as evidence for the ZSP.
3. OTP Providers (Email, Phone via RCS): The ZSP sends a one-time code directly to the user's inbox or device to verify their session before proceeding to the Claim phase.