Verification Model
When a client application (like a wallet or a social frontend) encounters a Zapf Identity Connection (Kind 35521), it needs to verify that the connection is legitimate before displaying a "Verified" badge or enabling payments.
Zapf implements a two-tier verification model designed to balance speed (for rendering long lists of users) and security (for executing financial transactions).
Tier 1: The Quick Check (Offline)
The Quick Check runs entirely client-side without making any new network requests. It relies on the cryptographic proofs embedded directly within the user's Kind 35521 event.
Inside the user's event is an "s" tag containing the raw JSON of the Identity Authority's attestation (Kind 35522).
Steps:
- Parse the JSON from the
"s"tag. - Verify the Schnorr signature of that JSON using standard
nostr-tools. - Verify that the
ptag inside the attestation matches the user's public key. - Check the
expirationtag (NIP-40). If the timestamp is in the past, the attestation is stale.
Outcome: If the signature is valid and the event hasn't expired, the client assumes the connection is valid for display purposes. This takes fractions of a millisecond.
Tier 2: The Deep Check (Online)
The Deep Check is used immediately before executing a payment. Even if an attestation is mathematically valid (Quick Check passes), it may have been revoked by the Identity Authority prior to its expiration date (e.g., if a Discord account was hacked and linked to a new Nostr key).
Steps:
- Extract the Identity Authority's relay hint from the 4th index of the
"s"tag. - Connect to that specific relay and attempt to fetch the exact Kind 35522 event ID.
- If the event is returned, the identity is definitively active.
- If the event is not found (or a Kind 5 deletion event is found), the IA has revoked the attestation.
Verification States
Clients should map these outcomes to clear UI indicators:
| State | Quick Check Output | Deep Check Output | Recommended UI |
|---|---|---|---|
| Verified | Signature Valid + Not Expired | Event Found on IA Relay | ✅ Green Checkmark |
| Expired | Expiration timestamp passed | N/A (Skipped) | ⏰ Orange Warning ("Re-verify needed") |
| Revoked | Signature Valid | Event NOT Found on Relay | ⚠️ Red Warning |
| Unchecked | Signature Valid | Deep check not yet run | ⏳ Gray/Neutral Badge |