Skip to content

NUT-09: Restore signatures

optional

used in: NUT-13


In this document, we describe how wallets can recover blind signatures, and with that their corresponding Proofs, by requesting from the mint to reissue the blind signatures. This can be used for a backup recovery of a lost wallet (see NUT-13) or for recovering the response of an interrupted swap request (see NUT-03).

Mints must store the BlindedMessage and the corresponding BlindSignature in their database every time they issue a BlindSignature. Wallets provide the BlindedMessage for which they request the BlindSignature. Mints only respond with a BlindSignature, if they have previously signed the BlindedMessage. Each returned BlindSignature also contains the amount and the keyset id (see NUT-00) which is all the necessary information for a wallet to recover a Proof.

Request of Alice:

POST https://mint.host:3338/v1/restore

With the data being of the form PostRestoreRequest:

{
  "outputs": <Array[BlindedMessages]>
}

Response of Bob:

The mint Bob then responds with a PostRestoreResponse.

{
  "outputs": <Array[BlindedMessages]>,
  "signatures": <Array[BlindSignature]>
}

The returned arrays outputs and signatures are of the same length and for every entry outputs[i], there is a corresponding entry signatures[i].

Mint info setting

The [NUT-06][06] MintMethodSetting indicates support for this feature:

{
  "9": {
    "supported": true
  }
}