Oddbean new post about login | logout It's this thing: https://github.com/nostr-protocol/nips/pull/1079 The instances are white-labeled coracle/triflector deployments that are hardcoded to talk to each other. I'm going to make a video about this soon.
the client surely has to derive a private key from the invite though if i understand the proposal, and this private key needs to be stored by the user for security against loss i think a signed code would be more secure, so it would be verifiably linked to a privileged user on the relay (like giving the relay an identity, this is something i'm working on right now), what's to stop a permutation attack if the string is short enough?