Identity Providers

Zapf allows users to bind their existing Web2 identities to a Nostr keypair, enabling anyone to send them zaps using familiar identifiers like email addresses or social handles.

Supported Providers

Zapf currently supports the following identity providers:

Google (Email)

  • Identifier: email
  • Verification: Standard OAuth 2.0 flow.
  • Privacy: Emails are hashed using SHA-256 before being stored on-chain to preserve user privacy, unless the user opts-in to public visibility.

Discord

  • Identifier: discord_id
  • Verification: Discord OAuth 2.0.
  • Privacy: Discord IDs are public by default as they are not PII.

X (Twitter)

  • Identifier: twitter_handle
  • Verification: X OAuth 1.0a/2.0.
  • Privacy: Public.

Phone (SMS)

  • Identifier: phone_number
  • Verification: SMS OTP verification via Twilio/Vonage.
  • Privacy: Phone numbers are strictly hashed.

How It Works

  1. Initiation: The user selects a provider and authenticates.
  2. Attestation: The Zapf Identity Oracle issues a signed attestation (NIP-05 or similar proof) linking the provider’s unique ID to the user’s generated Nostr public key.
  3. Discovery: Senders query the Zapf directory or relays using the identifier (e.g., loki@gmail.com) to resolve the recipient’s Nostr pubkey.