STORY
Wild Wild Wildcard Subdomains
AUTHOR
Joined 2022.09.23
PROJECT
DATE
VOTES
sats
COMMENTS

Wild Wild Wildcard Subdomains

Suppose Mr. Clark Kent have signed in to https://ln2.email with his email [email protected] and wants that any lightning payments sent to [email protected] to be forwarded to his current lightning wallet [email protected] . What does this mean? Whenever a lightning wallets wants to pay to [email protected], it actually makes a GET request to https://gmail.com.ln2.email/.well-known/lnurlp/clarkkent , where it gets a JSON with all the relevant details to continue with the lnurl-pay process (i.e. a static/temporary callback-url to be used to generate the LN invoice, min/max sats limits, optional texts and images to display, etc.).

Clark Kent already has a lightning wallet, which means that https://gmail.com.ln2.email/.well-known/lnurlp/clarkkent should simply return the same JSON that https://getalby.com/.well-known/lnurlp/superman returns. Maybe even we could make it easier for our backend, and instead of sending a GET request to getalby.com (and forwarding the response to the client), our backend could simply reply with a "301 Redirect to https://getalby.com/.well-known/lnurlp/superman", and the client send a second GET request on its own (maybe... I don't think supporting "301 Redirect" is in the official standards of lightning-addresses, but usually http clients support this automatically).

"gmail.com.ln2.email" is a subdomain of "ln2.email". Our backend is hosted on vercel.com, which have a very cool api to add domains to a project. However, we don't want to add any domain that a user signed-in with as a subdomain, because this might quickly reach limits that might cost us money... Can we use wildcard domains? The answer is yes and no.

If we register "*.ln2.email", requests to one-level-subdomains like "hello.ln2.email" will reach our backend, but two-levels-subdomains like "hello.world.ln2.email" won't. Registering "*.*.ln2.email" is not allowed. However, we can register "*.com.ln2.email", and this will catch all the ".com" email providers: "gmail.com.ln2.email", "yahoo.com.ln2.email", "protonmail.com.ln2.email", etc.

What if baby-superman's spaceship had crashed in Canada instead of Smallville USA? Then his email might have been "[email protected]". How can we handle this? Can we simply take the top-level domain ".ca" and register "*.ca.ln2.email"?

Not so simple, because if baby-superman's spaceship had crashed in the UK, his email might have been "[email protected]", and registering "*.uk.ln2.email" would not catch requests to "gmx.co.uk.ln2.email". Remember that a wildcard "*" is only relevant for a single hierarchy. To catch those requests, we need to register "*.co.uk.ln2.email".

A full list of top-level domains that we need to support can be found here: https://publicsuffix.org/list/public_suffix_list.dat

Another possible scenario is that Clark Kent email address is under a strange subdomain of its own, like: [email protected]. Due to the subdomain registration limits, I don't intend to add "mail.reporters.dailyplanet.com.ln2.email" or "*.reporters.dailyplanet.com.ln2.email". But maybe if Superman is willing to pay some Bitcoin sats, we can add his special subdomain manually.

And just like Superman, I'm a maxi that refuses to accept any kryptonite!

Photo by Nadejda Yanchuk on Unsplash.