NIP-05 (Nostr Identifier)

NIP-05 is the Nostr standard for tying a raw public key to a human-readable, DNS-backed identifier shaped like name@domain.com. A user puts a nip05 field in their profile metadata (kind 0 event), and clients verify that the claim is genuine by checking the domain rather than trusting the label at face value.

How verification works

When a client encounters a NIP-05 identifier it splits it into the local part and the domain, then performs a GET request to https://domain.com/.well-known/nostr.json?name=<local-part>. The server returns a JSON object with a names map of identifiers to lowercase-hex public keys. If the key returned for that name matches the pubkey on the user's metadata event, the identifier is confirmed. The endpoint must not issue HTTP redirects, and clients ignore any they receive, which keeps the verification path unambiguous. By convention _@domain.com is treated as a root identifier and shown simply as the domain.

Why it matters

NIP-05 is verification, not naming ownership: it proves that whoever controls the domain vouches for the key. Hosting your own nostr.json on a domain you control gives you a portable, self-sovereign identity that any client can check without a central registry, which is why it is a building block of decentralized identity.

It mirrors the DNS-lookup pattern used by Lightning Address and complements key handling done by a NIP-07 browser signer. D-Central documents NIP-05 for Bitcoiners standing up their own identity infrastructure.