Oddbean new post about | logout
nielliesmons | 1 months ago (raw) | root | parent | reply | flag +3 
 Yeah, this is the kind of user deception I don't want to see in @Zapstore.

When a user publishes something for public use: 
1️⃣  It needs to be clear that he's publishing something 🤷‍♂️
2️⃣  It needs to be very obviously public

Again, this is why I prefer to look at the public actions users already do anyway: replies, zaps, public bookmarking, etc...
pippellia | 1 months ago (raw) | root | parent | reply | flag +1 
 I absolutely agree. Even for the WoT angle, you can't build meaningful metrics if the user is not aware of what he's publishing.
franzap | 1 months ago (raw) | root | parent | reply | flag +3 
 Agreed.

I know it's not malicious on the part of any dev, but I've encountered several nostr apps prompting for signing multiple events of mysterious kinds.

Including events in a non-interactive context like loading a website an being asked for a signature.

Sign (or prompt to) events only when absolutely necessary. Be explicit about what's not obvious. Maybe we need work on UI/UX design around prompts?

nostr:note1tm93m6cvr2xpnafeschzsp7sgxurqszm0jzxrgar757eeuzanu0sqgv98e
franzap | 1 months ago (raw) | root | parent | reply | flag 
 Forgot to mention: Some of these events with a huge chunk of  base64 encoded data. Puts the user in a weird spot