I don't understand why NIP-05 isn't signed:
https://github.com/nostr-protocol/nips/blob/master/05.md
"""
Identification, not verification
The NIP-05 is not intended to verify a user, but only to identify them, for the purpose of facilitating the exchange of a contact or their search.
"""
but we could easily add a signature field, otherwise the profile process is less secure than the signed-event model. Unless I missed something?
no, their tie their pubkey to someone elses name. Signing would prevent name-spoofing.
For example, i cannot post a message to a relay with your pubkey because i can't sign the message, but i can create a profile with your name and my pubkey because there is no verification. I don't need to hack your server, just create doubt.
btw thanks for responding, i'm implementing a relay and getting to grips with the NIPs, so would be good to know if i misunderstand things.
That moment when you realise peter schiff is right: #bitcoin has no intrinsic value, and it might go to zero, but you use it because you value fair trade above the ability to steal other peoples time.
The intrinsic value of bitcoin is that it makes everyone an honest participant.
"Is there a magic trick that allows you to go from 0 to 100000 by gaming the algorithm these days and then scam your followers"
only fans, twitch, all that kind of stuff right? "the content economy" requires "a community"
Oddbean new post about login | logout
Notes by acf88a03 | export