Quite frankly it makes it feel like a scam.
All the people hyping how Nostr uses tamper-proof messages and is decentralized, censorship-resistant yadda yadda, recommend you use apps that donāt even check relays arenāt lying about authorship of messages.
About trusting the relay for sending or not itās a bit more than that.
Relay might seem to accept your event but only forward it to some people, or delay it, etc. there are numerous less obvious forms of manipulation.
This is so dramatic, i am not against adding this as an option. Whoever wants to turn it on can do so.
Sure. Nostr is going to change the world with JSONs with digital signatures.
But not validating the signatures is no biggie.
They are validated by the relays.
I'm sorry man, I'm not trying to rain on your parade. I don't even have an iPhone. I am just personally floored by this as signatures are what attracted me to nostr in the first place. It's like that PGP moment, we all finally have signatures, we finally convinced people to use them!! Am in the only one thinking this?
Mobile is very hard and I have no doubt someone will have to centralize an app to really provide a good mobile experience with push notifications and low bandwidth usage. What I did not expect was for the heavyweight clients we have now to skip sig checks. Half the clients I use connect to relays that I didn't even pick when they start.
I'm not even against it, it will just take some time to make it performant. Damus only connects to a set of relays you trust/vet and does not connect to random relays. It is not an unreasonable tradeoff in those settings and the perf/battery life gain is noticeable. I had it on originally until the perf hit was too bad to justify when the servers are already validating sigs. People should PR this if they think its a huge issue, I do not at this time but obviously this will not be true forever.
If you get a duplicate event that's already validated, you can toss it and skip validation. I don't know if that improves performance or if you were already doing that.
This looks relevant but also looks hard (unless some library already does it): https://bitcoin.stackexchange.com/questions/80698/schnorrs-batch-validation
Iāve been wondering why my batteryās been draining so quickly lately š
I added nostr event signature verification toggle in settings (verify, don't trust) feature request in Damus github board: https://github.com/damus-io/damus/issues/617
Added more long term multi-threaded refactor as well https://github.com/damus-io/damus/issues/618
What about having an optional signature check that users could initiate? A āVerify Message Signatureā option when you tap into the details of a message.
Thatās a good idea. Ideally should display a serious warning if the check fails auto-remove the relay that sent it, and resync everything.
Could also just automatically validate the sig when you interact with a note in any way (like, reply, repost, etc)
Fewer UI changes.
Adding a warning about adding non-trusted relays is also a good idea.
Related to the untrusted relays suggestion, Damus has a recommended relays box in settings.
Yes. But when you add non-recommended ones there could be a text explaining the risks.
The downside is most people will get scared and never add other relays. Well most people will never add relays manually anyway.
What would you tell the user who is adding a non-recommended/non-trusted relay?
E.g. āWarning, this is a non-trusted relay. You are trusting the relay to not alter nostr events transmitted to you. Cancel/Got it. Click to learn more.ā
How many times do you display this pop-up - e.g. every time a new non-trusted relay is added?
