Upon reading the NIP-42 spec, I’m confused 🤔. If every event is signed and therefore verifiably tamper proof, what is the purpose of relays sending a challenge to clients? Couldn’t they simply verify that sensitive events are being sent by the key holder by checking the signature?

Obviously, I’m missing something. But I can’t seem to tell what it is yet. Any #nostrdevs able to help me see the obvious?