PSA: For #plebs playing around building with #nostr

You should treat all front end code (such as JavaScript) as INSECURE.

It can be manipulated or replaced in browser console by an attacker.

So any data sent to your back end server MUST be sanitized and verified.

Check the schnorr signatures before relying on event data.

That's why Nostr events are SIGNED!