That's only possible if the clients doesn't care and validate the service public key. Maybe what you are seeing a workaround implementation where the validation of the zap is skipped.
Maybe somebody should spam fake zaps so those missing checks become unacceptable.
Please Login to reply.
No replies yet.
