Nostr Web Client

I think ndebit is missing a pre-authorization that the server should use to send me ndebits, without that, couldn’t any server spam me with ndebit requests?

Sorry if i misunderstood the spec

Justin (shocknet) 5mo ago

It's an open endpoint for requests, the user would then approve or whitelist the key upon request...

This would allow request spamming of course, but since the requesting key is identity-based and not ephemeral like NWC, it allows for policies and automation around reputation that could suppress/report/ignore those

Reply to this note

Please Login to reply.

Discussion

No replies yet.