Please send a fake zap to this post to prove it.
Discussion
š¤£š
Fair I canāt fake zaps on your post but I could fake zaps on my own posts
Bleh lol
For me as long as no one can fake zaps to me then I can use zaps to securely filter notes from others which is what I was thinking about here
Isn't this still vulnerable to Sybil attack (outside of lightning fees)?
What do you mean ?
That someone could create multiple accounts and send zaps between them to impersonate "realness". That's not an issue too for zaps directed at you or people you know are real, but for filtering a feed in general based on zaps it still seems like it'd be vulnerable.
They can zap wash all they want, it is not relevant to what Iām talking about here. Iām referring to using zaps *to you* to filter content from the outside world. Zap washing and fake zaps are only relevant when you want to start using zaps for algos, which I think would be really flawed unless it incorporated a trust graph of some kind.
Yep totally agree with you here then. I for one am ready to replace email entirely with Zapped messages.
I think it's also useful to have trusted verification services that receive zaps, could even be your own auth service that account pay in to once in order to show up on your feed or w/e. Just spitballing here, but in general agree.
I agree but also we should be wary of creating a ātrust graphā because it would probably end up with ātrustedā zap servers which would disincentive people from running their own servers
This
Hi Michael, Could you shed more light? How could you fake zaps?
The way zaps works is when you send a lightning payment to the server there is a nostr bot account on that server that publishes a zap receipt event that says how much was zapped. Nothing is stopping that server from saying there was a zap that actually didnāt happen or lying about the amount.
It says this in the NIP āThe zap receipt MAY contain a preimage tag to match against the payment hash of the bolt11 invoice. This isn't really a payment proof, there is no real way to prove that the invoice is real or has been paid. You are trusting the author of the zap receipt for the legitimacy of the payment.
The zap receipt is not a proof of payment, all it proves is that some nostr user fetched an invoice. The existence of the zap receipt implies the invoice as paid, but it could be a lie given a rogue implementation.ā
Thanks for helping spread awareness and understanding about ZAP limitations.
I think zaps are great. However they are oversold/understood as being trusted and trustable - and accurate. They simply are not in their current form today.
Itās not proof of work or anything similar. I wish it was..
š¤£