If you control the domain it's not a bad verification check. Can be removed if nsec is compromised. The way most people use it though, yeah.
Nip5 is not verification. It’s just a vanity pronounceable and searchable address aka “nostr address” as coined by nostr:npub18ams6ewn5aj2n3wt2qawzglx9mr4nzksxhvrdc4gzrecw7n5tvjqctp424
Discussion
It’s hard to know which domain people control so it’s not a good verification mechanism because of that.
I bet nobody knows my nip5 without looking at it
Fair. Seems it's still useful for a brand though. Like if I'm the Conduit guy and all my Conduit homies have Conduit NIP5s then my NIP5 is suddenly a different site that's a red flag.
...But you're right people probably don't even check, seems like something that needs a re-think.
