How does Nostr prevent copycat accounts from being created? That has to be one of the advantages of centralised media like Twitter, so how does Nostr get around it? Just "hope" that enough people block the imposter account?
Discussion
A proper nip05 can help, especially if people run it on their own domains.
TRUE - but currently 99% of people just use one of the standard signing websites which - let's face it - anyone can get any username in...
So it's still a problem!
And even if YOU have your own domain, if the imposter uses a "pleb 99% signing site" most of the victims won't realise...
Yes. I think it's something that isnt used as widely as it should be. I mean especially people with a large audience (these are the ones to be mostly impostered) often do have domains that are well known and prove a npub belongs to them. But you are right that it's no guarantee people don't fall for other accounts that look valid. I think it's up to the community to call (obvious) imposters out.
Besides I don't have the feeling the problem is solved on centralized media. DerGigil 😅 just followed me yesterday on Xitter.
Nip-05
yeah... i replied elsewhere on that... how does this work in Nostr again....
nostr:note1r83lvj9q06fn29ypfsnhqh6pges7m345hz3sx94wsgag2pdulnvswu0e9d
Nip-05
Nostr can't, and should not, prevent anyone from naming their account something, ever. The best practical solution we have so far is NIP-05 where someone can verify themselves with their own domain. As you mentioned in other replies, many people use third party services to set up their NIP-05 verification and yes, people can most certainly use it to impersonate you. I don't know who you are so I can't ask you IRL which third party provider your real account uses. There has been some attempts at web of trust and the like but I don't remember any practical solution that has been implemented across the board that actually works well yet. Other than a proper NIP-05 setup, the second best way is to verify through other channels such as social profiles, websites, and endorsements from other users you trust. E.g. when nostr started to take off (early 2023), I found good use of services such as nostr.directory where people had verified their nostr pubkey in a Tweet. When prominent and well known people have joined nostr, I have always been sceptical but accepted it when I saw people I trust confirm that it was a real account. It's not a perfect solution but so far it has worked pretty well for me, and I'm excited to see which solutions we come up with for this over the next 10 years.