But this doesn’t prohibit us from having verified translations right?
Our translation service could publish a public key and send over a translation string along with a hash? Then client or even user can do the verification to see if the translator service actually signed it and the translation isn’t modified?
Yes, but I think that can remain an implementation detail. Don’t think it needs to be part of the Nostr protocol. In fact, the problem described here seems like a small corner case and very theoretical, and the proposed solution seems a bit over engineered comparatively. Any request can be man-in-the-middled. There isn’t really anything specific to translations. HTTPS solves some of this I think.
Makes sense !
