Weak.
But what are good ways to actually verify that a particular npub belongs to a particular person?
It's going to become a lot more difficult as more people and bots enter.
I think it was easier for those of us who were early because we were mostly all part of the same relatively small circle of people. I just followed based on the fact that someone I follow followed them. This way makes assumptions that may not always be true.
nostr:npub1sg6plzptd64u62a878hep2kev88swjh3tw00gjsfl8f237lmu63q0uf63m
IMHO, clients need to include a warning - red background or something - on posts by npubs with the same name as an npub you have previously interacted with.
This won't prevent people from using a common first name as their handle, but it will disincentivise it, and also highlight possible scammers.
That's a good idea. Not sure how that would be implemented, but it would definitely help cast doubt, which is usually enough to prevent a successful scam.
A red warning letting me know that this could be an imposter would be 🤌 Not sure that would help if the Imposter gets to Nostr first though. I can imagine the actual person getting flagged in some cases. And the flag would technically be correct if you already follow the imposter. Somewhat complex issue
Not a silver bullet, its true.
An honest person with a common handle WILL be flagged for attention. That's okay.
Not worried about cases where the scammer is here first - scammers want to steal credibility from existing accounts, this breaks their business model if they have to build followings the hard way
True. Definitely an edge case.
I saw some npub claiming to be Linus Torvalds the other day.
My proposal won't fix that.
NIP-05 is supposed to, but its easily gamed since the DNS system has perverse incentives.
Yeah, DNS was my first thought but that has scammers too. And then recently there was a story about some domains being easily taken. There's no perfect system, but I think certain people swapping npubs IRL also helps. Especially bigger names in a particular circle.
I think the actual answer will be an imperfect combination of multiple approaches that reduce risk down to very small levels for most people.
