just check the npub. can also just look at follow counts and content.
This will be the death of Nostr. The only way I can to spot imposter accounts is because my client has a “nifty” algo to track “similar names” and such.
WoT implementations on Nostr should NOT be so haphazard, specific to each client or relay. Nostr needs a standard by which users can be IN CONTROL of the filters they use. The ones that work will be shared and used more.
This is ridiculous.
nostr:npub1a2cww4kn9wqte4ry70vyfwqyqvpswksna27rtxd8vty6c74era8sdcw83a
Discussion
Dude. Who TF checks npubs?
This is not an intellectual problem. It is a real world user problem. Nostr is dead already.
umm, i do, and I hope everyone does
that's literally the point of signing and having private and public keypairs, lol.
the key can't be spoofed on the relays. they can spoof account names, nip05 maybe, avatars, and more. but if you know the npub, nonworries.
We all know this. But the real world usage (your and mine prolly also) is different. We need to solve for real world.
What is the issue?
On X, you post something and may get a reply from elon(or whoever), you look at the profile, yes? In that case, the username would be elonmsk or a letter off or a number.
Seems pretty simple. Perhaps a dB of usernames that clients could compare, but it'd never been an issue for me. I've been followed by fake Lyn accounts, I take a look, fake. Blocked or muted or no action. Done.
Everything in your comment requires a central auth DB or a user who is dedicated to “not be phished”.
Nostr will grow. People will be followed by (and follow back) bots and bad actors. Spam and phishing attempts will be shared and reposted.
There is no central auth in Nostr. Our only defense is Webs of Trust between friends and friends of friends. But Nostr only has ad-hoc implementations to establish webs of trust.
Nostr needs better tools. And by this I mean, a free market of tools (content filters and trust rankings) whereby the best ones will emerge.