Replying to Avatar Asone

Yesterday, while working on my authorization server for my relay, I was wondering :

What would happen in clients if a #nostr #relay were to spoof some events.

Example :

Alice sends an event to relay B and C, let's say a simple "Hello world".

All relays accepts the event and stores it. However, relay C modifies the content of the event. When referring to the note, the content relay C would return would be "Hello Satoshi".

Therefore, a client connecting to those relays would receive two different events with the same Id.

How clients would/should behave ?
Avatar
Selim 2y ago

The event’s property `sig` is the 64 bit signature of the hashed stringified event. It is obtained by signing with the author private key. A relay couldn’t simulate the sig value. And clients should verify ˋcontent` versus `sig`.

Reply to this note

Please Login to reply.

Discussion

No replies yet.