Avatar
Rich Nost 6mo ago

Okay here's an anti-pattern of nostr. How do I know which of the clickable elements represent spoofed npubs with similar aliases and avatars? How do I even know this DM is legit? Obviously it's possible to verify, but the low friction for spam creates incentives for bots to relentlessly find the one dipshit, high and/or drunk enough to actually zap them 1000 SATs. Lets not forget that an army of gaypornspam bots were simultaneously implicating @semisol in some campaign to bully people into subscribing to his relay.

Reply to this note

Please Login to reply.

Discussion

Avatar
semisol 6mo ago

Accounts pretending to be popular paid relays asking for payment with typoed domains… I wouldn’t rule it eventually happening once the spammers stop being monkey-brained

Also that is a legit DM.

Avatar
semisol 6mo ago

Also, replace puravida.nostr.land with nostr.land and aggr.nostr.land

Avatar
Rich Nost 6mo ago

re: "also that is legit"

1) 🫡

2) That's not going to relieve me of the burden of having to verify.

Avatar
semisol 6mo ago

2) Unfortunately.

You can at least see it is Nostr.land on the link domain, but someone can still send their own renewal link instead. Though in that case it is easier to handle.

I will be introducing a new renewal page that shows your npub, NIP-05 and display name as well.

Avatar
HoloKat 6mo ago

We addressed this in Nostrdesign.org but sadly very few people read it.

In short, show if you follow the npub, and check / display imposter label.

https://nostrdesign.org/docs/how-to/impostor-prevention/

Avatar
Luxas 6mo ago

I like that Nostur by nostr:npub1n0sturny6w9zn2wwexju3m6asu7zh7jnv2jt2kx6tlmfhs7thq0qnflahe was way ahead on this and implemented a possible imposter badge on accounts that are identical to one you follow but that you don’t follow. Also, this is where I believe nip05 shines. In the case of a business or person associated with a business/service who uses a nip05 from a well known domain, it signifies they’re part of that business/service. So, in your example, it’d be a nip05 officially with the nostr.land domain.