This is realy a bad bug. This is a serious problem for the privacy of nostr users.
#asknostr #nostr
Did you know that any client will let you login with someone else's public key as a read-only user, but you can still view all their notifications and messages? The message itself is encrypted but the sender isn't.
Seriously, why does it even let you login without a private key? What's the purpose of read-only accounts? Am I the only one who thinks this a huge design flaw? Not to mention creepy, wrong and kind of violates any argument for privacy?
nostr:npub18ams6ewn5aj2n3wt2qawzglx9mr4nzksxhvrdc4gzrecw7n5tvjqctp424 nostr:npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z and if y'all can boost this to other people involved in either ecosystem or protocol development, would be awesome. Or maybe it's just me 🤔
Discussion
No replies yet.