Nostr Web Client

Anybody else getting tons do spam replies with fake accounts and invalid nip-05’s? I’m thinking if relays refused to accept content from npub’s that were impersonating other people’s nip05 it would help.

acf88a03... 1y ago

I don't understand why NIP-05 isn't signed:

https://github.com/nostr-protocol/nips/blob/master/05.md

"""

Identification, not verification

The NIP-05 is not intended to verify a user, but only to identify them, for the purpose of facilitating the exchange of a contact or their search.

"""

but we could easily add a signature field, otherwise the profile process is less secure than the signed-event model. Unless I missed something?

Reply to this note

Please Login to reply.

Discussion

b0b 1y ago

Interesting! How would that work in detail? Place a signature in the JSON of the NIP-05 server?

daniele 1y ago

NIP-05 should be use to identify an user, not to verify it. A signed NIP-05 would be rendundant.