Behind the scenes, the vault only honours the servers that is running the right code. All requests are signed; if an unknown instance, the transaction won’t go through.
Discussion
I'm working on a plan to integrate the Ntag424 NFC chips to create a pin protected Nostr event signer. There's room on those chips to also have them sign LN transactions and/or eCash payments. I think the Bolt wallet app can likely be forked to make a combo tap-2-sign/pay MFA solution. Think Yubikey for Nostr and LN.
This enables brings us something we have/something we know levels of state of the art security. I know all this is possible, just need to work it out.
"Trust me bro, this QR code is a 10 sat invoice"
The server behind the QR code is legit, but the presentation could be changed by putting the valid QR code on the "company" page which lies to me.