Make sure the NIP-57 receipt can be sent back to relays so the zap counter goes up below your posts.
Why do you need that?
:q
Added. What does it do?
Please take a look at NIP-23 and https://read.nostr.com and https://write.nostr.com -- they need help.
testing monstr
You can't prevent that, but it is irrelevant. We should not care about zap counts, but we should care about having a public registry of a received zap that matches an actual payment, because that is necessary to make zaps useful for things other than tipping.
Don't be stupid. The person would have to announce the provider URL in their Nostr profile.
Zaps are broken. There is a vulnerability/bug (depending on how you see it) where you could show off on social media that you zapped someone but you could just pay yourself.
Here’s how to reproduce it:
When you click zap, an invoice is fetched from a URL that looks like this
- https://stacker.news/api/lnurlp/02fbae2cc5/pay?SOMECRAP
- Replace 02fbae2cc5 with your own user ID and fetch the invoice and pay it, so you pay yourself. Check the post you’re trying to Zap, it will get updated saying you zapped them. LOL
https://snort.social/e/note1sxedhg4r6tyjamdtr7txzxda5e24tkfxh9amgxs5cpccw3e0v9vs36vfxq
This is an example post, Only one of my zap is real, 2 more I just paid myself.
#[0] found this out.
The correct way to fix this is to have NIP-57 dedicated providers that discriminate the receiver of the zap from the "p" tag in the zap request event itself.
All these zap providers need is a URL, static for everybody. And they can even begin accepting zaps on behalf of people before users actually go there and sign up with their Nostr key to withdraw. They can also just forward the zaps to users' lud06/lud16 addresses as soon as they are received.
Remove them. Put them on a separate app.
Yes, good idea.
Relays can just check if the contents of the zap request are from a whitelisted user and allow based on that. They can do this today, there is no need for anything extra. The ones that do can market themselves as "zap-friendly" and gain more users.
The same approach can also be used for replies, likes etc.
It's impossible to know. Any sufficiently open relay is bound to be spammed. The cool part is coming up with nice ways to restrict relay access without hurting everybody.
You made good points, but I think being human is seeing the reactions of your peers directly in their faces as you say something. Likes are an approximation of that, but I don't know if it gets close enough to be worth all the drawbacks.
But to be honest the nastier part is probably the notifications stuff always calling you to see that some random person you don't even know or value has clicked a button.
Another issue is that a like from someone that only likes things they actually do like should be worth more than a like from these crazies that just keep liking everything they see, but there is no real way to measure this -- while in the real life we can often tell fake likes from real likes.
I don't know how, I was thinking more like about people accepting zaps for selling goods and services without leaving their clients, as #[0] suggested once, or crowdfunding things, or offering to do things in exchange for zaps, I don't know.
It could get even more interesting if clients dedicated to other kinds of content used zaps too. It's a powerful concept.
Sometimes yes, but overall I like it. I don't want to be looking at horrible bad taste memes all day.
They're better since they are not as cheap. Zaps are more interesting when combined with use cases that aren't just tips, though.