Most web clients cant easily validate the hashes since its not possible to get the raw blob from a element. I have a button to do it in noStrudel but the user has to intentionally click it
Also it does not detect https://github.com/willnorris/imageproxy which is the image proxy that noStrudel can use :)
https://api.nostr.land/detect-cache/v1.jpg" class="embedded-image" loading="lazy">
Will implement.
The manual verify button has a problem as well
UA.
Also Primal ignores blossom hashes and does not validate. Not sure if they even do failover
And I might also know of a way to bypass Blossom checks in several clients
And there you go. Tampering
This note will show if your client can tamper with media you view
👇
nostr:note1lzwpft27uxs56y80r95akqscy6h77n5kg78mlhxalm02esf8r3vsfl88qk
test media
While actively tampering with links to media hosts and competing clients
you could code it in less than 15 mins… all it does is schedule a broadcast at a given time
not worth $70/mo
test
Yeah. I think they also have it set up in a way to intercept all media requests, so for all you know the media is tampered with and Blossom is useless
They also could tamper with content from relays.
The fact that they are trying to EEE nostr is becoming clearer every day and everyone is a frog getting closer to being boiled…
I don’t think you need to care too much.
I personally find their arguments against it nonsense (no one signs a note saying they did something bad so the argument makes no sense) and everything from the data and the actions of the impersonator spam matches up with them.
But up to them, they can do whatever they want to do.
You cannot do this as the notes are signed
I have pushed an update to https://nostr.land that makes pricing much clearer.
Also, the aggregator is included as well.
for some reason nosflare seems to be blasting at my relays 24/7
nostr:npub16jdfqgazrkapk0yrqm9rdxlnys7ck39c7zmdzxtxqlmmpxg04r0sd733sv is this intended? the volume seems too high to be paid users only
wss://relay.noswhere.com now somewhat acts like a free relay. Somewhat.
I think a relay based model may work better.
MOD-REQ
This skips the overhead of signatures for each moderated event, and moderation may not be instant (so servers can wait a bit before responding).
And you can for example blur media or hide events while within the timeout.
Types of flags are specified in NIP-11.
If you ever want to do that, Git is not much different than a key-blob store
can’t wait to get all my zaps consumed by force close and channel open fees
This does not require any physical contact and I thought we were trying to be better than fiat
https://www.zapwall.store seems to be finally working. Had a hell of a time trying to resolve weird build errors
I should break it again
It may have no spam, but the problem is it doesn’t have much useful content either
There is a limited rebroadcast system
First verison will be a relay marketplace only.
What relays would you like to see on the list?
(must be free or paid relays open to the public)
nostr:note1t47lnejfgugukjsy5ec0mu8dak9qmdwp8g7d2pgm2ym3kcus8saqmpnvx0