Nostr

Ya the thing is, you don't need to trust relays, you get a message from them and you verify the sig. Case closed. All the relay can do is send or not send, accept your event or not accept. Even if the relay has a man in the middle it doesn't matter, the sig won't match if there is any tampering.

BUT without signature validation this all goes out the window and we are back to square one. I am very surprised by this and I just looked at amethyst code and I don't see it checking either.. 🤯 doesn't take much imagination to see how easy it would be to fool the masses during this adoption phase and assume anyone's identity.

The web clients, they gotta be checking this right?!... Guess it's not very sovereign of me to not be aware of this, not read the code, and just assume it's a basic nostr principle in all clients to check sigs. Got some catch-up to do..

82

lucash.dev 2y ago

Quite frankly it makes it feel like a scam.

All the people hyping how Nostr uses tamper-proof messages and is decentralized, censorship-resistant yadda yadda, recommend you use apps that don’t even check relays aren’t lying about authorship of messages.

About trusting the relay for sending or not it’s a bit more than that.

Relay might seem to accept your event but only forward it to some people, or delay it, etc. there are numerous less obvious forms of manipulation.

82

lucash.dev 2y ago

Since I learned Damus doesn’t validate signatures (yikes) I decided to only use two relays: Damus, bc I’m already using their so whatever, and brb.io bc I already trusted @nvk for Mastodon before.

I don’t see the point of adding any other relay.

Replying to lucash.dev

In fact you already have to trust relays for a bunch of stuff.

But not even validating what you can seems a very bad idea.

If validating sigs is too hard for phones — then the protocol doesn’t work for what’s supposed to do — or at least phones aren’t ready to support it yet.

I don’t think it would be that easy to find out for end users. Esp. if most people are using Damus.

It should at very least check a random sample of sigs and have UI for verifying individual notes.

Are sigs really expensive to check, even with Schnorr batch validation?

Quite frankly I wouldn’t have shipped the app without validating sigs. Kinda embarrassing.

82

lucash.dev 2y ago

Are all clients the same? The android one too?

And the web ones?

If that’s the state of Nostr, then you shouldn’t use it on mobile.

I always said Nostr relays were trusted third parties — and the trust model is essentially the same as with existing centralized platforms.

But not even checking sigs removes the one thing Nostr improved.

If you don’t validate sigs you’re much better off just using Twitter.

Replying to

cloud fodder

I would never use a client that doesn't check sigs. It's the whole point of nostr messages is you verify them and you don't trust relays. I think this deserves a PSA. There are so many relays now I don't see how you can claim there are no rogue relays.. does amethyst do this too?

82

lucash.dev 2y ago

In fact you already have to trust relays for a bunch of stuff.

But not even validating what you can seems a very bad idea.

If validating sigs is too hard for phones — then the protocol doesn’t work for what’s supposed to do — or at least phones aren’t ready to support it yet.

I don’t think it would be that easy to find out for end users. Esp. if most people are using Damus.

It should at very least check a random sample of sigs and have UI for verifying individual notes.

Are sigs really expensive to check, even with Schnorr batch validation?

Quite frankly I wouldn’t have shipped the app without validating sigs. Kinda embarrassing.