Hmm, okay will come up with some ideas. Lmk if you have any
That's not the right one, I generated a vanity one
npub18tcc00lqpysdsurg567dllzg7jeyr5wcyk2v6w23rx3s3ygyze2qv32nxx
Very easy solvable
Test flight might have bugs from time to time
Zaps are broken. There is a vulnerability/bug (depending on how you see it) where you could show off on social media that you zapped someone but you could just pay yourself.
Here’s how to reproduce it:
When you click zap, an invoice is fetched from a URL that looks like this
- https://stacker.news/api/lnurlp/02fbae2cc5/pay?SOMECRAP
- Replace 02fbae2cc5 with your own user ID and fetch the invoice and pay it, so you pay yourself. Check the post you’re trying to Zap, it will get updated saying you zapped them. LOL
https://snort.social/e/note1sxedhg4r6tyjamdtr7txzxda5e24tkfxh9amgxs5cpccw3e0v9vs36vfxq
This is an example post, Only one of my zap is real, 2 more I just paid myself.
#[0] found this out.
This is just a problem in stacker.news. They could just enforce that the request has to be to the user's npub
You crashed our site lol
I can't zap you sir
Welcome
Starting tomorrow it'll be 1-100k, we'll see how that goes. I think it'll improve when damus has support for custom zap amounts too.
Yeah agreed, changed it so starting tomorrow it'll be 1-100k
I just launched it today so we'll see. It takes a % of the amount paid every round so it should make a little miney
Yeah definitely true, but seems like all the nostr clients will correctly call the lnurl if it does support it.