Why Nostr? What is Njump?
2023-10-10 18:43:30
in reply to

hodlbod on Nostr: Malicious in the sense of surveillance/phishing. So say someone sends you an email ...

Malicious in the sense of surveillance/phishing. So say someone sends you an email with a link pointing to `/notes?relays=wss://bad-relay.com/myemailinbase64`, you click on it and your client auto-signs an AUTH challenge, bingo bongo they have correlated your email/pubkey. Basically an injection attack. As it happens, pointed out that this is already possible using nprofile/nevent 😬
Author Public Key
npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn