In some ways it helps and in others it doesn't. In Amethyst, I think it means you're following them and not necessarily verified.
Here are a few scenarios:
A) If the profile (maliciously or otherwise) changes their name, pfp, bio and etc. (kind 0), it'll be difficult to know which one of your follows/contacts it was when you initially followed them. This could be used to imposter someone.
B) If the private key of a profile is compromised (similar to A) all metadata can change. If notes appear from this account that the key has been compromised and to migrate to a new key; it will be very difficult to recover and determine honesty. The NIP05 nostr address will also not be useful, as that too could have changed.
C) If you're not following someone, yet still want to be able to verify them, the mark won't help in this case.
There may be others scenarios as well, and plan to go through and document these in more detail. I have a few NIPs drafted to introduce a profile metadata attestation event kind that could be used to verify profiles and mitigate and help the above scenarios.
Braydon Fuller
npub1r0…7zzyc
2024-09-23 21:32:03
in reply to nevent1q…a7r3
Author Public Key
npub1r0ulywwu593kzjdu9uluxdq80t54n65kql9vl9z7lrutkgnachssk7zzycPublished at
2024-09-23 21:32:03Event JSON
{
"id": "a074326ca253c0697637438f131961947d229ba0cff8aa8a0940b5855893dfc9",
"pubkey": "1bf9f239dca1636149bc2f3fc334077ae959ea9607cacf945ef8f8bb227dc5e1",
"created_at": 1727127123,
"kind": 1,
"tags": [
[
"e",
"54b52805947ce36cf450b98d3cef5f19298681e289a2e3f2d1064ae5b7cdf182",
"",
"root"
],
[
"p",
"fa0165a0f192fb0e91c7d8710e57570ad27b3715ca52181f6c53c9b203397073"
]
],
"content": "In some ways it helps and in others it doesn't. In Amethyst, I think it means you're following them and not necessarily verified.\n\nHere are a few scenarios:\n\nA) If the profile (maliciously or otherwise) changes their name, pfp, bio and etc. (kind 0), it'll be difficult to know which one of your follows/contacts it was when you initially followed them. This could be used to imposter someone.\n\nB) If the private key of a profile is compromised (similar to A) all metadata can change. If notes appear from this account that the key has been compromised and to migrate to a new key; it will be very difficult to recover and determine honesty. The NIP05 nostr address will also not be useful, as that too could have changed.\n\nC) If you're not following someone, yet still want to be able to verify them, the mark won't help in this case.\n\nThere may be others scenarios as well, and plan to go through and document these in more detail. I have a few NIPs drafted to introduce a profile metadata attestation event kind that could be used to verify profiles and mitigate and help the above scenarios.",
"sig": "5a3e9e29961345eb2b19767f32de253adb5d8f8eea7f8bd39dabba5fbc3c05a4b7c704829be84de6e4edcc7c3cfe45ef1db937144065efdd5e54025a70f44edd"
}