semisol on Nostr: an approach to limiting decryption access is per kind but a problem is that you can ...
an approach to limiting decryption access is per kind
but a problem is that you can take an encrypted blob and make it look like something else by putting it in a different kind and with the p tag of the sender to make it appear like it’s an outgoing message + asking the ext to sign
the only solution is indicating the kind and sender in the encrypted blob
Published at
2024-08-06 19:56:45Event JSON
{
"id": "599df1c071e45bc59ac25f832a461060686f81b3106b07b893693df1c186ef17",
"pubkey": "52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd",
"created_at": 1722974205,
"kind": 1,
"tags": [
[
"e",
"5d2e87fc049f8ad960a0e6b88252e0781cd426d023fe2e8934e61c240350d30b",
"",
"root"
],
[
"e",
"53639e2a4b08da96a4b901b381aa244427a31b45bae372fc66d74f6cd4130e82",
"",
"reply"
],
[
"p",
"9cb3545c36940d9a2ef86d50d5c7a8fab90310cc898c4344bcfc4c822ff47bca"
],
[
"p",
"06639a386c9c1014217622ccbcf40908c4f1a0c33e23f8d6d68f4abf655f8f71"
],
[
"p",
"32e1827635450ebb3c5a7d12c1f8e7b2b514439ac10a67eef3d9fd9c5c68e245"
]
],
"content": "an approach to limiting decryption access is per kind\n\nbut a problem is that you can take an encrypted blob and make it look like something else by putting it in a different kind and with the p tag of the sender to make it appear like it’s an outgoing message + asking the ext to sign\n\nthe only solution is indicating the kind and sender in the encrypted blob",
"sig": "7eff46efb6c65f6af4c0b1a1ed767a6dcbf4dcd07e1a45c4ac7525cb8343d7a98e73f0d4a7d4e76c257bbdb1d0011753b032c18a8cc70f3a0a1ec8c5b801d6b7"
}