dzcode on Nostr: Stop giving a checkmark to every NIP-05 user. It's helping spammers. NIP-05 doesn't ...
Stop giving a checkmark to every NIP-05 user. It's helping spammers.
NIP-05 doesn't equal verification.
Something interesting the latest spammer used, is this service. It’s basically a zero sign up NIP-05 service. It’s actually pretty cool.
What it does mean however is that having a NIP-05 and even being a validated NIP-05 means nothing regarding trust that can be given to a NIP-05 verification.
And just to clarify, not saying that applies to all NIP-05 domains, just that having any valid NIP-05 in of itself isn’t useful without further validation by other means.
In this case, the spammer created a kind0 metadata event and got a fully verified NIP-05 without any further effort - but their posts looked more authentic in client apps… which is something to ponder if this is app good UX.
#[0]
Published at
2023-02-25 19:08:32Event JSON
{
"id": "d2d3d62a7bba5edfc13ecc3e9a8f72bcab44cde0e15c1d2c19392f8f12570ac7",
"pubkey": "15af9e028db92e50d5462ff5837ed952d41a9bc52149fbdea45bfc0dccd7c6d9",
"created_at": 1677352112,
"kind": 1,
"tags": [
[
"e",
"6629b18cd50c13370a41f6117611e39dac67a2e2b52691eff7fe0001689da4ee"
],
[
"p",
"b2dd40097e4d04b1a56fb3b65fc1d1aaf2929ad30fd842c74d68b9908744495b"
]
],
"content": "Stop giving a checkmark to every NIP-05 user. It's helping spammers.\nNIP-05 doesn't equal verification.\n\n#[0]",
"sig": "8de92474628b9b1870a22f9bb4e60cf0186bbb4ce914c1ce0faa4d9a1967a0b84790ebb9523af016e1ecb1f67b8f24211f7627a40f4d04aee1ececbc3fbcdec5"
}
