arthurfranca on Nostr: People knew of all NIP-17 flaws but merged the PR either way. There is a PR that ...
People knew of all NIP-17 flaws but merged the PR either way.
There is a PR that doesn't let a hacker read all previous messages and also make it possible to detect a compromised nsec by making the peer inform of device changes while keeping implementation complexity relatively low (though need review and I don't have time yet to implement it for testing) ->
https://github.com/nostr-protocol/nips/pull/978Published at
2024-04-26 20:13:27Event JSON
{
"id": "d5fc890a69be3ce14ed7ad7136184bd678fc977fead433f666926c5ad35b4e46",
"pubkey": "fc7085c383ba71745704bdc1c6efcf7fab0197501de598c5e6c537ac0b32a4cb",
"created_at": 1714162407,
"kind": 1,
"tags": [
[
"p",
"8fb140b4e8ddef97ce4b821d247278a1a4353362623f64021484b372f948000c",
"wss://relay.nostr.band/",
"fishcake"
],
[
"q",
"71a2a88080812f87a1d90acf9d625ec2a8bda25bfe62c1e6b2635763cb403cda",
"mention"
],
[
"e",
"ab2d9baaf322c68aaa30810c01f7a06d334f421777f5354dadb4e26f47b749cc",
"wss://relay.damus.io/",
"reply"
]
],
"content": "People knew of all NIP-17 flaws but merged the PR either way.\n\nThere is a PR that doesn't let a hacker read all previous messages and also make it possible to detect a compromised nsec by making the peer inform of device changes while keeping implementation complexity relatively low (though need review and I don't have time yet to implement it for testing) -\u003e https://github.com/nostr-protocol/nips/pull/978",
"sig": "1bdf033faef23481ecf455b02d0072db68eb65ace5959bbcfe957c69eed090c02ca7ca7eef76423dbbf6758c9008fb42c1b34ef2d3e21e3a16e580690337491a"
}