Here's a proof of concept that allows storing a signed hash in the feed.
https://svelte.dev/playground/134809f1af4d4651a35516502432cf3b?version=5.20.2
If you're on the backup server's approved npub list, they can store it for you for redundancy, otherwise they can reject the feed.
The app can then fetch the feed and verify the hash against the feed.
If the redundant server acted maliciously and modified the feed prior to storing it, like in the Stolen Feed example in which the value address changes, then the app would flag it as an unauthorized change and fetch the feed from the next server in the redundancy list.
StevenB
npub1yv…d6pv9
2025-02-19 19:31:46
in reply to nevent1q…s5hl
Author Public Key
npub1yvgrrzf4dnmu30qfhw95x87ruu0g2kpv3a64h8hpvqsre8qeuspsgd6pv9Published at
2025-02-19 19:31:46Event JSON
{
"id": "05eb14dce7d7af4ba0a68e142cd29dace82483971613da8193a99c4c802a7690",
"pubkey": "23103189356cf7c8bc09bb8b431fc3e71e85582c8f755b9ee160203c9c19e403",
"created_at": 1739993506,
"kind": 1,
"tags": [
[
"e",
"95e15bda61fc6856171b303cf850c5ad9c6d76dd5a8eaf0699763af03fc402a7",
"wss://relay.damus.io/",
"root",
"23103189356cf7c8bc09bb8b431fc3e71e85582c8f755b9ee160203c9c19e403"
],
[
"e",
"7eb66367afddc7082399a3e2624e2295a3cb864eb337a37e226cd95c00735a04",
"wss://strfry.iris.to/",
"reply",
"23103189356cf7c8bc09bb8b431fc3e71e85582c8f755b9ee160203c9c19e403"
],
[
"p",
"23103189356cf7c8bc09bb8b431fc3e71e85582c8f755b9ee160203c9c19e403",
"wss://strfry.iris.to/"
],
[
"p",
"266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5"
],
[
"p",
"fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52"
]
],
"content": "Here's a proof of concept that allows storing a signed hash in the feed. \nhttps://svelte.dev/playground/134809f1af4d4651a35516502432cf3b?version=5.20.2\nIf you're on the backup server's approved npub list, they can store it for you for redundancy, otherwise they can reject the feed.\nThe app can then fetch the feed and verify the hash against the feed. \nIf the redundant server acted maliciously and modified the feed prior to storing it, like in the Stolen Feed example in which the value address changes, then the app would flag it as an unauthorized change and fetch the feed from the next server in the redundancy list.",
"sig": "c8918dedb0b922e0f725a01b60e3dc57ece3c46f4f6c3118e8117981ff1380fafabb86222dc2738ef38959aa3026d70cf36d95b15abd07f44bcc2c103d0283e1"
}