fanis (old account) on Nostr: Probably. If you to you'll see it's been taken down by @jb55 precisely because of ...
Probably. If you to
https://damus.io/web you'll see it's been taken down by @jb55 precisely because of that. AFAIK all web clients were at some point vulnerable to this attack. Best practice is to use non-web clients (eg desktop and app clients) and/or hold the keys in a web extension (such as Alby) when using web clients.
Published at
2022-12-30 17:56:28Event JSON
{
"id": "4eaf442b36c56751520f1bf9fd938b82fdadb38d83abcc6f0e709b1bbe040af0",
"pubkey": "da631e76cd586a47e724a46c2f6deb2a0c7595dd08b314ade38643354eb487b9",
"created_at": 1672422988,
"kind": 1,
"tags": [
[
"client",
"nostr_console"
],
[
"p",
"0c24e3235228f3ee5369d4a8a46ea92f28f1a83936de61ac6b4003d40344d422"
],
[
"e",
"5e995ffaa55539da35c75a289b587df087054650a6e23896806a1998353e1efd",
"",
"root"
],
[
"e",
"2441a3c5cad7786667d10bc52e8852a73fa6a71e8c9b89fab985119eb694f947",
"wss://relay.damus.io",
"reply"
]
],
"content": "Probably. If you to https://damus.io/web you'll see it's been taken down by @jb55 precisely because of that. AFAIK all web clients were at some point vulnerable to this attack. Best practice is to use non-web clients (eg desktop and app clients) and/or hold the keys in a web extension (such as Alby) when using web clients.",
"sig": "280fd00e067277be06c134a4f677171655e45c7566a46a0e07aa2031956a8f4aecd878c559213891b1274c2f382b1032e7915d01cad335b68bdba0ce9c043d41"
}