jb55 on Nostr: Even if you looked at backend source code it could still get hacked and swapped out. ...
Even if you looked at backend source code it could still get hacked and swapped out. This is a real concern. If the caching relay started serving zap addresses that didn’t match profiles… you could be sending sats to hackers on all profiles. This can’t really happen on iOS due to how code signing works, ios verifies binary signature chains from apple and the developer.
Published at
2024-12-29 05:06:46Event JSON
{
"id": "f45fbcd811710bc2597a3cae10d37747a99b74cb1ef81350d07eb86622b1e781",
"pubkey": "32e1827635450ebb3c5a7d12c1f8e7b2b514439ac10a67eef3d9fd9c5c68e245",
"created_at": 1735448806,
"kind": 1,
"tags": [
[
"e",
"d34b3395121a0c6fb28f35f08277119e3b4aeeae7bec8715a7e773dda4ee0ddf",
"",
"root"
],
[
"e",
"9948bc244da9b101de60e1d1886ca69cf50d72763686cf9f1248cf9e6635fc3e",
"",
"reply"
],
[
"p",
"356875ffd729b06eeb4c1d7a70a1f750045d067774d21c0faffe4af2bf96a2e8"
],
[
"p",
"5e1044cb0ec2c7081f9e16ea7a9bdfd403b457d19b87bf95ab7c0369044f9eb9"
]
],
"content": "Even if you looked at backend source code it could still get hacked and swapped out. This is a real concern. If the caching relay started serving zap addresses that didn’t match profiles… you could be sending sats to hackers on all profiles. This can’t really happen on iOS due to how code signing works, ios verifies binary signature chains from apple and the developer.",
"sig": "2670441a8405f769001120ac4fbcf44a8cc72156ff53cc60ca3576b798dd2aa298df8ae010bfdda8a9149d08d71a22c3f2cbbcb9815c4a06eca6047315b97bf6"
}
