Michael Rüger on Nostr: npub1zfeag…tt7pt yes, fraud is a problem. If most of the users have a github ...
npub1zfeagvf9h2r7yzx96lcwy28d0c4symtw0zv9h4rrdmkxvej4pvpqxtt7pt (npub1zfe…t7pt) yes, fraud is a problem.
If most of the users have a github account (or other trusted providers) they could e.g. provide their public key e.g. in a secret gist and post the link of the gist to your api instead posting the public-key directly.
Or use a letsencrypt aproach where the api provides a unique token which the user must store e.g. in a gist to prove this identity.
Sadly, as we all know, fraud protection and ease of use will never be best friends. ;)
If most of the users have a github account (or other trusted providers) they could e.g. provide their public key e.g. in a secret gist and post the link of the gist to your api instead posting the public-key directly.
Or use a letsencrypt aproach where the api provides a unique token which the user must store e.g. in a gist to prove this identity.
Sadly, as we all know, fraud protection and ease of use will never be best friends. ;)