hzrd149 on Nostr: No, then we will end up with the main issue with ETH where they can't double check ...
No, then we will end up with the main issue with ETH where they can't double check anything they are signing
Once signer allow clients to sign arbitrary data, the client could sign any kind 1, profile update, author or any other kind if event without the user being able to see what was being signed
Published at
2025-01-10 13:11:57Event JSON
{
"id": "9377bcf4fb9e7e7a842cc66d65a012886fbea05896d28a545d39c5b748327d04",
"pubkey": "266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5",
"created_at": 1736514717,
"kind": 1,
"tags": [
[
"e",
"96c6e07834f1878c6b530ccf3caa793078eadd2962c9bf96e16598694c92fe42",
"wss://relay.damus.io/",
"root",
"7fa56f5d6962ab1e3cd424e758c3002b8665f7b0d8dcee9fe9e288d7751ac194"
],
[
"e",
"96c6e07834f1878c6b530ccf3caa793078eadd2962c9bf96e16598694c92fe42",
"wss://relay.damus.io/",
"reply",
"7fa56f5d6962ab1e3cd424e758c3002b8665f7b0d8dcee9fe9e288d7751ac194"
],
[
"p",
"7fa56f5d6962ab1e3cd424e758c3002b8665f7b0d8dcee9fe9e288d7751ac194"
],
[
"client",
"noStrudel",
"31990:266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5:1686066542546"
]
],
"content": "No, then we will end up with the main issue with ETH where they can't double check anything they are signing\n\nOnce signer allow clients to sign arbitrary data, the client could sign any kind 1, profile update, author or any other kind if event without the user being able to see what was being signed",
"sig": "03d8cda6f4d095fa4b4b581c033864307eda2eb65096a68134499b9947f0d68392eec1869a7535074dab799748fa5ac5d619f3997a42a1db51401a5f9db3c7d1"
}
