Marcelo Theodoro on Nostr: Clients should both validate the sha256 of the message and the sig. Anything other ...
Clients should both validate the sha256 of the message and the sig. Anything other than that, you open an attack vector using rogue relays.
It's not cheap! This is the tradeoff of the Nostr architecture.
Published at
2023-03-09 00:00:44Event JSON
{
"id": "88e0c30156d291d266ed3961114d860557f5e1fd7db12561446718502453ba0e",
"pubkey": "3d64c0347f27235228e46d025ef8fa93a721c06d2ac659fd559d15f13b76ab72",
"created_at": 1678320044,
"kind": 1,
"tags": [],
"content": "Clients should both validate the sha256 of the message and the sig. Anything other than that, you open an attack vector using rogue relays.\n\nIt's not cheap! This is the tradeoff of the Nostr architecture.",
"sig": "6bfaab09b497c42872cbfe534b814b4fb297cf77c8f085d98d07d7bbb412487d87d55bdcebd84879cdc78ff82c593eebbf0e2cdcb08f55717842382654faadd8"
}
