ManiMe on Nostr: Nip05 is not secure. Any malicious server can add your pubkey to their well-known. ...
Nip05 is not secure. Any malicious server can add your pubkey to their well-known. Post-compromise, the same bad actor could immediately update the Nip05 field of your kind0….
Published at
2024-05-15 20:04:47Event JSON
{
"id": "adcfa8a4e202a16b4a36cfd4e378cddf6fc4efdfbcb7aa55636d1de466de6f87",
"pubkey": "df67f9a7e41125745cbe7acfbdcd03691780c643df7bad70f5d2108f2d4fc200",
"created_at": 1715796287,
"kind": 1,
"tags": [
[
"e",
"4acd195f9ac837f7d5772dd741314db39dc2d540c55b4b541261753e6c97348d",
"",
"root"
],
[
"e",
"72ab618ff9d61e61e8f8ddc289269314b2f1f3f31d38a6c4ddb443c967271d87",
"",
"reply"
],
[
"p",
"7cc328a08ddb2afdf9f9be77beff4c83489ff979721827d628a542f32a247c0e"
],
[
"p",
"df67f9a7e41125745cbe7acfbdcd03691780c643df7bad70f5d2108f2d4fc200"
],
[
"p",
"dd664d5e4016433a8cd69f005ae1480804351789b59de5af06276de65633d319"
],
[
"client",
"Nostur",
"31990:9be0be0fc079548233231614e4e1efc9f28b0db398011efeecf05fe570e5dd33:1685868693432"
]
],
"content": "Nip05 is not secure. Any malicious server can add your pubkey to their well-known. Post-compromise, the same bad actor could immediately update the Nip05 field of your kind0….",
"sig": "148893b579a43df45af2de61a37732a0ae3da60cdfe9f4b3e0b122e28f53321b6dd35b1664204cc613d4390a91a7e43f8032efb135dc5c5cee62584b4223c2eb"
}