Very few people understand the value of hashes and signatures in Nostr, they think it is sovereignty thing, it is not, it is lack of authority thing. If nostr had an authoritative strongly consistent server for each user, hashes and signatures would be limited to gossip through 3rd parties, but because there isn't any authoritative servers (some try to add that in retrospect with outbox model) all parties are 3rd parties.
Nostr is not trustless from the user's point of view, no user ever checked if the content of the post they are reading actually match the hash or correctly signed, that is larping.
self authenticated data is an efficiency optimization, NOT security feature.
Nuh 🔻
npub1jv…s7yqz
2024-06-23 15:05:16
Author Public Key
npub1jvxvaufrwtwj79s90n79fuxmm9pntk94rd8zwderdvqv4dcclnvs9s7yqzPublished at
2024-06-23 15:05:16Event JSON
{
"id": "c0c70e9b87eb553d865ed3d6b7b2fa3c572fe21b026cb971842ed96d59f29a9a",
"pubkey": "930ccef12372dd2f16057cfc54f0dbd94335d8b51b4e2737236b00cab718fcd9",
"created_at": 1719147916,
"kind": 1,
"tags": [],
"content": "Very few people understand the value of hashes and signatures in Nostr, they think it is sovereignty thing, it is not, it is lack of authority thing. If nostr had an authoritative strongly consistent server for each user, hashes and signatures would be limited to gossip through 3rd parties, but because there isn't any authoritative servers (some try to add that in retrospect with outbox model) all parties are 3rd parties.\n\nNostr is not trustless from the user's point of view, no user ever checked if the content of the post they are reading actually match the hash or correctly signed, that is larping.\n\nself authenticated data is an efficiency optimization, NOT security feature.",
"sig": "8491d80336b4c75dacf8ff722d925d13462f128c27461b45d38b0026449a749441d9063b8535ced0ca29c954f0c490940501945d7b0397cd722a980dc8dedaf9"
}