Mazin @mazin - 2y
Reminder: many nostr clients do not validate event signatures. Choose your relays carefully. Good morning.
What client are you using?
Yeah unfortunately there can be issues when switching between clients if they store your follows or relays differently. Without digging in to your events it’s hard to say what’s broken. Can you not follow anyone on any client?
I’ll take a look at your events later today when I get a chance. nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s can usually identify the problem quickly but I’m sure he is busy so be patient.
Sure. A nostr event is structured like this: {"pubkey":"3d842afecd5e293f28b6627933704a3fb8ce153aa91d790ab11f6a752d44a42d","content":"Reminder: many nostr clients do not validate event signatures. Choose your relays carefully.\n\nGood morning.","id":"4507934f647958e934f3b67fff32c7b5a4b9e5f42042cf98f2f10ba0159db6bb","created_at":1695042973,"sig":"7cc63f85f2b7956280a7124aca7add92741c9f26b78843a082a2c65c79aa4510e7fb097f5c3d3c1f97e4a445e2673c5b955f19ab02d5630b4d1189cfdf4d4652","kind":1,"tags":[]} The “sig” field is used to validate that my private key signed the note. Most (all?) relays validate these signatures as the event comes in before storing it. Most clients do NOT validate the signature when receiving events from relays. The risk of not validating is that a relay could alter a users notes without detection.
For sure, and it’s going to be a necessary tradeoff in many clients, particularly mobile ones. I do think they should still validate SOME events (like profile updates) though. I do think it’s important to point out that lots of our security/trustlessness is actually smoke and mirrors (for now).
Fabian @Fabian - 2y
I think I might turn it on by default again in Nostur, I had it disabled because I assumed it would be a big performance hit, but after your post I decided to do an actual measurement and it doesn’t seem that bad actually. I will do some more testing to be sure.
Very cool! For what it’s worth, I totally understand not having it on by default and think having the option is great. I think Nostur is one of the few mobile clients that even has the option.
nobody @nobody - 2y
It did seem to hurt it perceptually on my phone. Totally anecdotal though.
Correct, it’s a performance trade off. Some clients like Nostur (made by nostr:npub1n0sturny6w9zn2wwexju3m6asu7zh7jnv2jt2kx6tlmfhs7thq0qnflahe) have a toggle to turn validation on and off.
Perhaps there could be an option to validate some randomly sampled events across a given relay set to keep them honest without necessarily needing to validate every event. I think profile updates are perhaps the most important to validate as it would be trivial for relay operators to steal money by replacing zap addresses.
It’s a race condition with other relays of course so perhaps trivial is unfair but it’s something to think about.
06b78 - 2y
Yields! Do all relays validate event signatures?
*Yikes! Damn autocorrect
I can’t speak for every relay implementation on the planet, but every one that I know of does validate.
Thanks. That’s what I thought. But it is possible for a rogue relay to send out invalid events, so clients need to validate.
Indeed, you got it! I think as clients optimize you’ll see more of them add validation. They all wanted to include it from the beginning but ran in to performance issues. The most important thing to validate is profile updates since those include LN payment addresses. nostr:note1yvnw45cd7frkkx7ca4mnwqqjvranne045vgynf7w986n2jnkp45qwan0ts
Dan @Dan - 2y
nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z which events does #amethyst validate?
Vitor Pamplona @Vitor Pamplona - 2y
All of them. Even push notifications are individually verified.
5c4bf - 2y
Probably some clients don't even verify that events match the filter...
