How long until malicious relay + impersonation + asking for zaps and personal info phishing scams? If people aren’t yet using malicious relays to impersonate jack and jb55 to ask for zaps then its still very early 😂

If devs don’t see clients not checking sigs as a problem yet… That means they don’t take Nostr seriously… yet. Why should anyone take it seriously then?

My UX with Damus got a lot worse since I removed all the relays I don’t trust.

Since I learned Damus doesn’t validate signatures (yikes) I decided to only use two relays: Damus, bc I’m already using their so whatever, and brb.io bc I already trusted @nvk for Mastodon before. I don’t see the point of adding any other relay.

Who I am isn’t important. What I say is. That said if you want to know something about me, I made some small contributions to Bitcoin Core years ago. I also find vulnerabilities in crypto projects and report them for a living (among other stuff). And I’m quite skeptical of the whole “Nostr solves censorship and will change the world” hype. I’m here trying it though. #introductions