One could setup a malicious relay could be built to trigger a known RCE vuln and every nostr client with the vuln would be pwned XD For example, in my dream world, noscrypt becomes ubiquitous, there is an overflow somewhere that can be triggered by a malicious relay connection, now all nostr users running noscrypt are pwned simply by connecting to that relay. Same could be said for NDK, or aedile or any framework with a known vuln.