Open water783 opened 2 months ago
I don't follow. Why can't you create a group and be the group owner? That is the idea.
But that group creation page is nonstandard, it's there for testing purposes and will be removed or modified later.
In the current implementation, when you create a group chat, you don't need to verify if you are the owner of the pubkey. You just need to enter a pubkey and a group name. Therefore, you can enter anyone's pubkey to create a group and make them the group owner.
So to avoid this, I think a signature verification is needed?
I see. Yes, that's indeed a flaw. Will improve on that.
Hi sir,
I've been implementing NIP-29 groups in 0xchat and noticed some changes in relay29. Thank you for the updates! 🙏
However, I encountered an issue during group creation. Currently, groups can be created by simply inputting an
npub
andname
. This allows others to potentially impersonate annpub
and create a group as if they were the group owner.I suggest enhancing the group creation process by requiring a JSON event to be sent to the server, which can also initialize some group information. Here’s a proposed structure for the JSON event: