Closed benalleng closed 10 months ago
greenart7c3
commented
11 months ago I did this so the user knows he's trying to post with the wrong user.
I'll add a check if the pubkey is empty to fill it and generate the id.
Also in the future i'll add an option to be able to use multiple accounts
greenart7c3
commented
11 months ago https://github.com/greenart7c3/Amber/releases/tag/v0.0.3
Check if it works with this release
benalleng
commented
11 months ago Looks to work, copies a signature! small gripe would be that the "signed by" key has no corresponding value and the rawJson isn't updated to show the pubkey and id that are now in place for the signature. Excited to see this project progress!
In the event that an event doesn't have a private key it returns an error that the pubkey doesn't match the pubkey of the current user, but in the event of the pubkey being an empty string could / should Amber consider filling in this information?
Is there a security concern of filling in the pubkey + id when they are empty?
I came across this when trying to test Amber's features in a post-only application that doesn't otherwise ask for any nostr information so the event would be lacking a pubkey + id. It just prompts the user whether they want to share some event content on nostr and then sends that event on to nos2x or in this case Amber.