Add Twitter verification caveat to NIP-39.

This commit is contained in:
Ioan Bizău 2023-10-31 15:56:17 +02:00
parent ad019ee067
commit 5f911b1b00

2
39.md
View File

@ -51,6 +51,8 @@ Identity: A Twitter username.
Proof: A Tweet ID. The tweet should be posted by `<identity>` and have the text `Verifying my account on nostr My Public Key: "<npub encoded public key>"`.
This can be located at `https://twitter.com/<identity>/status/<proof>`.
Caveat: fetching `https://twitter.com/<identity>/status/<proof>` and looking for the `<npub>` is not sufficient as a validation, because Twitter can automatically redirect if you use the wrong identity (but the correct tweet ID) as part of the URL! So after fetching `https://twitter.com/saylor/status/1701877505437675910` one must re-check the *actual* URL (or avoid redirects in the first place) before concluding that the person using `1701877505437675910` as a proof matches the @saylor identity on Twitter!
### `mastodon`
Identity: A Mastodon instance and username in the format `<instance>/@<username>`.