It seems to me like moniker spoofing is a risk, to node reputation at the least.
A possible way to address this may be to have monikers registered to an address and require signing from that address to associate the moniker to a node.
It seems to me like moniker spoofing is a risk, to node reputation at the least.
A possible way to address this may be to have monikers registered to an address and require signing from that address to associate the moniker to a node.
The risk would still exist because spoofers could use similar spellings, etc to the real validator’s moniker.
e.g.
real validator’s moniker: engineer_x
spoofer’s moniker: engineeer_x
Maybe ask delegators to check validator address (or something else that is derived from the private key) before believing spoofer’s story.
Staking commands use “account_cosmosaccaddr” already, and not moniker, so this risk is somewhat mitigated.
Good ol’ Zooko’s Triangle:
One solution would be to use an existing naming system like DNS for monikers. Then it would be possible to tie a domain name to a key, using e.g. a TXT record (an approach not too far off from the DV method for issuing X.509 certificates)
I see. Thank you luigi, makes sense.
Zooko’s triangle I love being involved with a group of smart people