Moniker spoofing

engineer_x · August 3, 2018, 2:59pm

It seems to me like moniker spoofing is a risk, to node reputation at the least.

A possible way to address this may be to have monikers registered to an address and require signing from that address to associate the moniker to a node.

luigi · August 6, 2018, 10:02pm

The risk would still exist because spoofers could use similar spellings, etc to the real validator’s moniker.
e.g.
real validator’s moniker: engineer_x
spoofer’s moniker: engineeer_x

Maybe ask delegators to check validator address (or something else that is derived from the private key) before believing spoofer’s story.

Staking commands use “account_cosmosaccaddr” already, and not moniker, so this risk is somewhat mitigated.

iqlusion · August 6, 2018, 10:23pm

Good ol’ Zooko’s Triangle:

One solution would be to use an existing naming system like DNS for monikers. Then it would be possible to tie a domain name to a key, using e.g. a TXT record (an approach not too far off from the DV method for issuing X.509 certificates)

engineer_x · August 7, 2018, 2:32am

I see. Thank you luigi, makes sense.

engineer_x · August 7, 2018, 2:38am

Zooko’s triangle I love being involved with a group of smart people

Topic		Replies	Views
How Do You Deal With Impersonators? Validation	3	726	August 27, 2019
Risk Assessment for Validators and "Stake Flip Attack" Validation	2	546	August 9, 2018
Free Non-Custodial Validator Node Management System with Grants Validation	0	383	May 21, 2023
Cosmos Vulnerable to DDoS attacks? Miscellaneous	5	2028	September 30, 2021
Validators and cloud services who are NOT vulnerable to downfall Conversation	1	247	August 24, 2023

Moniker spoofing

Related Topics