addition

studioTeaTwo · Dec 23, 2023 · 8e2d727 · 8e2d727
1 parent b37a169
commit 8e2d727
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/posts/002_ligtning-nostr/index.md b/posts/002_ligtning-nostr/index.md
@@ -10,7 +10,7 @@ preview: It's time to evolve from apes. Last time this blog was able to implemen
 Last time this blog was able to implement [L402](https://github.com/lightning/blips/pull/26). But it was **incomplete**.
 Entering the preimage manually is a problem. Nostr will be a solution.
 
-(Sorry that this movie is large. If you cannot view it, please access again from a rich environment such as PC or Wi-Fi.)
+addition: Sorry that this videos are large. If you cannot view it, please access again from a rich environment such as PC or Wi-Fi.
 
 ## BEFORE:
 

diff --git a/posts/004_paywall-without-intermediaries/index.md b/posts/004_paywall-without-intermediaries/index.md
@@ -113,13 +113,17 @@ The third is to put the articles on the platform for content discovery. As you k
 
 For this use case, I think it would be difficult for L402 to do it with just the Lightning protocol. You'll probably need to limit sort of wallet, or at most wrap invoices with an extension like LNURL. All we need to do is to be able to return the preimage directly to the app when paying from any wallet.
 
+### Nostr secret key requirement increases risk
+
+That's right. NIP-07 prevents secret key from exposing to this blog, but its operating environment is the same as WebLN, that is, only the web. Although progress has been made in the development of web extensions in mobile browsers, we still now need other solutions.
+
 ### Comparison with other paywalls using Lightning
 
 There are several paywalls using Lightning. I don't know everything, but compared to the existing, privacy is honestly lower because the seller knows the buyer's Nostr account. But since the purchase proof is stored on Nostr (not cookies or blog host DB), I think that it has improved the decentralization of data persistence and the convenience being able to port across devices.
 
 ### A case that preimage cannot guarantee proof of payment
 
-There is one problem for NIP-04, which though the message content is encrypted, others can see who is direct messaging with whom. Preimage is obtained not only payer, but also intermediate nodes for payment routing. Therefore, when combined with NIP-04's messaging data, parties other than the payer may also get authorization for paywalled content. To avoid this, it is necessary to prevent routing nodes from acquiring preimages, or to completely hide preimage passing message from others. Therefore, this paywall currently has a vulnerability and will be treated as a proof-of-concept experiment.
+There is one problem for NIP-04, which though the message content is encrypted, others can see "who" is direct messaging with "whom". Preimage is obtained not only payer, but also intermediate nodes for payment routing. Therefore, when combined with NIP-04's messaging data, parties other than the payer may also get authorization for paywalled content. To avoid this, it is necessary to prevent routing nodes from acquiring preimages, or to completely hide the message passing a preimage from others. Therefore, this paywall currently has a vulnerability and will be treated as a proof-of-concept experiment.
 
 ### PLTC/BOLT12