Nostr is an emerging open-source, decentralized social networking protocol with over 1.1 million users—and a critical blind spot in its security design. While decentralized architectures promise resilience and user control, rigorous real-world security analyses remain uncommon in this space. In this session, we unveil the first comprehensive security study of Nostr and its popular client applications, demonstrating how subtle flaws in cryptographic design, event verification, and link previews allow an attacker to forge "encrypted" direct messages (DMs), impersonate user profiles, and even leak the confidential message from "encrypted" DMs.

We also show how a lack of signature checks in many clients—whether due to outright skipped verification or a TOCTOU caching flaw—enables effortless data tampering. Even a single oversight can escalate from simple forgery to full-blown confidentiality breaches.

Far from theoretical, our proof-of-concept attacks target widely used clients—one with over 100,000 downloads—and systematically bypass the platform's intended privacy and authentication controls. We'll share how you can replicate these exploits with minimal setup, explain how loosely defined specifications in a decentralized protocol can introduce critical weaknesses, and outline both immediate mitigation steps and best practices for cryptographically sound design. By revealing these cracks in a widely touted "censorship-resistant" system, we aim to jumpstart a more rigorous approach to securing decentralized social platforms—before attackers go mainstream with the vulnerabilities we've uncovered.