ZoideNFTvia treechat·4mo
❤️ 7 Likes · ⚡ 0 Tips
{
  "txid": "09a94784d0f10775fe2cff972bf240fc7b568c737d63225c26c9593df546e037",
  "block_height": 0,
  "time": null,
  "app": "treechat",
  "type": "post",
  "map_content": "A hacker can potentially use JavaScript from a html inscription to execute malicious code at the client side. Sandboxed iframe is not 100% secured solution and we must understand that the html content of an inscription can be changed later if the html code let the creator to do so. Zoide will only display the inspected html inscriptions for security reasons and that is a user protection decision made from the begining of the html display feature inclusion.",
  "media_type": "text/markdown",
  "filename": "|",
  "author": "14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGK",
  "display_name": "ZoideNFT",
  "channel": null,
  "parent_txid": null,
  "ref_txid": null,
  "tags": null,
  "reply_count": 5,
  "like_count": 7,
  "timestamp": "2025-12-21T21:04:09.000Z",
  "media_url": null,
  "aip_verified": true,
  "has_access": true,
  "attachments": [],
  "ui_name": "ZoideNFT",
  "ui_display_name": "ZoideNFT",
  "ui_handle": "ZoideNFT",
  "ui_display_raw": "ZoideNFT",
  "ui_signer": "14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGK",
  "ref_ui_name": "unknown",
  "ref_ui_signer": "unknown"
}
⬇️
KUROvia treechat·4mo
❤️ 9 Likes · ⚡ 0 Tips
{
  "txid": "5ef088368e8edd9567303ea87b0e8a4dc257e1003d727a8810a97b3e43d347c2",
  "block_height": 0,
  "time": null,
  "app": "treechat",
  "type": "reply",
  "map_content": "I don't mean to complicate this issue, but this is my opinion as a creator who sees great appeal and potential in HTML inscriptions as NFT art. \r\nOn 3D Ordi and OrdArena, it's possible to create HTML inscriptions without permission, and to display and interact with HTML inscriptions created on other platforms. Does this mean that 3D Ordi and OrdArena are neglecting security measures? (I would like to believe that this is not the case. Jorge and Joe are developers I trust, as well as Jhon, you, David Case, and Satchmo.) If that's the case, what is the clear difference between platforms like ZoideNFT and 1sat market, which have some restrictions on HTML files, and 3D Ordi and OrdArena, which appear to have no restrictions?",
  "media_type": "text/markdown",
  "filename": "|",
  "author": "14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGK",
  "display_name": "KURO",
  "channel": null,
  "parent_txid": "09a94784d0f10775fe2cff972bf240fc7b568c737d63225c26c9593df546e037",
  "ref_txid": null,
  "tags": null,
  "reply_count": 2,
  "like_count": 9,
  "timestamp": "2025-12-22T10:58:09.000Z",
  "media_url": null,
  "aip_verified": true,
  "has_access": true,
  "attachments": [],
  "ui_name": "KURO",
  "ui_display_name": "KURO",
  "ui_handle": "KURO",
  "ui_display_raw": "KURO",
  "ui_signer": "14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGK",
  "ref_ui_name": "unknown",
  "ref_ui_signer": "unknown"
}
Signed by14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGKAIP!

Replies (2)

ZoideNFTvia treechat·4mo
Replying to #5ef08836
❤️ 5 Likes · ⚡ 0 Tips
{
  "txid": "ad7e8d85b18567cdc1a7f32da6d2adfd426392614a206e65c826aa3f400db722",
  "block_height": 0,
  "time": null,
  "app": "treechat",
  "type": "reply",
  "map_content": "It's related to the amount of % risk the platform decides to tolerate. In my professional trajectory I've seen a lot of security related things being done from different points of view. The better you want to perform the protection strategy, the expensive (or complicate) it turns. But, in addition, I've seen how easy is for a hacker to break a system, specially when the attack vectors are not controlled or they are more than the strictly necessary. The security mesures should be implemented with what you are protecting in mind. A non custodial app should care about the user with the best available security options.",
  "media_type": "text/markdown",
  "filename": "|",
  "author": "14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGK",
  "display_name": "ZoideNFT",
  "channel": null,
  "parent_txid": "5ef088368e8edd9567303ea87b0e8a4dc257e1003d727a8810a97b3e43d347c2",
  "ref_txid": null,
  "tags": null,
  "reply_count": 0,
  "like_count": 5,
  "timestamp": "2025-12-22T16:12:41.000Z",
  "media_url": null,
  "aip_verified": true,
  "attachments": [],
  "ui_name": "ZoideNFT",
  "ui_display_name": "ZoideNFT",
  "ui_handle": "ZoideNFT",
  "ui_display_raw": "ZoideNFT",
  "ui_signer": "14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGK",
  "ref_ui_name": "unknown",
  "ref_ui_signer": "unknown"
}
Signed by14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGKAIP!
J1 Pelaezvia treechat·3mo
Replying to #5ef08836
❤️ 8 Likes · ⚡ 0 Tips
{
  "txid": "8cd769250db30e177bd84a649e9b7ca5669ca1c970bd93cef26bf551285a24b3",
  "block_height": 0,
  "time": null,
  "app": "treechat",
  "type": "reply",
  "map_content": "The security measures for Web3 apps should not be the same as those for Web2 apps; instead, they must be adapted to this environment, seeking a balance between user protection and content publication. Bitcoin (BSV), in its original design, strikes a perfect balance between totalitarian state surveillance and individual privacy without losing traceability. There is no perfect recipe; however, if the power of Bitcoin is understood, solutions can be simplified.\r\nFor example, in a firewall, there are two ways to control data flow: you can block everything and only allow what you want, or you can do the opposite, allowing everything and blocking what you don't want. It's similar with social media content; there are two general ways to moderate content: one is through a central entity that only allows narratives aligned with its policies or values (like Facebook), and the other is to allow all content, blocking only the inappropriate content reported by users themselves (like X). I prefer the second approach because the first implies a centralized entity that decides what is true and what is not\u2014an \"owner of truth and public opinion.\"\r\nWith the above as an introduction, let's keep in mind that in Bitcoin SV, everything is 100% traceable. Therefore, if a person or group uploads inappropriate or malicious content to the blockchain through an Ordinal-type NFT, they can be found, and it will become more expensive to try to steal than to be honest. That's what Bitcoin is all about: enabling honest people to connect and collaborate online. With this in mind, malicious actors will self-regulate, without neglecting community-based tools like content moderation notes. For example, a blacklist of Ordinals can be created to prevent them from being indexed or displayed in Web3 apps. This makes protection measures more efficient and less costly because, unlike Web2\u2014where attackers try to hide by erasing their tracks on servers\u2014in Bitcoin, they can never erase their footprint. Think about it, and you'll see that protection measures must also adapt to this environment, where being honest is more profitable and dishonesty is costly.",
  "media_type": "text/markdown",
  "filename": "|",
  "author": "14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGK",
  "display_name": "J1 Pelaez",
  "channel": null,
  "parent_txid": "5ef088368e8edd9567303ea87b0e8a4dc257e1003d727a8810a97b3e43d347c2",
  "ref_txid": null,
  "tags": null,
  "reply_count": 1,
  "like_count": 8,
  "timestamp": "2025-12-24T02:39:18.000Z",
  "media_url": null,
  "aip_verified": true,
  "attachments": [],
  "ui_name": "J1 Pelaez",
  "ui_display_name": "J1 Pelaez",
  "ui_handle": "J1 Pelaez",
  "ui_display_raw": "J1 Pelaez",
  "ui_signer": "14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGK",
  "ref_ui_name": "unknown",
  "ref_ui_signer": "unknown"
}
Signed by14aqJ2hMtENYJVCJaekcrqi12fiZJzoWGKAIP!