I was recently approached by a user claiming to be the developer of Sync for Lemmy who wanted to be a moderator of the community I created, !syncforlemmy.

I was able to verify this user was indeed LJ Dawson as I knew where to contact him on Discord.

It is quite possible that an impostor user on another instance may be created, for example [email protected] could easily be made.

Should Lemmy have a verified user marker for members who are of importance to any given community? Are there any other options to protect users against nefarious persons playing impostor?

  • terribleplan@lemmy.nrd.li
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    There is DID which tries to do some of that. Many methods of registering your identifier have been registered (blockchain, bitcoin, crypto keys, purpose-built software, etc). Linking identities to some entity like this would prove ownership, but getting it implemented in places, encouraging users to use/check it (e.g. almost nobody GPG signs email), not trust similar usernames/domains, etc are all hard problems that having a spec alone doesn’t solve.