CybersecurityDefense

Black Hat USA 2025 | Practical Attacks on Nostr, a Decentralized Censorship-Resistant Protocol

Black Hat
Black HatApr 1, 2026

Why It Matters

These vulnerabilities demonstrate that decentralization alone does not guarantee security; unchecked client implementations can expose users to fraud and data leakage, threatening the broader adoption of censorship‑resistant social networks.

Key Takeaways

  • Many Nostr clients consistently skip essential signature verification.
  • Forged events enable profile hijacking and micropayment theft.
  • Encrypted direct messages lack integrity, vulnerable to CBC manipulation.
  • Attackers exploit link preview feature to extract secret URLs.
  • Mitigations include authenticated encryption and stricter protocol specification enforcement.

Summary

The Black Hat USA 2025 session, led by HKuma of NICT Japan, examined practical attacks on Nostr, a decentralized, censorship‑resistant social networking protocol. The talk highlighted how Nostr shifts trust to client devices, eliminating central servers, and presented the researchers’ recent ITP‑US&P paper that catalogues vulnerabilities across multiple client implementations.

Analyzing 56 client versions—both open‑source and proprietary—the team uncovered seven critical flaws that break confidentiality, integrity, and availability. Key findings include forged events that bypass signature checks, direct‑message tampering via CBC‑mode encryption weaknesses, and micropayment address hijacking through profile event manipulation. Demonstrations showed attackers injecting forged IDs, altering Bitcoin addresses, and extracting secret URL tokens via link‑preview features.

Notable examples featured a proof‑of‑concept where a malicious client skipped signature verification, allowing a forged profile to redirect payments to the attacker’s wallet. Another demo leveraged CBC malleability to modify encrypted URLs, enabling the extraction of hidden tokens during automatic link previews. The researchers worked with Nostr developers for two years, delivering patches and recommending authenticated encryption and clearer specification language.

The implications are profound: without mandatory client‑side verification and robust integrity checks, decentralized platforms expose users to financial loss and privacy breaches. The findings urge the Nostr community to adopt stricter spec enforcement, authenticated encryption, and comprehensive testing to safeguard the promised freedom of self‑sovereign social media.

Original Description

Nostr is an emerging open-source, decentralized social networking protocol with over 1.1 million users—and a critical blind spot in its security design. While decentralized architectures promise resilience and user control, rigorous real-world security analyses remain uncommon in this space. In this session, we unveil the first comprehensive security study of Nostr and its popular client applications, demonstrating how subtle flaws in cryptographic design, event verification, and link previews allow an attacker to forge "encrypted" direct messages (DMs), impersonate user profiles, and even leak the confidential message from "encrypted" DMs.
We also show how a lack of signature checks in many clients—whether due to outright skipped verification or a TOCTOU caching flaw—enables effortless data tampering. Even a single oversight can escalate from simple forgery to full-blown confidentiality breaches.
Far from theoretical, our proof-of-concept attacks target widely used clients—one with over 100,000 downloads—and systematically bypass the platform's intended privacy and authentication controls. We'll share how you can replicate these exploits with minimal setup, explain how loosely defined specifications in a decentralized protocol can introduce critical weaknesses, and outline both immediate mitigation steps and best practices for cryptographically sound design. By revealing these cracks in a widely touted "censorship-resistant" system, we aim to jumpstart a more rigorous approach to securing decentralized social platforms—before attackers go mainstream with the vulnerabilities we've uncovered.
By:
Hayato Kimura | Researcher, National Institute of Information and Communications Technology / The University of Osaka
Ryoma Ito | Senior Researcher, National Institute of Information and Communications Technology
Kazuhiko Minematsu | Research Fellow, NEC Corporation
Shogo Shiraki | Independent Researcher, University of Hyogo
Takanori Isobe | Professor, The University of Osaka
Presentation Materials Available at:

Comments

Want to join the conversation?

Loading comments...