Although the bitcoin-cli program uses local private key to sign a registration transaction for ID “foo” and, for instance a pgp key K, namely foo.id: { "pgp": K }
, a rogue bitcoin-core server may create a new private key to sign a different transaction with a rogue pgp key K2: foo.id: { "pgp": K2 }
Since the whole point of Blockstack is to register IDs without trusting a server, the core server and the client must be owned by the same user.
Or, after the registration, the registering user must verify that the data is correct, and was registerted with the original transaction. How can I do that with blockstack-cli ? (Let’s say that the lookup data is trusted 100%, and it is only the registration part that I didn’t trust 100%).