Co-Fighter Attacks in NACO

Attackers have to claim the server's public key as your own for this attack to work. But how can you do that without knowing the private key? Well, we found an API that allows you to register public keys without proving that you need a private key. And also it turns out you don't have to register exactly theserver's public key. You can add a point of law order to the server'spublic key. Oh my God. Because we're on curve 2559. This is why we need play-watter groups all over again.