What I mean is that zapped nuts are encrypted with the zapee's pubkey and therefore SN doesn't know whether it's a nut or not and if yes, what mint it is from. The user's software needs to report how much zaps it received once it unencrypts all DMs and reissues all the nuts.

Of course the user might maliciously exaggerate the amount of sats but then again the user might just zap self instead of modifying the software to lie.

Another problem is that the user might be prompted to connect to a weird server by receiving a weird nut and this is more targeted than inserting images into SN comments.