Your IP address is visible to your relays.
If a relay operator was malicious they could abuse that information in identifying you (perhaps to punish you for how you use Bitcoin, in a country with an authoritarian regime) or could package your nostr activity with other data brokers’ information about you to sell into the profile(s) that exist on nearly everyone for as-targeting (at best) or government surveillance (in the US, for example, it’s illegal to spy on citizens, but not to buy the entirety of their internet activity from a broker and use that for profiling and “criminal prediction” police lists).
These are all “ugly” (although not “worst case”) scenarios, but it’s more likely that some of those things are already happening with your online data outside of nostr.
It depends also, of course, what relays you use. You asked “worst case” so yeah someone could go after nostriches in a few years with the assumption that many of them hold lots of (massively appreciated) Bitcoin. Kidnappings and theft already happen; user data from crypto exchanges is sold on the dark web every day, and people get scammed and stole from as a result.
Nostr isn’t necessarily “big” enough yet to make us targets… but data is forever.
Using an always-on VPN is just best practice, on Nostr or anywhere else, and while it’s of course far from a perfect solution, a high-quality VPN is such an easy way to limit the data that can be easily traced to you, making it just inconvenient enough that your average bad actor would prefer a different, easier target.
Hope this is helpful 🫡
bostonwine / boston wine
npub14q…e2q26
2024-10-20 03:58:18
in reply to nevent1q…3mer
Author Public Key
npub14qz92uedt0a8jte8jqg63jr3s5cc99cej36jh883z6tprlu354uqqe2q26Published at
2024-10-20 03:58:18Event JSON
{
"id": "3bb8cb499beef3b83c1b97ce8fe35f7f4138bc62192a180b0745220789d34c5e",
"pubkey": "a80455732d5bfa792f279011a8c871853182971994752b9cf1169611ff91a578",
"created_at": 1729396698,
"kind": 1,
"tags": [
[
"e",
"91a53a1bca501b488165cc9137c6c202e0f74af1245f8afce8305bb7d94ee55a",
"",
"root"
],
[
"p",
"32e1827635450ebb3c5a7d12c1f8e7b2b514439ac10a67eef3d9fd9c5c68e245"
],
[
"p",
"b88c7f007bbf3bc2fcaeff9e513f186bab33782c0baa6a6cc12add78b9110ba3"
]
],
"content": "Your IP address is visible to your relays.\n\nIf a relay operator was malicious they could abuse that information in identifying you (perhaps to punish you for how you use Bitcoin, in a country with an authoritarian regime) or could package your nostr activity with other data brokers’ information about you to sell into the profile(s) that exist on nearly everyone for as-targeting (at best) or government surveillance (in the US, for example, it’s illegal to spy on citizens, but not to buy the entirety of their internet activity from a broker and use that for profiling and “criminal prediction” police lists).\n\nThese are all “ugly” (although not “worst case”) scenarios, but it’s more likely that some of those things are already happening with your online data outside of nostr.\n\nIt depends also, of course, what relays you use. You asked “worst case” so yeah someone could go after nostriches in a few years with the assumption that many of them hold lots of (massively appreciated) Bitcoin. Kidnappings and theft already happen; user data from crypto exchanges is sold on the dark web every day, and people get scammed and stole from as a result. \n\nNostr isn’t necessarily “big” enough yet to make us targets… but data is forever. \n\nUsing an always-on VPN is just best practice, on Nostr or anywhere else, and while it’s of course far from a perfect solution, a high-quality VPN is such an easy way to limit the data that can be easily traced to you, making it just inconvenient enough that your average bad actor would prefer a different, easier target.\n\nHope this is helpful 🫡",
"sig": "4aa45605e01fca514b58e95c425c3999195203445e5b2abb8860764bb2e448b5b7ce1ee0fe0f2dc6f7ebda7d11799430402aa00a5247ec331ecd66fd60cd7585"
}