Aspie96 on Nostr: Even if the protocol very strictly mandated, in NIP-01, from the very beginning of ...
Even if the protocol very strictly mandated, in NIP-01, from the very beginning of Nostr, that relays delete events upon request, how would you ever be sure that they do? Anyone can develop a relay that doesn't. You could argue that such relay wouldn't qualify, technically, as a "Nostr relay", but so what?
Also, even if everyone avoids such relays (how would you? They could just selectively refuse to delete some of the notes. They could even hide them for two years, just to trick you, then put them back online), anyone can build a Nostr archive which pulls from public relays, then publishes all notes and refuses to delete them.
You could rely on the law and sue such relays, but they can be in any country and/or behind a darknet.
> Nostr, as it is right now, is a permanent record that seeks to tie all of your apps and your coin transactions to one key pair.
Don't use it for anything related to "coins". Use it for things you want to stay published.
> Relays must use the protocol to participate in the network.
No, they do not have to. They can break the protocol in tactical ways that will still allow clients to interact with them.
> If the protocol requires honoring event deletion requests to participate in the network, then Nostr will have avoided this festering security and safety issue.
Absolutely not. You can just build a non-compliant relay.
In the context of security you *NEVER* assume that your "attacker" will comply with any rule whatsoever.
Every party gets to decide everything about their own behavior and you must act in a way which will be secure regardless of the ways in which others will act.
You can't "defend" yourself from "bad" relays by telling them to delete events. There is nothing you can do that will make them do so, unless they are well-meaning.
But even if all relays you use behave the exact way you want (which you can only know if they are run by parties you know and trust), anyone can and will do whatever it is that you hope won't happen: get on Nostr, fetch notes and publish them again, refusing to delete them.
If you aren't assuming someone *will* act against you, in the smartest way they could, you are not doing security.
Published at
2024-08-13 16:44:23Event JSON
{
"id": "cad024a32fb236c06408e4febf3fa8fa39bb260012fdfca732d0a734d5bd94c0",
"pubkey": "8ee4290c98b20b2999138b322f466ea20c75608f568ab53cf11492bf9b2e849c",
"created_at": 1723567463,
"kind": 1,
"tags": [
[
"e",
"12ea37700158bc199e365ff2da5a802a427644d5b0e4caac6ebe8d09e41cd01a",
"wss://nos.lol/",
"root"
],
[
"e",
"12ea37700158bc199e365ff2da5a802a427644d5b0e4caac6ebe8d09e41cd01a",
"wss://nos.lol/",
"reply"
],
[
"p",
"4eb88310d6b4ed95c6d66a395b3d3cf559b85faec8f7691dafd405a92e055d6d",
"",
"mention"
]
],
"content": "Even if the protocol very strictly mandated, in NIP-01, from the very beginning of Nostr, that relays delete events upon request, how would you ever be sure that they do? Anyone can develop a relay that doesn't. You could argue that such relay wouldn't qualify, technically, as a \"Nostr relay\", but so what?\n\nAlso, even if everyone avoids such relays (how would you? They could just selectively refuse to delete some of the notes. They could even hide them for two years, just to trick you, then put them back online), anyone can build a Nostr archive which pulls from public relays, then publishes all notes and refuses to delete them.\n\nYou could rely on the law and sue such relays, but they can be in any country and/or behind a darknet.\n\n\u003e Nostr, as it is right now, is a permanent record that seeks to tie all of your apps and your coin transactions to one key pair.\n\nDon't use it for anything related to \"coins\". Use it for things you want to stay published.\n\n\u003e Relays must use the protocol to participate in the network.\n\nNo, they do not have to. They can break the protocol in tactical ways that will still allow clients to interact with them.\n\n\u003e If the protocol requires honoring event deletion requests to participate in the network, then Nostr will have avoided this festering security and safety issue.\n\nAbsolutely not. You can just build a non-compliant relay.\n\nIn the context of security you *NEVER* assume that your \"attacker\" will comply with any rule whatsoever.\nEvery party gets to decide everything about their own behavior and you must act in a way which will be secure regardless of the ways in which others will act.\nYou can't \"defend\" yourself from \"bad\" relays by telling them to delete events. There is nothing you can do that will make them do so, unless they are well-meaning.\n\nBut even if all relays you use behave the exact way you want (which you can only know if they are run by parties you know and trust), anyone can and will do whatever it is that you hope won't happen: get on Nostr, fetch notes and publish them again, refusing to delete them.\n\nIf you aren't assuming someone *will* act against you, in the smartest way they could, you are not doing security.",
"sig": "9f56077c54333223561ba5c40e05827090d69059ed51ec18110053b31faa092cc127563c63722d6a771a25cd6f7195c662e70e724853a833483a94a135da591c"
}