mleku on Nostr: you know the client can make up a one time key for eath auth that isn't tied to a ...
you know the client can make up a one time key for eath auth that isn't tied to a subscription right?
that's one extra boolean flag in your relay data structure and an extra field to set one of the stored user keys for these
users leak their npub constantly with their queries because almost every single one includes the same npub, it makes zero difference if you don't use an anonymising proxy either way
put the security features in the right box, if you muddle the layers up they will become brittle and eventually this will prove to be insecure
anonymisation is a network layer, not application layer issue
Published at
2024-09-20 08:15:56Event JSON
{
"id": "e75c42225b83c8c7e712f655c89e14280404d9a8a2c58c49303f6bf254c2099e",
"pubkey": "4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"created_at": 1726820156,
"kind": 1,
"tags": [
[
"e",
"649f6873ff9cedc53b900976f54083b788c608eebdf325a8811d66bad69e0ec8",
"",
"root"
],
[
"e",
"649f6873ff9cedc53b900976f54083b788c608eebdf325a8811d66bad69e0ec8",
"",
"reply"
],
[
"p",
"ee11a5dff40c19a555f41fe42b48f00e618c91225622ae37b6c2bb67b76c4e49",
"",
"mention"
],
[
"client",
"noStrudel",
"31990:266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5:1686066542546"
]
],
"content": "you know the client can make up a one time key for eath auth that isn't tied to a subscription right?\n\nthat's one extra boolean flag in your relay data structure and an extra field to set one of the stored user keys for these\n\nusers leak their npub constantly with their queries because almost every single one includes the same npub, it makes zero difference if you don't use an anonymising proxy either way\n\nput the security features in the right box, if you muddle the layers up they will become brittle and eventually this will prove to be insecure\n\nanonymisation is a network layer, not application layer issue",
"sig": "277e904cd37cd138c23f1a04b03de20c412f875d9b36b90b4f7e27eefaf0cdd3d51dfcca9566c30ac17bc83fc865995cd95c84866c1e544899315626cca9feff"
}