DanConwayDev on Nostr: I'm aware that right now most clients make finger printing pretty easy right now (see ...
I'm aware that right now most clients make finger printing pretty easy right now (see
No. I have a privacy problem with AUTH. Relays can probably fingerprint users based on IP and queries but why make surveillance easier?
I should probably implement it somehow. Ask the user if they want to reveal to a particular relay who they are?
Zero knowlege proofs would be so much better for auth. "I am one of this set of users".
), but normalising auth-to-read removes all doubt and possibility for clients to resist this later.
I've thought more about zkps and either the relay must reveal their whitelist or the user sends a list that could easily fingerprint them.
I don't have any easy answers for an alternative. attaching ecash to request messages could be interesting.
Published at
2024-09-25 18:34:30Event JSON
{
"id": "cc0d91603cece2ef339c208dc61891bf810c89a43e57a16e74402f2238333a8c",
"pubkey": "a008def15796fba9a0d6fab04e8fd57089285d9fd505da5a83fe8aad57a3564d",
"created_at": 1727289270,
"kind": 1,
"tags": [
[
"e",
"c41c7ca64e95b07b66ea3baf01c9e095055972089e716844b9dffbe689956646",
"wss://nos.lol/",
"mention"
],
[
"e",
"649f6873ff9cedc53b900976f54083b788c608eebdf325a8811d66bad69e0ec8",
"",
"root"
],
[
"e",
"4bb55b425b8a894e657b7eac654d85fbfdd34167185a8446854abef3d3db7c44",
"",
"reply"
],
[
"p",
"7cc328a08ddb2afdf9f9be77beff4c83489ff979721827d628a542f32a247c0e",
"",
"mention"
],
[
"p",
"a008def15796fba9a0d6fab04e8fd57089285d9fd505da5a83fe8aad57a3564d",
"wss://relay.nostr.band/",
"mention"
]
],
"content": "I'm aware that right now most clients make finger printing pretty easy right now (see nostr:nevent1qvzqqqqx2cpzpgqgmmc409hm4xsdd74sf68a2uyf9pwel4g9mfdg8l5244t6x4jdqy88wumn8ghj7mn0wvhxcmmv9uq3wamnwvaz7tmjv4kxz7fwdehhxarj9e3xzmny9uqzp3qu0jnya9ds0dnw5wa0q8y7p9g9t9eq38n3dpztnhlmu6ye2ejxy6acyk), but normalising auth-to-read removes all doubt and possibility for clients to resist this later.\nI've thought more about zkps and either the relay must reveal their whitelist or the user sends a list that could easily fingerprint them.\nI don't have any easy answers for an alternative. attaching ecash to request messages could be interesting.\n",
"sig": "d7d109a6ed614348aa56d580737bec184edcbb6afec8ebd72ca76d86d68ea46770233f599d7cd562e698ffe688abf2d3cb417cf5eb7ca4050e0830b4c2b37a16"
}
