Riddle me this.... If I want to run an archival relay to backup my nostr events, I'd have to add that relay URL to my client app, but then... everyone could see that relay in my profile.

What's to stop someone from adding that relay (that's intended to be just for me and my events) to their malicious client and ddosing it into oblivion?

How can I have a truly private relay where only my clients have write permission? And ideally no-one can find my relays URL?