Replying to Avatar splinter

As others have said, relays see your IP when you connect, it can be linked to your npub when you post/react/etc. I believe some clients connect to the relay on your behalf.

You need to use a VPN if you're worried about your real IP address being known - this is true for any service, Nostr included.

I don't think most relays keep logs (at least I don't, as Strfry doesn't log by default). Also an IP address by itself isn't really worth anything to anyone other than your government. If they're trying to track you down at all costs then you've got bigger problems, but they have easier ways to figure it out anyway.
51
516add19... 2y ago

Thanks for the reply. Not worried about governments. Worried about malicious relay operators or the possibilities of one. I like thinking hypothetically. I worry VPN doesnt offer much solution as they dont work perfectly, can disconnect. Also I dont believe we have a good way to verify if VPNs log or not. I barely trust them.

Reply to this note

Please Login to reply.

Discussion

Avatar
splinter 2y ago

You're right, with a VPN you just shift trust from your ISP to the VPN provider.

There's nothing a malicious relay operator can really do to you, other than perhaps try to DoS you if they're some kind of script kiddie, but even that is at most an inconvenience.

Nobody can doxx you based on your IP address alone, for example, as they aren't accurately geolocated. If you're in the states then they may know what state you're in, for example, but that's about it.

51
516add19... 2y ago

Got it. Maybe I am overthinking the privacy risks a bit. Not so much paranoid, just really wanting to practice the best methods for protecting my nsec and general privacy. Might try Tor with Amethyst for fun.

Avatar
splinter 2y ago

I think it's good to be aware and ask questions, privacy is very important.