Wait... I've never read a note on #nostr breaking down for plebs the basics of privacy, especially when using nostr, relays, and lightning.
Did I miss something?
Discussion
at least, privacy focused browser (Brave, Firefox, Mullvad) + vpn + proxy can be good.
What about tor?
And what if you own a relay?
It's good for encrypted traffic, but around 2017 someone says that most nodes were owned by NSA, so, for me is not the best solution, and not even a miracle solution.
Yes, Tor have some problem, nodes funded by NSA or CIA is one but constant DDoS is one other for the performance
I wouldn't rely on Tor in order to expect high level of protection, for browsing Nostr it could be good enough (as always it depend on what you're doing)
The problem is the same on Bitcoin or Monero, since you're using a public relay, operator can link your IP with your public key and your ISP can be able to know how many times you use Nostr, the potential data size exchanged and the deduced what you're doing and when
That's why Tor, i2p or a mixnet (even better) could help your privacy (there's some trade-off like performance to do) by limiting the possibility to link IP and public key and to protect relay operator by not leaking the server localisation who host the relay
There's another problem, since relay doesn't store the media you're leaking your IP to the hosting provider like imgur or nostr.build
afaik iris.to help by proxying your requests to theses services limiting the information and metadata leaking
imho the solution should come from the nostr client or relays software and not the protocol itself, and yes since Nostr is a social protocol you will need to use different relays to connect with people it's a pretty good challenge to solve in order to have the best privacy you can
We explained (quickly) the privacy challenge Nostr face right now in this article