Replying to Avatar Silberengel

nostr:npub10npj3gydmv40m70ehemmal6vsdyfl7tewgvz043g54p0x23y0s8qzztl5h nostr:npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmleku nostr:npub1gnwpctdec0aa00hfy4lvadftu08ccs9677mr73h9ddv2zvw8fu9smmerrq nostr:npub12262qa4uhw7u8gdwlgmntqtv7aye8vdcmvszkqwgs0zchel6mz7s6cgrkj nostr:npub1wqfzz2p880wq0tumuae9lfwyhs8uz35xd0kr34zrvrwyh3kvrzuskcqsyn nostr:npub1qdjn8j4gwgmkj3k5un775nq6q3q7mguv5tvajstmkdsqdja2havq03fqm7 maybe we really should think up a less-invasive form of AUTH. 🤔

That might help some npubs feel less like they have to be strip-searched to read replies and shitposts.

Avatar
ChipTuner 1y ago

Well, isn't the point of auth to prove who you are to the server. Otherwise why would the server trust you? I think the concern that others have raised is associating an npub to an IP address? Isn't that already happening when requesting things like lists anyway? I guess it doesn't PROVE who you are, but it's pretty obvious when ip 56.28.99.36 continuously requests kind0 events for npubxxxxxx? It's kind of the point of identifiers.

Just to confirm I'm not an idiot, refreshing the page it's pretty obvious to a relay who I am when loading metadata

["REQ","zqdyobdM",{"kinds":[0],"authors":["036533caa872376946d4e4fdea4c1a0441eda38ca2d9d9417bb36006cbaabf58"]},...(other kind stuff also revealing only my public key)]

Reply to this note

Please Login to reply.

Discussion

Avatar
Silberengel 1y ago

It's not to prove who you are, it's to prove that you are in the "trusted" group. I'm asking if you can prove you're in the trusted group some other way, like decrypting some message that only someone with a trusted npub could, and sending them the content of the message back.

Avatar
ChipTuner 1y ago

Decryption is the inversion of signatures. In that case because it has to be encrypted using your npub that would still leak your identity. I guess my consideration is, is AUTH any worse than requesting my kind0 data from the server? Thats what I'm trying to understand

Avatar
Silberengel 1y ago

It wouldn't accomplish any obfuscation, unless you were one of many, like 20+.

Avatar
ChipTuner 1y ago

So basically issuing a noise protocol for message data. I suppose that could be done with proxies as some sort of aggregation. I think we're still fighting the war of my IP may be linked to my npub and were fighting networking protocols here.

Avatar
Silberengel 1y ago

I was just wondering if there was some One Neat Trick that would assuage the worries of people like nostr:npub15qydau2hjma6ngxkl2cyar74wzyjshvl65za5k5rl69264ar2exs5cyejr , while still allowing us to control access.

Cuz I think the future might be all relays using AUTH.

Avatar
ChipTuner 1y ago

Well It's probably worth understanding his more specific concern then. Lemme take a look

Avatar
Silberengel 1y ago

🫂 thank you!