still wondering about this:
IF Nostr relays will require user authentication to connect and post, then it will not be possible to publish zaps to those nodes as lnurl-zap providers are not authenticated. (unless the lnurl-zap providers would pay for all of them)
is this correct?
requiring some authentication makes sense to protect against resource expensive connections - against DOS. is this correct?
Was wondering the same.
Not only user authentication, but also with whitelisted pubkeys (paid relays, pow-based relays, etc).
very good Q - freedom vs protecting you servers against any easy possible loophole to DDOS is important - in fact i not sure full implication NIP 57 yet - then comes spam bot filtering
Those relays could have a policy to allow publishing of zap-notes that mention registered pubkeys, for example.
cc. #[2] : thoughts on implementing some policy like this one?
imo a problem is that a websocket connection will be established and require resources if the authentication is done on the note/pubkey signature layer as it is currently done. Unauthenticated websocket endpoints are harder to scale and are easier to DoS.
but my experience scaling websocket connections is limited - hence my question :)
Paid relays allow unauthenticated connection for read operations.
They will only require authentication for write operation.
The idea could be to allow writes without authentication if the note to be written is a zap-note referencing a paying subscriber.
I don't know how adding this policy could affect websockets connections management.
writing there is not the problem afaik because the zap is signed by the sender.
but for the relay unauthenticated connections are a problem those cost resources (websocket connections use a lot of server resources)
and if relays start to require some authentication then NIP57 will fail from my current understanding.
I am very interested how Nostr people see this. Maybe it's a no-problem, or relays just have to deal with it? or LNURL-zap tools/providers have to pay all the relays to be able to connect?
Zap providers can get whitelisted on Nostream by IP address.
