Avatar
NowClip 1y ago

Is my IP also permanently stored in Nostr? Or the client?

#asknostr #nostr #privacy

Reply to this note

Please Login to reply.

Discussion

Avatar
HoloKat 1y ago

The relays you connect to can see your IP.

Avatar
NowClip 1y ago

What VPN do you recommend?

Avatar
HoloKat 1y ago

Mullvad takes bitcoin payments.

Avatar
NowClip 1y ago

But is it good in terms of security? I don’t want a vpn stealing my nsec 😱😱

Avatar
HoloKat 1y ago

That’s not how it works. VPN has nothing to do with your nsec. Use an extension or signer app. Don’t plug into random new nostr clients

Avatar
NowClip 1y ago

Well everything goes through the vpn, including your loggin credentials to any site, that’s why I turn it off while logging in.

Avatar
HoloKat 1y ago

There are no credentials on nostr. You are not authenticating to any server. You sign an event and send it to a relay. We use cryptographic signatures to do this.

Avatar
NowClip 1y ago

I know that, I said “any site”.

I also know that, but that signature leaves your device through your vpn.

Avatar
HoloKat 1y ago

The private key cannot be derived from your signature. The signature is stored locally in a client or browser extension or another signer app.

Sorry but I’m not going to explain further. If you truly want to know how it works, search engines are your friend. Look up how nostr signing works and look into cryptographic signatures.

Avatar
NowClip 1y ago

Thanks but I don’t need to go that deep to understand that when a VPN is on everything goes through it. I appreciate it though.

Avatar
HoloKat 1y ago

“I don’t know how it works but I’m going to ignore how it actually works”

Ok…

Avatar
NowClip 1y ago

Don’t worry you’re a genius you can sleep well tonight.

d7
Dan 1y ago

Despite all traffic going through the VPN, your nsec never gets transmitted, so even a malicious VPN could not steal your nsec.

d7
Dan 1y ago

Your nsec never leaves your device. You only ever send proof of ownership of the nsec, never the nsec itself.

Avatar
Brunswick 1y ago

ivpn is what i recommend for every reason you can think of

https://github.com/ivpn/android-app

Avatar
NowClip 1y ago

I’ll check it out, thanks

Avatar
🟠 isolabellart 1y ago

You can connect with TOR on Amethyst if you have this concern, without vpn

Avatar
NowClip 1y ago

I use a VPN, but I turn it off during Loggin to important apps like banking apps. And since I can’t risk losing my nsec I turn it off when logging into nostr. Then I turn it back on.

I use my ipad for everything so I guess Tor is out of the question.

Avatar
Crusty 👨‍💻 1y ago

I think it is the best to assume, that everyone knows your IP, your relays and your apps.

Because it is possible that it is logged. And coming from Murphy's law, it will be logged.

And just as an extra, even servers from which you load images are seeing your IP, and can log it.