Relay owners can see all IP addresses, right? Is the anonymity idea compromised if a nefarious actor can simply set up a bunch of relays and start linking IP info to content? Or is that not how it works?
#asknostr
Discussion
Well, people choose the relay they interact with, but if that relay advertised themselves and became trusted, they could abuse that trust.
Also people can and probably should choose to connect over tor or vpn.
Thanks Big BB! So we should start on Nostr from day one on the assumption that some relays will be abusing their trust (willingly or not) at some point. Time to extend my Proton VPN plan!
Centralised elements in a de-centralised system can't bring down the system but they can sure create big issues for those caught in their immediate sphere of influence.
It is concerning
so only relay owners you're directly connected can see your ip(if that is your ip).
If there is a nefarious actor, and they are found out, you should stop connecting to their relays. (broadcasted events don't have your ip)
You can/should use broadcasting services or VPNs.
Also another thing to worry about, I don't think most clients are protecting against this(some are), people can also track you with image servers.
Since you load images from their servers your ip can be tracked by the image servers.
Long story short, use a VPN.
Is there, dare I say, a central list or report where you can see ratings or what is being said about relay operators?
And can I ask what you mean by broadcasting services opposed to VPN? (I am 5 years old in Nostr years!)
Or you can use a Tor as well. E.g.: Amethyst supports connecting through tor to the relays.
https://github.com/MutinyWallet/blastr didn't know this was by the mutiny wallet guys as well
That reads like it's a feature a client would integrate? And it connects you to all relays?
My experience so far which is zilch, is that I don't seem to connect to so many relays. Not even 20.
Should I make an effort to connect to as many relays as I can find on Nostr watch or is there a happy medium?
Is there a downside to the mutiny option to connect to every single relay or just gravy?
Sorry for the endless questions. Gathering info so I can do right by Nostr when I'm here.
I just connect to 6-7, your notes can reach a lot of relays without you explicitly writing to them, the only downside to the blastr option is that your notes becomes impossible to delete even by yourself once you've pushed it to so many relays.
Thanks for that.
OK, looks like you are the relay guy in residence haha, whats the answer to this question?
A relay is a server, presumably it is not impregnable. So if the relay were compromised, the hacker can censor, edit, generally mess with the content. I assume that because if a relay owner can delete content, they can surely edit too? Can the relay owner switch off and somehow revert back to the original, or are they just toast?
Follow on from that. I understand relays dont "talk" to each other just to the users sending content their way. So presumably there is no concensus mechanism in Nostr whereby the changed content can be rejected by the network.
How do we know if a relay has been compromised and we aren't seeing censored content. Is it the community watching for changes somehow? Or are we reliant on the relay owner knowing, alerting, doing the right thing?
Dont worry, I will go away soon :)
I hope in the end #relays will be audited, the paid ones at the very least, in the same way #e2ee clients are for #chat etc
The point is having the ability of choice I believe. In any social circle there will always be some nefarious actor. Having the option to 'I don't want to see or be part of that' by chosing the relay you interact with is the value proposition. Similarly to how we interact with others irl. It's true tribal and natural instinct at work.
Long live Nostr!!