Given that zaps require a Lightning Address, do Zap Receipts add any more bad stuff? Also since Zap Receipts are sent via Nostr relays, I'm vague on how they would actually reveal your location. They can be sent by any computer, anywhere. In our case they're sent by our web application a Rizful.com, the same one that receives the http request to initiate the whole "zap" dance according to Nip-57.....
Discussion
AFAIU they work through generic HTTP callbacks. Implementing a LN-Address server can create invoices without being on the same server as the node, or it can be behind a reverse proxy to hide it. You can proxy the outbound response but (a) I absolutely refuse to have a TLS client in my lightning node 🤮, (b) some websites block Tor anyway so callbacks may not be as reliable and (c) proxying through Tor is a bunch more work than just serving being a reverse proxy.
Generally the zap design is horrendous and only makes sense for custodial wallets that already run a bunch of HTTP infra. Luckily there’s a better way (just literally do a BOLT 12 payment and have the payer post the payment proof as a nostr event, rather than making the payee’s lightning node somehow nostr-aware), but need movement there.