Subnostr

people have been talking about how relays can record IP addresses of users, and for reasons of hating whoever it is that reposts the first ever nostr note event "running branle" i refactored my reverse proxy to add the X-Forwarded-For field with the remote address and changed the websocket implementation to store that field if it is present and for the websocket logging to print the IP address

it only took me about half an hour's work to change the code on the reverse proxy and my relay to do this, so yeah... relays can definitely be snarfing all your home and mobile IP addresses and that means that #nostr client devs should be a bit more thoughtful about automatically using relays on behalf of their users!

#privacy #devstr

ndr 1y ago

Anyway do you mean that relay track ips along http logs and they aren't inside any nostr protocol tag right?

i think that hiding ip is always better, however nostr design was censorship proof not privacy isn't? Nowdays i saw that nostr work well under tor, however some time ago it caused some issues i remember..

Reply to this note

Please Login to reply.

Discussion

No replies yet.