Nostr Web Client

Replying to

jb55

What do you mean ?

cqwww 2y ago

I can login as you and see who is DMing you

Reply to this note

Please Login to reply.

Discussion

jb55 2y ago

Ah there is already a fix for this using the AUTH spec. Just don’t return DM kinds unless you are a participant.

cqwww 2y ago

I think you can do better.

jb55 2y ago

yes and there are many proposals that suggest that as well if we’re worried about relay metadata leakage. The auth thing is an easy first step though and is used for other things as well.