Hum.. It's too easy for governments to intercept any relay and make their server reply as if it was your relay. Maybe relays need to encrypt their comms with an application key as well.
Discussion
You don’t need to trust the relays. Your client checks signatures and proof of work.
I know. It's not about trusting relays. Its about making sure you are talking to the right relay. If you set up your private party relay, you must take additional protections to make sure you are talking to your machine.
Governments can modify DNS entries as well as the pure IP graph, making a different computer reply in your relays behalf, adding a censorship filter, for instance.
I see. Yeah DNS is not reliable. But, tor should work.
Doesn’t https / .onion take care of that?
Http and https definitely not. I am not sure about onion. For https, the only way to avoid gov takeover is to check if the certificate is using the exact keys of the original party. Beyond the usual https checks.
Yes you’re right. Tor fixes this. Look into it, I’m pretty sure we already have a few tor relays too. But it’s easy to set up a private one.
I am not confident Tor doesn't allow a Stateless relay to be placed between you and your own Tor relay. For me, the safe way is to hardcode the relay's pubkey in the app to make sure only that key can decode incoming payloads and the relay only take encrypted msg from that key
You don’t know how tor works
Probably. But I also can't find proof that somebody can't put a server in between my phone and my server. https://security.stackexchange.com/questions/215155/how-does-tor-protect-against-mitm-attacks-between-the-client-and-relay-nodes
This is issue is not unique to Nostr.
I understand it is privacy you are looking for but true privacy is hell of an inconvenience for most people to even bother.
If you care so much about it start building.
For sure. I work with medical data. So I am very used to these needs. But I am do wonder if encrypting relays wouldnt be a good thing for everyone.
I guess we could draw inspiration from SSH on that one, storing the server's pubkey the first time we connect there and then make the server answer a challenge every time we connect. But anyone can connect to a relay (without trying to pose as it) and listen to public events
Yep. I need to make sure if somebody in China connects with a US relay, that the US relay is the one being connected to.
Is this in order to make sure a proxy relay wouldn't shadow ban the user or filter what they receive ?
To make sure you don't get censored by your own relay (through government relay without you knowing about it). If gov is in the middle, you can sign as much as you want. The message is not going out.
Yeah, I'm unsure how that could be implemented, unless you're (like SSH haha) encrypting the client<->relay comms (which might also be on top of HTTPS, as most relays run websockets over https) using the server's "known" pubkey
Is there a protocol to make sure the key used for the wss is the expected one? Or is it like https where the client just takes any valid certificate that comes in?
And yes. I have been trying to build health care apps using the nostr protocol for the last 10 days. :)