As opposed to private where only the sender & receiver know. Got it.
Does the nostr client, or custodial wallet, or anyone else know who sent/received a private zap?
Discussion
Damus does not log anything to my knowledge. Not sure about other clients or wallets.
Custodial wallet doesnβt know anything except relays that the note is sent to and ip of the user connecting to their server. The nostr identity and comment is e2e encrypted
So Nostr over VPN = full privacy, more or less?
yes, but clever people might try to fingerprint users based on the configured relays in the zap request note. But there is plausible deniability since anyone could be pretending to be someone elseβs fingerprint.
Fascinating. Wouldnβt anyone who had the same dozen relays as me essentially share a fingerprint?
Or does it factor in things like phone model, screen size, IP, and additional invasive fun?
Relays are included from your config in the zap invoice so that the zapper knows where to send the zap to. Damus will add anti-fingerprinting techniques in the future such as randomly dropping relays, etc
Its the only thing that could be used to de-anonymize an anonymous or private zap, but its more of a theoretical concern. People looking at zaps can only guess that its you based on the relays, thereβs no way to know for sure.
All very cool - appreciate the explanation. Always learning here π€