This goes back to users having to control their relays. I shouldn’t be surprised by a relay I paid for requiring auth.
Also - how is there surveillance risk with AUTH beyond all of your posts being completely discoverable? Relays already know every IP of every client and patterns of REQs for ‘me’ vs everything else are easily discernible.
If you wanted better privacy then you’d want to only talk to a couple relays you trusted and you’d want them to only accept auth’d clients.
every signature is doing you damage.
repeating an EC signature on the identical hash can quickly lead to dramatically lowering the cost of reversing the asymmetry of the secret to public key transform.
i dunno exactly what the signing protocol uses, but if the nonce used in it is weak, then the signature can be exploited later on to attack the account.
sadly this doesn't seem to have penetrated the thick skulls of devs who work with elliptic curve signatures sufficiently but signing on the same hash twice dramatically increases the chances of the secret being revealed.
just repeating:
never sign on the same hash twice.
this is also why bitcoin has HD keychains.
this is why nostr protocol needs to have a key succession algorithm, just as key changes are the norm with TLS/SSL connections.
I’m not saying relays can’t track you today, they absolutely can. It’s just about how easy you make it. You could make it more difficult by rotating your IP and only sending events through a proxy, etc etc.
AUTHing every user on connect (for no practical read-access reason) just makes it much, much easier.
