This is also why AUTH on random relays is problematic. Once you “authenticate” with a relay they can associate every query with your pubkey.
nostr:note1c53x38qtghlsavs9z5uym3x48tg56367lwvulmmwmaknknst7kgqngys72
Discussion
Yep!
Relays can easily reverse engineer our filters and figure out which key the filter is for. Especially because they can do this over time. It's really not hard.
this
This is the case for most clients right now but it is not intrinsic to nostr. With outbox we should be able to send smaller filters that are much more difficult to reverse engineer.
Not really. Even with outbox, it's is still quite easy to figure out who is requesting what over time.