cloud fodder on Nostr: Do you have the same concerns with nip42 auth? And if so, how can a relay protect ...
Do you have the same concerns with nip42 auth? And if so, how can a relay protect these sensitive events if it doesn't know who your publishing key is? You could auth with a separate auth key but then the relay cannot help protect nip17 by filtering on tags. Maybe the even newer ratchet DM scheme may not require the extra protection? But if it does then it's a rabbithole all the way to exposing your publishing key relationship with the auth key and trusting whoever you're authing with not to be nefarious with a signed message or event..
For non DM stuff, the relay doesn't need to know what your publishing keys are, it can just accept valid events from any key once the connection has been authenticated.
Published at
2024-05-08 20:27:27Event JSON
{
"id": "ccea770b70e2f4a0b950a8aeaaa7e74cea00c1d5c7372e34a0e152f3e8e6e8b8",
"pubkey": "7cc328a08ddb2afdf9f9be77beff4c83489ff979721827d628a542f32a247c0e",
"created_at": 1715192847,
"kind": 1,
"tags": [
[
"e",
"4b0f49ef8375d3b4654a1dc2208cd18a624da59aba9f3b8e2b55cdc860903f24",
"",
"root"
],
[
"p",
"97c70a44366a6535c145b333f973ea86dfdc2d7a99da618c40c64705ad98e322"
]
],
"content": "Do you have the same concerns with nip42 auth? And if so, how can a relay protect these sensitive events if it doesn't know who your publishing key is? You could auth with a separate auth key but then the relay cannot help protect nip17 by filtering on tags. Maybe the even newer ratchet DM scheme may not require the extra protection? But if it does then it's a rabbithole all the way to exposing your publishing key relationship with the auth key and trusting whoever you're authing with not to be nefarious with a signed message or event..\n\nFor non DM stuff, the relay doesn't need to know what your publishing keys are, it can just accept valid events from any key once the connection has been authenticated.\n\n",
"sig": "f4ed873810e52bc2c5331c1ba2144cb1847ecd23473d7a1cc284600b31b52d3425599551bd46ce08e3e04debdd249809ef979fbbc2717290e745263f7c6ca9ea"
}
