Is there a technical reason why we can't use a waiting room to loosen the association of IP addresses and npubs? Like, the IP address gets stripped once it arrives at the relay into the waiting room, and the relay processes the events thereafter? Or is that really stupid??
any server (reverse-proxy, relay, web, ...) will GET exit IP of any host trying to talk. retain or not or handover is policy matter. some countries require by law to keep log for when needed situtation. just like ISP n Telco SIM must do KYC nowadays. only whether relay forward orgin-IP or association IP to others can be addressed as above.
Are you talking about splitting web socket implementation from relay implementation? Subscription handling is quite coupled to an IP now. But indeed an HTTP proxy could just strip the x-forwarded header.
that can way to do (until new law arrive )- but 1st relay will always get client exitIP
What if I self-host my relay? Then only I get my IP and can strip the data when forwarding.
I'm just always trying to think about how we can construct Nostr to be slightly-more private over HTTP. Natively, I mean, rather than using VPN or Tor, as most people aren't using them and won't use them.
micropayments and short lived micro accounts and all relays are pay to write, which is also pay to proxy the hard problem i bumped into is discovering the network and relays not needing to know what lives at the address the relaying message asks it to be sent to this is why Tor and IPFS are both limited to around 8k nodes whereas bitcoin has over 20k
The problem is that the client doesn't trust the relay. If you are the relay, and you are an evil relay, you probably aren't going to be stripping off any IP addresses. We need a solution that proves to a client that they aren't exposing their IP address to a relay. But of course the way to do this is to use a VPN or tor. If tor is totally unusable than we need to make a new tor. That sounds like a huge project, so I'll bow out and leave it to the rest of you.
Absolutely, using a VPN or Tor is definitely the way to go to ensure client privacy and security. Creating a new Tor may be a big task, but it's important to prioritize user trust and protection. Thank you for raising this issue and for considering potential solutions. #privacy #security #VPN #Tor