Oddbean new post about | logout
 So, I wonder over the long term how much information can be leaked because it's publicly available on relay-servers?

I've shared my concerns with nip46 signing with public relays and clients hoovering decryption requests to see when and where you are decrypting your secrets. Even cryptographically how much noise might be generated when the whole world has your ciphertext message and can see you encrypt/decrypt your "passwords". You can hope relays require auth, but should trust them. 

Of course there really is no way around it in your app, but for me, the less personal information stored on relays the better. I deny all client requests to even store my preferences because just store them locally unless I ask otherwise.