Oddbean new post about | logout
 Hmm… don’t mind if I do 
 I do not believe Nostream supports cancelling queries so you could rapidly open/close subs. The event tags index is not implemented properly leading to all events with a certain tag being loaded for a JOIN. If this exceeds about 32-64MB for a single query it will start spilling over to disk and amplify the attack by wasting your resources on context switches, leading to disk IO being wasted and more CPU cycles to load/save from/to disk.

Bonus points for using IPv6 to get around ratelimits.