Oddbean new post about | logout
fiatjaf | 4 months ago (raw) | root | parent | reply | flag 
 You're not requesting the same things from all relays, because that obviously doesn't scale and outbox model is a thing. Also many clients will (and most should) bundle together requests for lists such that yours is mixed with others. DMs requests are (in sane situations) definitely not going to all relays, just to one or two, and they must use auth already, but just for DMs and relays that implement that and users that opt-in to NIP-17.
fiatjaf | 4 months ago (raw) | root | parent | reply | flag 
 Anyway, can you tell me how do you envision this world of AUTH? Is it really that all clients will send AUTH always to all relays? What are the big advantages we get from that?
mleku | 4 months ago (raw) | root | parent | reply | flag +1 
 monetization of service provision

that is enough reason to make it universally supported

can't run this shit on donations for ever, unless you live in some la la land socialist theory of gift economy, like #v4v mostly sounds like most of the time
fiatjaf | 4 months ago (raw) | root | parent | reply | flag +1 
 Someone wants others to read what they write, can't they pay for the servers instead of charging everybody who wants to read?

You know webpages are basically free to read and have been for decades, the publisher pays for the server.
fiatjaf | 4 months ago (raw) | root | parent | reply | flag 
 But sure, there may be use cases in which charging for reads is necessary. It's not helping to get that point across to just yell about clients that don't implement AUTH, as if implementing AUTH fixed anything by itself.
mleku | 4 months ago (raw) | root | parent | reply | flag +1 
 helps users of paid relays, which i am one

so, full auth support makes it easier for me to do that... i still don't get full use of the filter.nostr.wine because i have to prod nostrudel to do it, it can do it, but it's still not following the protocol by doing it automatically for me

and there will never be private relay clusters for business use cases without auth on the clients and none of the funders seem to see it as a priority, thus the woeful state of it

yes, auth helps a lot of things... and privacy is one of them if the relay is trustworthy
cloud fodder | 4 months ago (raw) | root | parent | reply | flag +1 
 auth will help relays avoid having to rate limit by IP address ( a terrible, horrible, and frankly useless method of fending off greedy connections).  instead you can use your npub with auth, and either stay within a regular client usage tier, or pay more to go insane with queries.

i do think most if not all relays will do this eventually, or theyll end up exactly like every website that blocks and captchas vpn connections. (even free relays)
mleku | 4 months ago (raw) | root | parent | reply | flag 
 fiatjaf hasn't even considered that clients could be configured to make a new key every auth request except for to paid relays also, defeating the privacy invasion angle completely and pointing back to the IP tracking problem
mleku | 4 months ago (raw) | root | parent | reply | flag 
 i just think he's in denial about the fact that relays are inherently trusted third parties, and reconciling that with the "free anti-censorship" features

a relay requiring auth to post is not censorship, and without auth you still get an IP address, and if that's a VPN address spam from such a vector will blanket block all use in this way

paying for use of a relay doesn't doxx you... that would require using a doxxable payment route and not using tor/vpn to access the relay

so, ip/npub as ways to decide what will be stored and relayed are both inevitable mechanisms, and being against censorship does not also mean being against paying for the goddang infrastructure lol