There is NIP-65; long story short: client announce ๐ŸŽบ ๐Ÿ“ฃ ๐Ÿ“ข"I ...

Goose_in_Gensokyo

npub1zwfqq3xmqwsecmd7lm6w34fv04h6w4nrcee3rtehxhdskgq4gkks88n6zj

hex

99c9eece970fde8e9de5972f37d394d582143ad45eba96079ef3f29569f064b2

nevent

nevent1qqsfnj0we6tslh5wnhjewteh6w2dtqs58t29aw5kq7008u54d8cxfvsprpmhxue69uhhyetvv9ujuem4d36kwatvw5hx6mm9qgsp8ysqgnds8gvudkl0aa8g65k86ma82e3uvuc34umntkctyq25ttg2fqett

Kind-1 (TextNote)

2026-05-03T17:32:05Z

There is NIP-65; long story short: client announce ๐ŸŽบ ๐Ÿ“ฃ ๐Ÿ“ข"I will be read & write to this relay(s)". So, your preferred relays not only in your settings, but publically announced. Problem is here: for example, Bob ๐Ÿ’ฉ announce "I will be read/write from MyVeryEvilRelay.com". Poor little Alice ๐Ÿฃ connects to myveryevilrelay.com, and now Bob knows her IP & can exploit network vulnerabilities (if any). Well, maybe you consider it paranoid.... ๐Ÿ˜Ÿ So, hereby I propose: Please, make possibility (in client settings) to ignore announced relays, and read/publish any events to fixed list of trusted relays only. In other words, - please, make it possible to disable NIP-65, (for example, by rejecting (filtering out) kind 10002 events) As far as I know, only iris.to have this option. #privacy #dev #grownostr #vulnerability #iris Please, make patches, zap devs (who will make patches,), - or, at least, repost...

ๅŽŸๅง‹ JSON

{
  "kind": 1,
  "id": "99c9eece970fde8e9de5972f37d394d582143ad45eba96079ef3f29569f064b2",
  "pubkey": "13920044db03a19c6dbefef4e8d52c7d6fa75663c67311af3735db0b201545ad",
  "created_at": 1777829525,
  "tags": [
    [
      "t",
      "privacy"
    ],
    [
      "t",
      "dev"
    ],
    [
      "t",
      "grownostr"
    ],
    [
      "t",
      "vulnerability"
    ],
    [
      "t",
      "iris"
    ]
  ],
  "content": "There is NIP-65; long story short: client announce ๐ŸŽบ ๐Ÿ“ฃ  ๐Ÿ“ข\"I will be read \u0026 write to this relay(s)\". So, your preferred relays not only in your settings, but publically announced.\nProblem is here: for example, Bob ๐Ÿ’ฉ announce \"I will be read/write from MyVeryEvilRelay.com\". Poor little Alice ๐Ÿฃ connects to myveryevilrelay.com, and now Bob knows her IP \u0026 can exploit network vulnerabilities (if any).\nWell, maybe you consider it paranoid.... ๐Ÿ˜Ÿ \nSo, hereby I propose: \nPlease, make possibility (in client settings) to ignore announced relays, and read/publish any events to fixed list of trusted relays only. In other words, - please, make it possible to disable NIP-65, (for example, by rejecting (filtering out) kind 10002 events)\nAs far as I know, only iris.to have this option.\n#privacy #dev #grownostr #vulnerability #iris\nPlease, make patches, zap devs (who will make patches,), - or, at least, repost...",
  "sig": "bd17016c12a662d8884a0f35c3dd68f041111bfb432274d4583a976065df49859a71126d67878f59faa69ddfc078fcd645af4c90dc688c2a40de2366785b8b08"
}