Mazin @mazin - 1y
Given the increased surveillance risk of automatically AUTHing to any relay that asks, this should be a relay specific toggle, something you can turn on/off for each relay. The nostr.land relays are serving optional auths on connect only so they can track REQs by pubkey. People should be careful and only AUTH when there is a reason…
I’m not saying relays can’t track you today, they absolutely can. It’s just about how easy you make it. You could make it more difficult by rotating your IP and only sending events through a proxy, etc etc. AUTHing every user on connect (for no practical read-access reason) just makes it much, much easier.
I’m not sure exactly what signatures you’re concerned about but NIP-42 AUTH comes with a challenge string so each signing request is unique (if that is relevant to your issue).
