Support for anonymizing networks

Question

Support for anonymizing networks

Vort opened this issue 4 months ago · comments

Censorship is able to target not only information, but also authors of such information.
If I understand correctly, nostr relays have access to IP addresses of users and can transfer this information to censors by their request.

Theoretically, this problem can be hackfixed by using nostr from Tor Browser.
But in practice, many relays are inaccessible from Tor exit nodes, which leads to poor user experience.

Better option is to have direct support for anonymizing networks.
These 3 options may be compatible with web technologies used in nostr:

Tor: https://www.torproject.org;
I2P: https://geti2p.net and https://github.com/PurpleI2P/i2pd;
Yggdrasil: https://github.com/yggdrasil-network/yggdrasil-go.

It should be possible to have different addresses for the same relay: for example, .net, .onion, .i2p and for client to select appropriate addresses based on user preferences.

Probably my idea is wrong, something like that is already implemented or I'm posting to the wrong place. Sorry if that's the case.

fiatjaf_ · Answer 1 · Thu Feb 22 2024 20:46:04 GMT+0800 (China Standard Time)

It's too hard to get users for these networks, but if they exist and their computers have support for them, then I assume they will be able to use websockets and thus all Nostr capabilities through them, right?

There is no need to change the protocol, just for people to run relays in these networks.

I think https://relayable.org/ has a Tor address.

Vort · Answer 2 · Thu Feb 22 2024 20:54:37 GMT+0800 (China Standard Time)

but if they exist and their computers have support for them, then I assume they will be able to use websockets and thus all Nostr capabilities through them, right?

I heard that browsers have limitations for websocket use without https. but I'm not sure about it.
For example, Yggdrasil mainly use IPv6 addresses.
Will it be possible to use websockets with just plain IP?

There is no need to change the protocol, just for people to run relays in these networks.

Is it possible for relays to have several addresses right now?
Not several separate relays, but single one.

Also there is no sense to direct users to wrong addresses.
If user have no Tor installed, clients should not suggest to use .onion addresses.
Same for other anonymizing networks.

fiatjaf_ · Answer 3 · Thu Feb 22 2024 21:12:19 GMT+0800 (China Standard Time)

Will it be possible to use websockets with just plain IP?

Yes.

Is it possible for relays to have several addresses right now?

Yes.

Spencer Flagg · Answer 4 · Sat Feb 24 2024 23:02:21 GMT+0800 (China Standard Time)

For what it's worth, StartOS is a self-hosting project I follow that has, as services, the nostr relay and nostrudel both of which it serves up over TOR. It's not a protocol-level fix, but I think it checks some boxes. 🤷‍♂️

Vort · Answer 5 · Mon Apr 22 2024 01:03:53 GMT+0800 (China Standard Time)

Is this issue to implement, create a specific nip for this?

I initially thought that such support require protocol changes.
But after discussion, I understood that, most likely, anonymizing networks should already be supported.
However it is better for people to recheck if support is really ok.
And if it is, then this issue can be closed.