well, thats why my auth relays send an auth challenge upon connect. but clients rudely ignore that and insist on being the first to send a message (like an event or req). so, i suppose, clients are what also created this pattern so that now you feel like you have to auth with random key "just to get a response"? ๐ค
Replies (3)
still, fine by me to use rando keys, even better would be a rando session key for longer minutes or something.. but either way.
Clients shouldn't wait for auth. Most relays only send auth after we hit something that uses auth-exclusive content.
But yes, most authed relays don't do anything without auth, so we auth with whatever and then they reply.. cat and mouse game.
Clients serve Silicon Valley's interests, perpetuating the surveillance state.
