as i am constantly pointing out, and nobody listens to me free relays are harvesting your access data anyway. the user's own npub is the most frequently occurring npub in all of their requests, tied to an ip address you can't solve spam and impersonation/scammer problems by burying your head in the sand. nostr needs better auth, for a start, nip-42 should be merged with nip-98 and on option clients should be able to open sockets with a nip-98 token and skip the whole rest of the flow normal socket based systems require auth before they start answering any queries at all. if you intend to write data to the database, you need permission from the relay operator, and the simplest way to do this is that your npub is registered as a whitelisted user and when you connect, you just auth because ultimately anyway you are doxxing yourself it's pure superstitious nonsense to say that sending out signals that contain identifying codes related to you are not, all nostr use is doxxing yourself the real solution from the user side is being able to control who you connect to, but client devs also struggle with this while spamming the channel with inordinate amounts of data and responses that identify you, to do this "decentralized" thing when paying one or three trustworthy relay operators is so much simpler, so long as you auth to them, they can control spam and further, there needs to be a way for a relay to act as an auth proxy for you so you can just use one relay at a time, and the relay handles fanning out and caching results from your requests. this last point is still an unsolved protocol issue as well. and a big part of it goes back to the complexity of not authing a socket at the beginning.