You do have a way of knowing: if your DMs are going to a semi-trusted relay and you have to AUTH to it in order to read them (as you should under NIP-17) that relay may inform you about who has read them, when and from what IP address.
If we implement https://github.com/nostr-protocol/nips/pull/1647 that will also kill the attacker ability's to read anything in the first place unless he wants to reveal himself by registering his bogus device or publishing new encryption keys.
fiatjaf
npub180…jh6w6
2025-11-01 11:11:42 UTC
in reply to nevent1q…rudd
Author Public Key
npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6Seen on
wss://offchain.pubPublished at
2025-11-01 11:11:42 UTCEvent JSON
{
"id": "c40dbd414e3c04dcc06a2e7930720638f3c6ff7c1987ee38111cdae2bc7bbb69",
"pubkey": "3bf0c63fcb93463407af97a5e5ee64fa883d107ef9e558472c4eb9aaaefa459d",
"created_at": 1761995502,
"kind": 1,
"tags": [
[
"e",
"a256168fad77de9e64f1dc4da4ae6246b10217a766cc9333ade9e264a921f8da",
"wss://nos.lol/",
"root",
"5729ad991a7e0cb88971ced2348758105790d51160a09b22d0d8f39ca762de11"
],
[
"e",
"74df241607a88b1690bc2b8d69efa5f01a524bc656c297fa42e68d721bfe2531",
"wss://nostr-03.dorafactory.org/",
"reply",
"b90c3cb71d66343e01104d5c9adf7db05d36653b17601ff9b2eebaa81be67823"
],
[
"p",
"460c25e682fda7832b52d1f22d3d22b3176d972f60dcdc3212ed8c92ef85065c"
],
[
"p",
"3efdaebb1d8923ebd99c9e7ace3b4194ab45512e2be79c1b7d68d9243e0d2681"
],
[
"p",
"d325f9e9f1ba609b8f3b0e95e97f352637a0aa281ca401edf518daee07ed2267"
],
[
"p",
"52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd"
],
[
"p",
"5729ad991a7e0cb88971ced2348758105790d51160a09b22d0d8f39ca762de11"
],
[
"p",
"b90c3cb71d66343e01104d5c9adf7db05d36653b17601ff9b2eebaa81be67823"
]
],
"content": "You do have a way of knowing: if your DMs are going to a semi-trusted relay and you have to AUTH to it in order to read them (as you should under NIP-17) that relay may inform you about who has read them, when and from what IP address.\n\nIf we implement https://github.com/nostr-protocol/nips/pull/1647 that will also kill the attacker ability's to read anything in the first place unless he wants to reveal himself by registering his bogus device or publishing new encryption keys.",
"sig": "89aa7a8638ca668eaa675d485493374b9787b51443203b30a3957b382def7aceef563dcbff2113fd88982e03e7ce136ab662d3005892d0919e0e976311f05887"
}