Sounds good, thanks.
Follow up question: does this mean there isn’t anything protecting logged-in viewers from having their IP exposed? Since viewers hit backend services directly and those services have access to their username, what is stopping any extension from building tables of username → IP associations? Are extensions disabled by default per channel and require viewers to opt-in?
EDIT: Seems that viewers have to explicitly grant extensions the permission to see their user ID. See here:
