As I understand it the “peer ID” you dial acts like the public key, of the public/private key pair. So the public key doesn’t come from the relay. You need to do the initial public key/ID exchange out of band, and then dial the connection to each other via the relay.
So the relay is never in a position to send you the wrong public key, because it doesn’t give it to you in the first place.
No. The data in each direction is encrypted by TLS, using ephemeral keys.
Only the owner of the corresponding private key can initiate a connection from their public key, or receive a connection attempt to their public key.
Let's say you have alice and bob talking via a relay. Even if you have the private key of alice, you can impersonate alice to bob, but not vice versa. So you can't initiate a connection between the two.
To really intercept data you would need the private keys of both participants.
Iroh uses QUIC connections and uses the EndpointId, the public ed25519 key, in the TLS handshake for authentication. This makes it impossible for a server to try and machine-in-the-middle the connection.
You need to know the public key you communicate with ahead of connecting to the correct relay. It needs to be shared securely out-of-band, relays don't help with that.
