diff --git a/src/pipeline.ts b/src/pipeline.ts
index 8ca7ae5f..aaa6ca07 100644
--- a/src/pipeline.ts
+++ b/src/pipeline.ts
@@ -40,9 +40,14 @@ async function handleEvent(event: DittoEvent, signal: AbortSignal): Promise<void
   if (!(await verifyEventWorker(event))) return;
   if (encounterEvent(event)) return;
   if (await existsInDB(event)) return;
+
   debug(`NostrEvent<${event.kind}> ${event.id}`);
   pipelineEventsCounter.inc({ kind: event.kind });
 
+  if (isProtectedEvent(event)) {
+    throw new RelayError('invalid', 'protected event');
+  }
+
   if (event.kind !== 24133) {
     await policyFilter(event);
   }
@@ -103,6 +108,11 @@ async function existsInDB(event: DittoEvent): Promise<boolean> {
   return events.length > 0;
 }
 
+/** Check whether the event has a NIP-70 `-` tag. */
+function isProtectedEvent(event: NostrEvent): boolean {
+  return event.tags.some(([name]) => name === '-');
+}
+
 /** Hydrate the event with the user, if applicable. */
 async function hydrateEvent(event: DittoEvent, signal: AbortSignal): Promise<void> {
   await hydrateEvents({ events: [event], store: await Storages.db(), signal });