Oddbean new post about login | logout Just tried @keychat, a secure chat client built on nostr that uses the Signal double ratchet encryption algorithm. It's incredibly smooth. Someone sent me ecash in the chat and I received it in what felt like 20ms, just like that. Each message you send pays 1 sat to the nostr relay operator to protect it against spam. THIS IS HOW IT SHOULD HAVE BEEN !!! Add me: H4sIAAAAAAAAAxWROXZAMQgD75L6FyxmOw7GUOX+dUjLAyGNfip/f/vn+yimXXwSqKS0VGnYWXJuF6sOggTE40vyKu6QOKsRVt7ktg+Ejfpa4KFEPi54kL1lLk5wTQlFwHhf32t0E0dPwpvwsEP9G6QUANKmJL/Y3RFqmTU8uQLQD+qMGBakrhDcqWyuJ72Xn4OTqDOum3ORGCF4Ov2JHVRc0ZSWwOTS1LFTmwflXcuNmy3eujeo8r4qpgk9/9tNgf6mpvEpPtdjcMmXEtg9oP36Aq8gELydvjB+V0LpEJiupX0+57odYOSdR4kxZSXRQr/8sG6qzWmfQzXQHwqi77r+x9H1dhfJMoUQc12UEqPbURioFrScfsv74UDW43HLtWHOtJY/NPq3cuAs4K8F3sJOP2gt+U6BIdlJ1awbXaa05M8pFCq8Z1vwJeaVihJHOZ+HxHVnlsNvn7N2yLOXDy/ENWsLe5PbSjbMMICf3FRZ8AeaT46IeAIAAA== https://m.primal.net/JexH.jpg
FYI, the Keychat QR code has a validity period of 24 hours, which is a privacy protection feature we designed.
Very cool. Do you know how identities are protected if it uses Nostr keys as an identity? Are the Nostr keys randomized? Is there a way to write to an npub? I notice that your identity does not look like npub.
I didn't log in with my nostr keys (it didn't ask me), it just generated new ones. Not sure if it supports that.
It's actually good it does not use the key used for posting, but it would be cool if we could publish a signed note that ties the normal npub to the keychat identity for discovery. If I added someone to Nostr, having an option to write to them without exchanging some contact information would be good. They can write me Nostr DM anyway. But then this could also work for SimpleX and others, essentially rebuilding the identity part of keybase, which was quite a good idea. No need of web of trust if you already got a social reputation - a website, GitHub account, PGP key, Twitter account, ... Nostr could be the thing that ties it up and does not rely on Keybase corporation which was acquired by Zoom and more or less stopped working on the project.
When you want a friend to add you on Keychat, you have two options: tell them your QR code or your Npub. We recommend using the QR code because once someone knows your QR code, they can send you messages encrypted with Signal directly, and the QR code is only valid for 24 hours. If you use your Npub, after someone knows your Npub, the first message can only be encrypted with NIP4 or NIP17. Only after they reply can messages be encrypted with Signal.
Cool, thank you, that makes sense. Three more questions if you want to answer - can I use my own relay? - how would you compare keychat to SimpleX and Signal? When would you use which? - groups support? I'm going to set it up, play with it and update: https://juraj.bednar.io/en/blog-en/2022/05/03/encrypted-messengers-comparison/
1、yes, of course. see below note. nostr:note15sza0s4yrxzx35cn3cs5xarxd48h7tgc5eyy4x0ml98jqfrk92gswyvhc8 2、 see below note nostr:note186wfn3zdrds9g3k2rgqxtzxxr3azfzr3vz6aa68c52kns7wqpduspmk2hh 3、yes, two kinds of group. nostr:note1927pnd00l22umju9xldyjc3xsrhn28tk0rxczn50pygwaft5h8kqcex9y9
Now just need child nsecs so I don't have to always use main nsec..
I didn't enter an nsec to use it
nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qgwwaehxw309ahx7uewd3hkctcscpyug would it be possible to add it somehow into Amethyst instead of DM?
Is there a Keychat vs. 0xChat comparison somewhere?
I have both. The most important difference is that 0xChat only uses NIP-04 encryption and doesn't have the stamp system Keychat has.
The biggest difference is that Keychat's one-on-one chats have forward secrecy, meaning that if your key file is compromised, hackers cannot decrypt your past or future messages. In contrast, 0xchat's default message encryption (Gift-Wrapped DM) does not have forward secrecy. “0xchat Secure DM Currently, we support three types of direct messages (DMs), Please review the provided links for a deeper understanding of each DM type: NIP-04 DM NIP-04 DM is the most widely used DM type in nostr, but it is not our recommended option currently because NIP-04 is not private in terms of DMs. Even though the content is encrypted, it leaks a lot of metadata. We do not use this DM type by default but are compatible with NIP-04 DM from other nostr clients. Gift-Wrapped DM Gift-Wrapped DM is our default and recommended DM type. By using Gift-Wrapped for event messages, it minimizes metadata leakage. Not only is the message content encrypted, but the sender and the timestamp are also concealed. Moreover, the encryption algorithm employed is the latest audited NIP-44 algorithm. Secret DM Secret Chat is our third DM type, an extension of the Gift-Wrapped DM. Since Gift-Wrapped DM does not support forward secrecy, if a user's private key is compromised, all DM messages could be recovered. Therefore, we added a NIP-101 key exchange protocol to ensure each message session uses a different receiver key, securing forward secrecy. Additionally, we have incorporated the option to select a fixed relay for these sessions, allowing messages to be transmitted through a single trusted relay for both parties.” https://github.com/0xchat-app
1 sat for every message is expensive enough to suppress legitimate users who are just financially poor. Needs to be about an order of magnitude cheaper imo. A spam filter cheap enough to let all legitimate users through might also let the most dedicated spammers get some stuff through too, but that's the right balance
Statistics show that, on average, a person sends 50 messages per day, requiring 50 sats. Currently, one cent can buy 16 sats, so it costs 3 cents per day, and 90 cents per month. Another point is that each message in Keychat is independent, so it is not possible to block someone.
For accessibility reasons you should plan on making an setting for "stamped messages only" though.
Users just need to disable the free relay on the settings page, and they will not receive messages without stamps.
But do they still need stamps to send?
The scenario you envision is that a user does not receive messages without stamps, but the messages they send also do not have stamps? Keychat can control relays more precisely. For example, users can separately set the sending relay and the receiving relay. They can set the receiving relay to a paid relay and the sending relay to a free relay. Of course, this also requires the consent of your chat partner.
Yes that's what I meant. That was good planning on your half 👍
I'd sell that as the main feature then Not the privacy stuff, but trying to promote a high quality, open discussion environment A solution to the dilemma certain people have with "I want people to have free speech, but it's hard to deal with every thought everyone has, so I want a platform that limits discussion based on quality"
The biggest barrier to using an app like this will be new users getting hold of sats/ecash. Its a giant PITA and requires some good technical knowledge OR giving away a lot of personal data to an exchange/bank etc (which is annoying and time consuming as it is undesirable for privacy). Keychat will never gain any users beyond bitcoin enthusiasts. Even nostr struggles and thats literally free and easy!
Having troubles with my lightning wallet. Who pays my upfront nostr:nprofile1qqsth7fr42fyvpjl3rzqclvm7cwves8l8l8lqedgevhlfnamvgyg78spz3mhxue69uhhyetvv9ujuerpd46hxtnfduq3qamnwvaz7tmwdaehgu3wwa5kuegpz4mhxue69uhk2er9dchxummnw3ezumrpdejqj9swg4 bill? lnbc210n1pn2gz0cpp5sqnmuyn46n2pzn7h8pce43h68uve0axke7ys0fker077sjllj28sdqqcqzpuxqyz5vqsp56sfek7kyqsf7myykpz4m0qav9vpkecxp7rr58l03kt2hykcp77ws9qxpqysgqzpz7dr7emdxq6j8vhswphcw53uc9d57qst73ymnlkreetzp587exkvmmzpwgdtnwqzkpupfdtrdg3guyp7zsyglz8lhcsuwt84p7jnqpkrmr94
