Oddbean new post about login | logout DM's on Nostr are officially fixed. (the changes still need to be implemented in most clients but it's happening) Thank you to all the legends that worked so hard to make this happen! 🙏 nostr:note18qctpn07cx2lteahud3rm5dw0fjw69jpk6pfz7qtdg7lkwld0r4qdd2h6m
Wow, that's a premature Christmas gift for all nostriches! nostr:nevent1qqs25r5vclcdr5w0sly2puvp7cnag7ua5rmn6rrend438csm3uf2uuspzpmhxue69uhkummnw3ezumt0d5hsygqh88vn0hyvp3ehp238tpvn3sgeufwyrakygxjaxnrd8pgruvfkaupsgqqqqqqs65r55u
The issue with DMs on #Nostr is the absence of adequate privacy measures. While the payload may indeed be encrypted end-to-end using robust algorithms, the real-time visibility of message exchanges with other users poses a privacy concern, as anyone worldwide can access this information. Preferably, solutions that prioritize privacy, such as #Signal, are favored.
What problems were fixed? The limitations on the README were helpful but I wish it also included what issues were successfully addressed that prior DM implementation didn’t have These are the current limitations from the Readme: “On its own, messages sent using this scheme has a number of important shortcomings: No deniability: it is possible to prove an event was signed by a particular key No forward secrecy: when a key is compromised, it is possible to decrypt all previous conversations No post-compromise security: when a key is compromised, it is possible to decrypt all future conversations No post-quantum security: a powerful quantum computer would be able to decrypt the messages IP address leak: user IP may be seen by relays and all intermediaries between user and relay Date leak: created_at is public, since it is a part of NIP 01 event Limited message size leak: padding only partially obscures true message length No attachments: they are not supported”
Fixed how?
except not much has improved except defence against theoretical attacks which have never happened. We now have more breakage between clients though. yay?
Fixing a large part of the leaking metadata is definitely a win, no?
How does nip44 prevent leaking metadata ?
positioning nip-44 as better than signal seems quite disingenuous based on my read, but im no cryptographer.
Lol yeah, signal this ain't. The new encrypted messaging stuff is what I would describe as "barely adequate" vs "not adequate" which was the case with nip 04.
What do you think about the approach 0xChat is taking with nip44 + gift wrapping + nip101 (alias keys). Seems like it takes privacy to a much higher degree.
I think it's good, but doesn't fix relay surveillance entirely (if you're AUTH'd and request stuff from an alias key then the relay can correlate the two keys). It also means other DM clients won't interoperate with 0xchat if they don't support alias keys.