wowowowowowowwoowowowowo 

 Does this fix the forward secrecy problem with nostr DMs?!?! 

 doesn’t signal have forward secrecy and nip-44 does not? 

 The goal is to add more features later. FS does not protect against quantum computers, which will decrypt all previous signal conversations. FS does not protect against metadata leakage, which is present in both nostr and signal. 

 awesome, excited to see what else is in store. 

but presumably if quantum is a risk for FS in your dms, it’s also a risk for your bank web traffic and the bitcoin network, right? quantum decryption is an existential risk to most/all widely deployed encryption schemes isn’t it? 

 Correct! Threat of "Harvest now, decrypt later" is real. 

 At this point then, the bigger concern should be WHERE the data lives. 

Need to limit where you’re posting DMs to and who can harvest them 

 What metadata is leaked by Signal, please? 

 It's possible to deduce who messages whom (timing / correlation attack). All user contacts are uploaded to Signal servers (they say it's stored in SGX - which may be broken). Groups also store some data on Signal servers. And - most important - Signal relies on phone numbers. 

 How do you "may be bedlam broken" SGX, @paulmillr? This is an extremely crucial claim for us, Signal users. Please help us understand. 

 Please check out this writing https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/ 

 Thank you very much. Gonna check it. 🫂 

 Read it thoroughly. Interesting and technically detailed. But ultimately it's a "may be" hypothesis. It's good to be cautious, even paranoid, but I didn't agree with the wholesale implication of the Signal app. Thank you very much for the link. 🫂 

 404? 

 https://github.com/paulmillr/nip44 => all good. If your nostr client doesn't see a valid URL in the post, create a bug report. 

 Yeah it looks like damus thinks the comma is part of the url 

 must be the extra comma 

 progress

nostr:nevent1qqsrsv9sehlvr904u7m7xc3a6xh85e8dzeqmdq530q9k500m80kh36spp4mhxue69uhkummn9ekx7mqzyp7tz0x7qecwty8s9jlfag8u78s9ak79ej9yp9e3lf2rv3qps8836qcyqqqqqqg6fy6ec 

 The url is throwing 404 

 https://github.com/paulmillr/nip44 

 Nice work pmillr 

 about time. awesome work. 

 🙌 

 Finally, thanks!

nostr:nevent1qqsrsv9sehlvr904u7m7xc3a6xh85e8dzeqmdq530q9k500m80kh36sprpmhxue69uhhyetvv9ujuumwdae8gtnnda3kjctvqgs8evfumcr8pevs7qkta84qlnc7qhkmchxg5syhx8a9gdjyqxqu78grqsqqqqqp7ryyqg 

 Does this reduce or eliminate the problem that others can see who is talking even if they can’t see the contents with original DMs?  

 No, they’re still leaking metadata. This nip44 is only addressing the technique to generate a chat key instead of using the same key forever. 

 Got it, thank you! 

 I'm also curious to know this. 

 The problem you're mentioning (metadata leakage) can't be solved by cryptography alone.

It's solved separately by specifying which relays can be responsible for your DMs. You will set up a preferred DM relay and only this relay would be used for all chats. 

 Interesting, thanks. Appreciate all the work you’re doing! 

 Also there's a separate "gift wrap" NIP which seems to solve the problem. 

 DM's on Nostr are officially fixed. (the changes still need to be implemented in most clients but it's happening)

Thank you to all the legends that worked so hard to make this happen! 🙏

nostr:note18qctpn07cx2lteahud3rm5dw0fjw69jpk6pfz7qtdg7lkwld0r4qdd2h6m  

 Fixed how? 

 except not much has improved except defence against theoretical attacks which have never happened. We now have more breakage between clients though. yay? 

 Fixing a large part of the leaking metadata is definitely a win, no? 

 How does nip44 prevent leaking metadata ? 

 positioning nip-44 as better than signal seems quite disingenuous based on my read, but im no cryptographer. 

 Lol yeah, signal this ain't. The new encrypted messaging stuff is what I would describe as "barely adequate" vs "not adequate" which was the case with nip 04. 

 What do you think about the approach 0xChat is taking with nip44 + gift wrapping + nip101 (alias keys). Seems like it takes privacy to a much higher degree. 

 I think it's good, but doesn't fix relay surveillance entirely (if you're AUTH'd and request stuff from an alias key then the relay can correlate the two keys). It also means other DM clients won't interoperate with 0xchat if they don't support alias keys. 

 Ok. I double checked and you’re right. I’ve been confusing 2 nips as 1. 🫠 

 The real question does that mean Signal is irrelevant now? 

 It's not as good as Signal for now - but it's open and permissionless. 

 404 - page not found - on link 1. Link 2 is fine
 

 is there an official list of clients that have implemented this change? Looks awesome btw! 

 author of this note cannot be zapped - shame 

 Nobody cares about fiat world because they're too busy building the New World.

nostr:note18qctpn07cx2lteahud3rm5dw0fjw69jpk6pfz7qtdg7lkwld0r4qdd2h6m  

 Great Work🫡 

 Amazing work well done. Everyday I see updates of people kicking goals 

So in now we don’t need signal / wa / telegram etc?

Will Nostr eat email as well? 

 I think we can eat some share of other messengers, yes. It's not as good as Signal for now - but it's open and permissionless. 

 Yes. So in a sense the market share increase is inevitable 

But as with all good investments the key ingredients are

1) human attention 

2) time 

So exciting to watch play out 

 Nice. The Matthew Green who teaches cryptography at Johns Hopkins? 

 He consulted on some ideas, yes. 

 Thank you so much. 

 THIS 

IS

AWSOME  

 This is a clusterfuck.

Just use SimpleX. SimpleX can be integrated with nostr for some good UX without much effort:

- Users create a public SimpleX address, this contains an X25519 DH key.

- The DH key (just the DH key, no server information) gets published on the user's nostr profile, there will be a field for that. The profile is digitally signed by the user's nostr public key so no mistaken identities here.

- All nostr relays act as SimpleX servers.

- When sending a message to the user, the nostr client will probe all known relays to see whether there is a SimpleX queue that accepts the DH key (discovery process).

- nostr client hands DH key and server information to the SimpleX app. 

 It was discussed. SimpleX is extremely complicated. It's barely maintained. For example, for JS there is https://github.com/simplex-chat/simplexmq-js - but as per SimpleX founder words, it's abandoned and represents less than 5% of required code.

For comparison, full NIP-44 js implementation fits in just ~100 lines.

SimpleX is not a solution for nostr. Integrating simplex server functionality into relays is also extremely complicated. If you think you can do this - submit a proposal, and write some code, but it doesn't seem to be worth it. 

 Don't implement yourself, use the actual SimpleX client and server. "Each relay becomes a SimpleX server" means the relay and server are on the same host, different ports. The server may need some modification to allow for the discovery process I'm proposing.

SimpleX seems to be well maintained according to the commit log, just the .js isn't.

"We're sacrificing almost all the values we stand for because it's all we could do in 100 lines" isn't a great message. 

 > We're sacrificing almost all the values we stand for

I'm not sure what are you talking about. SimpleX is not a silver bullet. It's trivially decrypt-able by quantum computers. It's also not popular, which means, if/when it becomes popular, only then we'll see how it holds up.

Again - if you think simplex would work - go ahead and implement it. If you can convince the community your solution is better, everyone will switch to it.

nostr is open for everyone. We're just a bunch of folks who've spent some time on the issue we thought was important. No one paid us for it. 

 Lmfao bro, don't make fun of your fucking ass 

 Read and understand it worth caution. Questions and concussions are gallore in the comment section. 

In particular, unspecific comparison with Signal is misleading.

nostr:nevent1qqsrsv9sehlvr904u7m7xc3a6xh85e8dzeqmdq530q9k500m80kh36spz3mhxue69uhkummnw3ezummcw3ezuer9wcpzql938n0qvu89jrcze0575r70rcz7m0zuezjqjucl54pkgsqcrncaqvzqqqqqqyjpycqs 

 You guys are awesome. Thanks for your effort. #nostr 

 Nice work.

I have a Ejabberd xmpp server to fill my needs. 
I can call users and share whatever i want to share.
Fully omemo encrypted.
 

 Signal and bitcoin fanboys don't like it😄 

 :)