Oddbean

▲ ▼

 Introductory DM's costing an amount of sats you specify would be a great feature.

nostr:nevent1qqszylwcqepn5ljzj7jap0hcy26yk7p7d7gfcp9k24v9evep5ceytacpr4mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmp0qgsqw24r9c04uvsdxee5t9yra6mrquazpzyyrl9dflu2nxfca580wncrqsqqqqqppueakz

▲ ▼

 I'd like it if they fixed the privacy of DMs first.. it's also strange that there's no way to turn them off

▲ ▼

 Privacy is fixed with nip 17. Many clients and libraries have already switched and deprecated nip 4. I wish Damus would hurry up and implement it.

▲ ▼

 nostr:nevent1qqs04jkx6rxfnzs8a3dc3gxsqpvjhe9yat74y3hdmfw53efeu22g6qcpzamhxue69uhhyetvv9ujumn0wd68ytnzv9hxgtczyrye3ftnnuz00lljqtz5jc4227ptxnktzrt0j9dalht4s2trh7ghzqcyqqqqqqgz2ugx4

▲ ▼

 Nip17 is a combination of nip 44 and nip 59 gift wraps, which takes care of the concerns in that message.

▲ ▼

 NIP-59 seems to do a good job at hiding metadata from public view but it doesn't provide

- break-in recovery.
- repudiation (deniability).
- (lack of) visibility of connection graph to observers.
- fixed message sizes (although it can be provided by the specific app)
- resistance to Shore algorithm (PQ encryption).

I can add that it definitely doesn't provide forward secrecy.

It's concerning that these developers simply don't seem qualified to properly implement secure messaging, and I believe users are being put at risk, although I do see a lot of people just putting nostr:nprofile1qqsvnx99ww0sfall7gpv2jtz4ftc9v6wevgdd7g4hh7awkpfvwlezugpz4mhxue69uhhyetvv9ujumn0wd68ytnzvuhsg5cway addresses in their profile anyway.

▲ ▼

 You are wrong on several of these if not all. I will pull it up in a bit.

▲ ▼

 By 'it' I mean mean NIP-44 encryption.