I'm at Bitcoin Amsterdam, but spent half the day finishing some Signal-style double ratchet messaging.
Deployed an experimental version on https://iris.to. You can create chat invite links and give them to friends via QR or other messaging. The UI is still lacking and glitchy, but just had to demo at the conference.
The chats cannot be publicly linked to either participant, and even if your main Nostr key is revealed, the content and existence of past messages stays hidden.
https://image.nostr.build/b4533acd973793f7114fd5c272ccd5b5045ea0bd127c214e8314fc4c8282a354.png
https://image.nostr.build/ded8c0437548cb1359d34b43b966b64f798cd2f98ae5f859771f47cc551cd5bd.png
https://image.nostr.build/4458f2de8f4d424aff137d2d7ed283dd27501e1abc0a43234405008614a5cb70.png
Also published npm package nostr-double-ratchet 0.0.1: https://www.npmjs.com/package/nostr-double-ratchet
It's not actually double ratchet yet, but the single ratchet already achieves forward and backward secrecy.
The second ratchet would help secure the latest consecutive messages by same author, in case a message key for the most recent of their messages is compromised. That makes disappearing messages or manually deleted messages more secure. I guess we'll have to do it so we can say "Signal-level security".
This is obviously not tested or audited yet, but probably it's not worse than normal Nostr DMs 😅
You can take a look at the source code, but I'll write a better technical description later. It's using existing Nostr cryptography + some key derivation stuff. Chat invites use gift wrap -like arrangement addressed to the inviter's temporary session key. https://github.com/mmalmi/nostr-double-ratchet
Why not work with nostr:nprofile1qyfhwumn8ghj7ur4wfcxcetsv9njuetn9uqsuamnwvaz7tmwdaejumr0dshsz9nhwden5te0v4jx2m3wdehhxarj9ekxzmny9uq3wamnwvaz7tmjv4kxz7fwwpexjmtpdshxuet59uq3samnwvaz7tmwdaehgu3wvekhgtnhd9azucnf0ghsqgqh88vn0hyvp3ehp238tpvn3sgeufwyrakygxjaxnrd8pgruvfkaulgaw42 on MLS via nip 104?
Agreed. As a decentralized organism, I dont feel like we have the luxury of waste.
You’re already a legend. This just confirms it. It was good meeting you in Prague. I hope this project goes well…humans need this!
looks promising
nostr:nevent1qqsvkf5uq3eeyet5y6539zqh94uld5z4zl06zwhlxwmzmtl0qpukg4cpz4mhxue69uhhxarjvee8jtnfwf5hxtn5duhsygz9ywl935u4kxced2dceq4s8zmgjh9s9d5r6rp98224q6xm58av6q86g4ym
iris で揮発性 DM が送れるようになるっぽい👀
nostr:nevent1qqsvkf5uq3eeyet5y6539zqh94uld5z4zl06zwhlxwmzmtl0qpukg4cpr9mhxue69uhhyetvv9ujuumwdae8gtnnda3kjctv9upzq3frhevd89d3kxt2nwxg9vpck6y4evptdq7scff6j4gx3kapltxsqvzqqqqqqyn4puj7
How does this compare to MLS?
Completely different. Really cool to see a quickly working demo but it's using a cut down version of the Signal protocol which I abandoned early on because it makes private group conversations extremely hard / if not impossible.
Great work, thank you for your service!
Los DMs privados van a llegar a Nostr soon!
Tecnología Signal sin número de teléfono
nostr:nevent1qqsvkf5uq3eeyet5y6539zqh94uld5z4zl06zwhlxwmzmtl0qpukg4cpr9mhxue69uhhyetvv9ujuumwdae8gtnnda3kjctv9upzq3frhevd89d3kxt2nwxg9vpck6y4evptdq7scff6j4gx3kapltxsqvzqqqqqqyn4puj7
🔊💯💢💯💪 Thanks
nostr:nevent1qqsvkf5uq3eeyet5y6539zqh94uld5z4zl06zwhlxwmzmtl0qpukg4cpzpmhxue69uhkummnw3ezumt0d5hsygz9ywl935u4kxced2dceq4s8zmgjh9s9d5r6rp98224q6xm58av6qpsgqqqqqqsqx667l
Fine work and much needed.
Just go for MLS. 1 on 1 chats are good enough today with regular gift wraps. The key unsolved problem is efficient private group chatting.
great work, Martti! would this be backwards compatible with all existing clients implementations of DMs? what bout future compatibility with NIP-104 MLS DMs?
Oddbean new post about login | logout 
