I'm at Bitcoin Amsterdam, but spent half the day finishing some Signal-style double ratchet messaging.
Deployed an experimental version on https://iris.to. You can create chat invite links and give them to friends via QR or other messaging. The UI is still lacking and glitchy, but just had to demo at the conference.
The chats cannot be publicly linked to either participant, and even if your main Nostr key is revealed, the content and existence of past messages stays hidden.
https://image.nostr.build/b4533acd973793f7114fd5c272ccd5b5045ea0bd127c214e8314fc4c8282a354.png
https://image.nostr.build/ded8c0437548cb1359d34b43b966b64f798cd2f98ae5f859771f47cc551cd5bd.png
https://image.nostr.build/4458f2de8f4d424aff137d2d7ed283dd27501e1abc0a43234405008614a5cb70.png
Also published npm package nostr-double-ratchet 0.0.1: https://www.npmjs.com/package/nostr-double-ratchet
It's not actually double ratchet yet, but the single ratchet already achieves forward and backward secrecy.
The second ratchet would help secure the latest consecutive messages by same author, in case a message key for the most recent of their messages is compromised. That makes disappearing messages or manually deleted messages more secure. I guess we'll have to do it so we can say "Signal-level security".
This is obviously not tested or audited yet, but probably it's not worse than normal Nostr DMs 😅
You can take a look at the source code, but I'll write a better technical description later. It's using existing Nostr cryptography + some key derivation stuff. Chat invites use gift wrap -like arrangement addressed to the inviter's temporary session key. https://github.com/mmalmi/nostr-double-ratchet