When we started conceptualizing Keychat, we aimed to design a chat application that surpasses Signal. Our design process was divided into four steps.

First, Keychat addresses issues of user sovereignty. It opts to use Nostr public keys as IDs and Nostr relays for message transmission. Users fully own their IDs, which are not registered on any server. They can choose which relays to use.

Second, Keychat aims to solve the security issue of message encryption by implementing end-to-end encryption that ensures both forward secrecy and backward secrecy. Keychat implements the Signal protocol (X3DH and the Double Ratchet algorithm) on the client side without the need for a coordination server. Existing Nostr relays only need to handle the transmission of encrypted messages.

Third, Keychat tackles the problem of metadata privacy. A major issue with original Nostr DMs is that metadata is not only exposed to relay operators but also to other users. Keychat separates the sending address and receiving addresses from the ID, updating these addresses for almost every message. Thus, each Keychat message is nearly independent.

Lastly, Keychat addresses the issue of user payments and relay charges. Since each message is not linked to an ID, traditional payment models are not feasible. Initially, we thought of having relays issue one-time anonymous access tokens that users could purchase and use for anonymous pay-per-use. Later, we realized that using Bitcoin ecash as postage for messages would be a better solution.

Ultimately, we designed a chat application where users maintain sovereignty, messages are securely encrypted, metadata privacy is preserved, and the economic model is straightforward and reliable. nostr:note1kr8nvdlhz207rq6z300xy6qylf9mmpgjxgfq6925vkez4f3ej3gqh5f0te 

 SimpleX ?!  What s different? 

 nostr:note186wfn3zdrds9g3k2rgqxtzxxr3azfzr3vz6aa68c52kns7wqpduspmk2hh 

 What's the long term funding strategy fkr Keychat? 

 If users utilize a relay operated by Keychat, we will receive ecash sats. 

 So you're thinking you can operate enough relays to collect "postage" to fund development?
🤔 

 Yes, we should at least try. We believe this is a simple and reliable revenue model, and that advertising models are unhealthy. 

 Where is your code hosted? 

 nostr:note1xgsxkvhyvd55jqt0adacf29xssd4k8zl5qd2q22zarqhpalj3nxqsmw2dv 

 Nice! I've got a few questions if you don't mind

How do the estamps work? Are they going to be purchased from a service provider, and do you pay them back? Is there a server that gets paid or are users paying other users? 

 Nostr relay operators and Cashu mint operators are independent. If a relay accepts ecash issued by a mint, users can obtain ecash from the mint and use it as postage on their messages. Once the Nostr relay receives it, it can be exchanged for LN sats. 

 Ok it's the relay who gets paid, that's awesome. Is there an issue if the relay runs the mint? 

 If they wish, they can operate both a Nostr relay and a Cashu mint simultaneously.

We believe that relays will accept ecash issued by as many mints as possible.

nostr:note1xuv2l9e40vm2p05lk6prsn45tfmy4v4kgj6lxwewdxuysdr4wcrsrnva37 

 I think the reverse is better, meaning relays want to accept only from whitelisted mints.

Otherwise, I can spin up a new mint , print tokens and DoS attack Keychat since any new mint by definition can't be in the blacklist. 

 thanks for sharing, i’m super interested in this 

 Great ideas, but I think relying only on ecash is a risk. Cashu and Fedimint are not well established jet. Why not integrating lightning as well? 

 Yes, we are aware of the custodial risks associated with ecash. However, the transaction fees on the Lightning Network are high, comparable to those charged by Phoenix. Additionally, completing a payment on the Lightning Network involves multiple steps. The privacy offered by LN also does not match that of ecash. Therefore, we choose ecash as our form of postage. 

 I mean that the transaction fees for self-hosted Lightning Network transfers are much more expensive than ecash. https://image.nostr.build/d6edc170332abf678b9c693eb3505c2eac4a17a85810fc096a06717f7bd60679.jpg  

 What are the fees for ecash? Also, 1 sat will be 1 dollar sooner that we realize. So what do we do when 1 message = 1 dollar? 

 The Cashu protocol will support currency units smaller than 1 sat, such as 0.01 sat. 


nostr:note1exjy7radjlfy8lhk8ulqk08p5fcvjll85yl706s5jt6zwvqjgw9se7dzcx 

 Calling  @QnA
Double ratchet on nostr, using e-cash for postage. 
Would love to get your thoughts on this.  

 Probably because I don't understand properly, but I don't understand what problem ecash is fixing here. 

 That's what I don't get. Great that they've ported signal encryption over to nostr for DMs. Don't see why e-cash needs to be integrated, other than a potential revenue model later down the line. Anti-spam maybe.  

 The first function of stamps is anti-spam. Messaging apps like Signal or WhatsApp require registration, and the sender’s address for messages is the user’s ID. Therefore, the server administrators of these apps can block IDs to prevent spam. 

In the registration model, users do not have control over their own IDs. 

Keychat users, on the other hand, do not need to register, as their locally generated npub serves as their ID. Furthermore, each message is sent from a constantly generated, unique address, rather than using the ID as the sending address. As a result, Keychat cannot block spam by blocking IDs. 

The second function of stamps is to provide nostr relays with a sustainable source of revenue. Signal has been running at a loss, as discussed in this blog post: https://signal.org/blog/signal-is-expensive/

Keychat’s use of ecash sats as message stamps is primarily inspired by the postal system. Moreover, using ecash sats as stamps does not affect the metadata privacy of messages.