The claim is that every time you encrypt a message with NIP-04, it decreases the difficulty for an attacker to determine your private key. I’m not a cryptographer, so I can’t verify the claim. The design and professional cryptography audit of NIP-44 was funded by OpenSats, mitigates that attack vector, and is allegedly a better encryption scheme than NIP-04. It does have known limitations as mentioned in the specification. NIP-04 is unrecommended but it has not yet been replaced in all the other NIPs that use it. The developer community needs to work on moving towards implementing NIP-44 encryption for all encrypted messages, including DMs, while still maintaining backward compatibility with NIP-04 encrypted messages.
https://github.com/nostr-protocol/nips/blob/master/44.md
https://opensats.org/blog/nostr-grants-december-2023#nip-44-cryptography-audit
Oddbean new post about login | logout