Oddbean new post about | logout
PABLOF7z | 10 months ago (raw) | root | parent | reply | flag 
 I’m struggling to see what would be the benefit of using an nsecBunker at all if the client is going to end up with the secret though, the only reason I would see is to share the nsec with a new client by leveraging this new auth_url response, but don’t know if such a niche user flow warrants this.

Makes sense?
Vitor Pamplona | 10 months ago (raw) | root | parent | reply | flag +2 
 You are not sharing the nsec. You will be sharing just the sum (nsec+npub) of each conversation. In NIP-44 its impossible to calculate the original nsec just with the conversation key. 

Clients can then encrypt and decrypt messages but they can never sign for them. That's the role of the bunker.
PABLOF7z | 10 months ago (raw) | root | parent | reply | flag 
 Oh! I thought you were saying to just share the nsec that was in the bunker! I didn't get this was solely within the context of NIP-44!
Vitor Pamplona | 10 months ago (raw) | root | parent | reply | flag 
 Yep, all encryptions will be NIP-44 in the future. It could affect everything :)