Oddbean new post about login | logout After working on this on and off for 7 days, I've finally finished implementing NIP-44 encryption in Swift for use on Apple platforms! This will replace the unrecommended NIP-04 encryption. Definitely lost a few hairs and gained a few gray ones. 😅 Thanks to @montzstar for reviewing my PR to Nostr SDK for Apple Platforms and thanks to @mplorentz from Nos for pair programming with me when I got stuck. https://github.com/nostr-sdk/nostr-sdk-ios/pull/138 I’ve submitted a forked copy to the shared nip44 repo. Please review and double-check my work if you’re able to read Swift code. All the test vectors pass, though. @paulmillr @Vitor Pamplona @Magister Michael Dilger M.Sc. https://github.com/paulmillr/nip44/pull/11
Can you translate for us non-tech fam, thanks! Appreciate your work 🙏
The claim is that every time you encrypt a message with NIP-04, it decreases the difficulty for an attacker to determine your private key. I’m not a cryptographer, so I can’t verify the claim. The design and professional cryptography audit of NIP-44 was funded by OpenSats, mitigates that attack vector, and is allegedly a better encryption scheme than NIP-04. It does have known limitations as mentioned in the specification. NIP-04 is unrecommended but it has not yet been replaced in all the other NIPs that use it. The developer community needs to work on moving towards implementing NIP-44 encryption for all encrypted messages, including DMs, while still maintaining backward compatibility with NIP-04 encrypted messages. https://github.com/nostr-protocol/nips/blob/master/44.md https://opensats.org/blog/nostr-grants-december-2023#nip-44-cryptography-audit
One real world scenario I encountered while testing coracle is that if only nip-44 is implemented this is not backwards compatible with nip-04. Not sure at all about NIPs best practices, and if this is best addressed at all in NIPs, SDKs. I think @hodlbod had thought this through on coracle, and there was some bug he squashed to make these DMs NIPs compatible.
The way I see it working is: 1. Have all the major clients and SDKs support encryption and decryption for both NIP-04 and NIP-44 for some time but have NIP-44 be the default for encryption. 2. Clients can allow users to migrate their signed NIP-04 encrypted events by decrypting them and creating new ones with identical content but encrypted with NIP-44. 3. Once most people stop creating new NIP-04 encrypted events, remove support for encrypting in NIP-04 and support only decrypting NIP-04 moving forward. NIP-44 becomes the only way to encrypt events.
NIP 04 is used all over the place still, including DMs, can you describe what you're seeing in more detail?
Coracle handles backwards compatibility to nip-04 fine, no issues with Coracle. I mentioned to Terry that some apps may still use nip-04, and not nip-44. Therefore if new apps build only nip-44, without taking into account backwards compatibility this would be a nostr interoperability or #nostrability pain point.
Nice! Let's go! 🚀
🚀 fuck yeah
New private DM system coming to your nearest iOS app. 🚀 nostr:nevent1qqsrpu3pjw2ql5thzp73p2xvtllz3fpchfxfphrdr379egfruez7gqspz3mhxue69uhhyetvv9ujuerpd46hxtnfdupzqfme70vlgtraactlpe4umnuf4ruatyk3nca3h0f8auw0l5d8lxx3qvzqqqqqqyrtdqx6
nostr:nevent1qqsrpu3pjw2ql5thzp73p2xvtllz3fpchfxfphrdr379egfruez7gqspz3mhxue69uhhyetvv9ujuerpd46hxtnfdupzqfme70vlgtraactlpe4umnuf4ruatyk3nca3h0f8auw0l5d8lxx3qvzqqqqqqyrtdqx6