Oddbean new post about | logout
Vitor Pamplona | 11 months ago (raw) | export | reply | flag +21 
 Audits of the new NIP-44 encryption for DMs are up: "The fact that Cure53 was not able to identify any exploitable vulnerabilities can be
interpreted as a positive sign in regard to the security of the NIP44 specification and
implementations. "

But they did offer suggestions to harden the security that will be implemented soon and warned against naive implementations of secp256k1. 🚀 

For those who want to read more: https://cure53.de/audit-report_nip44-implementations.pdf
water783 | 11 months ago (raw) | root | parent | reply | flag 
 A significant milestone achievement. 🚀
sommerfeld | 11 months ago (raw) | root | parent | reply | flag 
 Great to hear!
bloodymary | 11 months ago (raw) | root | parent | reply | flag 
 Heading there!
hodlbod | 11 months ago (raw) | root | parent | reply | flag 
 Probably the most important day of my life
JohnyDoor | 11 months ago (raw) | root | parent | reply | flag 
 fantastic!
Bitcoin Carlin | 11 months ago (raw) | root | parent | reply | flag +1 
 Glad to see this but is it still possible to leak metadata or has that been addressed?

The holy grail is obfuscation of source destination and content. Is there a path for that?
Vitor Pamplona | 11 months ago (raw) | root | parent | reply | flag 
 Yep, that has been addressed. There is a key alias design that you can rotate pubkeys to receive DMs. I dont think anyone has coded that yet and it might not be needed since people cant even see the date/time of the message. It could be old, random noise
YawningGoat | 11 months ago (raw) | root | parent | reply | flag +1 
 Congrats @Vitor Pamplona and @hodlbod for all the hard work you’ve put in so far 👏

Almost there!