Oddbean new post about | logout
tyiu | 6 months ago (raw) | export | reply | flag +3 
 @hodlbod @Vitor Pamplona @fiatjaf I’m implementing NIP-59 Gift Wraps in Nostr SDK for Apple Platforms and also reading the NIP-17 Private Direct Message spec. It seems that one benefit is that the recipient can fully recover messages from any client using their private key.

However, the only way for the sender to recover the messages that they sent is by backing up all the keys they used to send the messages and also backing up the mapping of which keys are paired with which recipient.

Am I understanding this correctly?
Mike Dilger | 6 months ago (raw) | root | parent | reply | flag +1 
 Send a giftwrap copy to yourself.  You can't read the one that goes to the recipient.
Mike Dilger | 6 months ago (raw) | root | parent | reply | flag 
 And use a different random key for the copy to yourself, else they can be coorelated.

You don't need to remember any of these keys.
tyiu | 6 months ago (raw) | root | parent | reply | flag 
 Ok, that makes sense. Seems like we could clarify that on NIP-17, unless I missed it. So then the rumor and seal would be identical for both the sender and recipient gift wrapped copies. Just the random signing key and p tag would be different on the gift wrapped copy to yourself as the sender.
tyiu | 6 months ago (raw) | root | parent | reply | flag 
 Ah, never mind. NIP-59 mentions what you just said about sending yourself a copy.

"If a `rumor` is intended for more than one party, or if the author wants to retain an encrypted copy, a single `rumor` may be wrapped and addressed for each recipient individually.”

https://github.com/nostr-protocol/nips/blob/734f379a2a2f225f76f87cdcf074c997a0d40d35/59.md?plain=1#L82-L83