Deprecate NIP 04

5 files changed, 23 insertions, 15 deletions

diff --git a/04.md b/04.md
index 6e45b74..2490c18 100644
--- a/04.md
+++ b/04.md
@@ -1,10 +1,12 @@
+> __Warning__  `unrecommended`: deprecated in favor of [NIP-44](44.md)
+
 NIP-04
 ======
 
 Encrypted Direct Message
 ------------------------
 
-`final` `optional` `author:arcbtc`
+`final` `unrecommended` `author:arcbtc`
 
 A special event with kind `4`, meaning "encrypted direct message". It is supposed to have the following attributes:
 
diff --git a/07.md b/07.md
index ee4e372..661144e 100644
--- a/07.md
+++ b/07.md
@@ -18,8 +18,10 @@ async window.nostr.signEvent(event: Event): Event // takes an event object, adds
 Aside from these two basic above, the following functions can also be implemented optionally:
 ```
 async window.nostr.getRelays(): { [url: string]: {read: boolean, write: boolean} } // returns a basic map of relay urls to relay policies
-async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertext and iv as specified in nip-04
-async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04
+async window.nostr.nip04.encrypt(pubkey, plaintext): string // returns ciphertext and iv as specified in nip-04 (deprecated)
+async window.nostr.nip04.decrypt(pubkey, ciphertext): string // takes ciphertext and iv as specified in nip-04 (deprecated)
+async window.nostr.nip44.encrypt(pubkey, plaintext): string // returns encrypted payload as specified in nip-44
+async window.nostr.nip44.decrypt(pubkey, ciphertext): string // takes encrypted payload as specified in nip-44
 ```
 
 ### Implementation
diff --git a/44.md b/44.md
index 9d43698..c6fb69a 100644
--- a/44.md
+++ b/44.md
@@ -8,7 +8,7 @@ Encrypted Payloads (Versioned)
 
 The NIP introduces a versioned encryption data model, allowing multiple algorithm choices to exist simultaneously.
 
-The algorithm described in NIP4 is potentially vulnerable to [padding oracle attacks](https://en.wikipedia.org/wiki/Padding_oracle_attack) and uses keys which are not indistinguishable from random.
+The algorithm described in NIP-04 is potentially vulnerable to [padding oracle attacks](https://en.wikipedia.org/wiki/Padding_oracle_attack) and uses keys which are not indistinguishable from random. For more information, see [here](https://github.com/nostr-protocol/nips/pull/715#issuecomment-1675301250-).
 
 An encrypted payload MUST be encoded as a JSON object. Different versions may have different parameters. Every format has a `v` field specifying its version.
 
@@ -17,10 +17,6 @@ Currently defined encryption algorithms:
 - `0x00` - Reserved
 - `0x01` - XChaCha with same key `sha256(ecdh)` per conversation
 
-# Version 0
-
-Version 0 is not defined, however implementations depending on this NIP MAY choose to support the payload described in NIP 04 in the same places a NIP 44 payload would otherwise be expected. This is intended to allow a smooth transition while clients and signing software adopt the new standard.
-
 # Version 1
 
 Params:
@@ -38,11 +34,13 @@ Example:
 }
 ```
 
-**Note**: By default in the [libsecp256k1](https://github.com/bitcoin-core/secp256k1) ECDH implementation, the secret is the SHA256 hash of the shared point (both X and Y coordinates). We are using this exact implementation. In NIP4, unhashed shared point was used.
+# Other Notes
+
+By default in the [libsecp256k1](https://github.com/bitcoin-core/secp256k1) ECDH implementation, the secret is the SHA256 hash of the shared point (both X and Y coordinates). We are using this exact implementation. In NIP-94, unhashed shared point was used.
 
-## Code Samples
+# Code Samples
 
-### Javascript
+## Javascript
 
 ```javascript
 import {xchacha20} from "@noble/ciphers/chacha"
@@ -99,7 +97,7 @@ export function decrypt(privkey: string, pubkey: string, payload: string) {
 }
 ```
 
-### Kotlin
+## Kotlin
 
 ```kotlin
 // implementation 'fr.acinq.secp256k1:secp256k1-kmp-jni-android:0.10.1'
diff --git a/46.md b/46.md
index 90fa1a0..06a2689 100644
--- a/46.md
+++ b/46.md
@@ -82,12 +82,18 @@ These are mandatory methods the remote signer app MUST implement:
 - **get_relays**
   - params []
   - result `{ [url: string]: {read: boolean, write: boolean} }` 
-- **nip04_encrypt**
+- **nip04_encrypt** (deprecated)
   - params [`pubkey`, `plaintext`]
   - result `nip4 ciphertext`
-- **nip04_decrypt**
+- **nip04_decrypt** (deprecated)
   - params [`pubkey`, `nip4 ciphertext`]
   - result [`plaintext`]
+- **nip44_encrypt**
+  - params [`pubkey`, `plaintext`]
+  - result `nip44 encrypted payload`
+- **nip44_decrypt**
+  - params [`pubkey`, `nip44 encrypted payload`]
+  - result [`plaintext`]
 
 
 NOTICE: `pubkey` and `signature` are hex-encoded strings.
diff --git a/README.md b/README.md
index 3c35ef3..f50bf21 100644
--- a/README.md
+++ b/README.md
@@ -22,7 +22,7 @@ They exist to document what may be implemented by [Nostr](https://github.com/nos
 - [NIP-01: Basic protocol flow description](01.md)
 - [NIP-02: Contact List and Petnames](02.md)
 - [NIP-03: OpenTimestamps Attestations for Events](03.md)
-- [NIP-04: Encrypted Direct Message](04.md)
+- [NIP-04: Encrypted Direct Message](04.md) --- **unrecommended**: deprecated in favor of [NIP-44](44.md)
 - [NIP-05: Mapping Nostr keys to DNS-based internet identifiers](05.md)
 - [NIP-06: Basic key derivation from mnemonic seed phrase](06.md)
 - [NIP-07: `window.nostr` capability for web browsers](07.md)