diff options
| -rw-r--r-- | 21.md | 9 |
1 files changed, 3 insertions, 6 deletions
| @@ -43,8 +43,7 @@ Ids and signatures omitted and pubkeys shortened for readability. | |||
| 43 | 43 | ||
| 44 | [^q1]: https://t.me/nostr_protocol/26059 | 44 | [^q1]: https://t.me/nostr_protocol/26059 |
| 45 | 45 | ||
| 46 | Rationale | 46 | ## Rationale |
| 47 | --------- | ||
| 48 | 47 | ||
| 49 | [NIP-04](04.md) is flawed because its event contents are encrypted, but the metadata around it is not, and by the nature of Nostr as a protocol designed for public communication in general anyone is able to query relays for any event they want -- thus it's possible to anyone to track conversations between any other Nostr users, not _exactly what_ they're saying, but to whom they're chatting and how often. | 48 | [NIP-04](04.md) is flawed because its event contents are encrypted, but the metadata around it is not, and by the nature of Nostr as a protocol designed for public communication in general anyone is able to query relays for any event they want -- thus it's possible to anyone to track conversations between any other Nostr users, not _exactly what_ they're saying, but to whom they're chatting and how often. |
| 50 | 49 | ||
| @@ -59,8 +58,7 @@ This NIP, if used in conjunction with relays that are trusted to honor it and no | |||
| 59 | [^1]: Not considering, of course, the million other features Telegram offers, that are irrelevant to this document. | 58 | [^1]: Not considering, of course, the million other features Telegram offers, that are irrelevant to this document. |
| 60 | [^2]: Not considering, of course, the cryptographic protocols that Signal uses to provide forward secrecy and other advanced functionality which are already not present in NIP-04. | 59 | [^2]: Not considering, of course, the cryptographic protocols that Signal uses to provide forward secrecy and other advanced functionality which are already not present in NIP-04. |
| 61 | 60 | ||
| 62 | Comparison with other proposals | 61 | ## Comparison with other proposals |
| 63 | ------------------------------- | ||
| 64 | 62 | ||
| 65 | Over the last months a number of other proposals were made to try to improve the lack of privacy NIP-04 provides[^3][^4][^5]. | 63 | Over the last months a number of other proposals were made to try to improve the lack of privacy NIP-04 provides[^3][^4][^5]. |
| 66 | 64 | ||
| @@ -75,8 +73,7 @@ Although all these proposals solve the issue in some way of another, and it can | |||
| 75 | [^6]: For example, even with ephemeral keys, if the general public still have access to all the events some time-analyses and other heuristics can be used to try to track chat activity between Nostr users. | 73 | [^6]: For example, even with ephemeral keys, if the general public still have access to all the events some time-analyses and other heuristics can be used to try to track chat activity between Nostr users. |
| 76 | [^7]: Another example: even with ephemeral keys, it can be assumed that relays will know at least the IP address of the clients that are using it for the kind-4 messages, so they will have almost as much metadata as before -- which brings us back, again, to some level of trust on these relays to not reveal this metadata to the public, as in the current proposal. | 74 | [^7]: Another example: even with ephemeral keys, it can be assumed that relays will know at least the IP address of the clients that are using it for the kind-4 messages, so they will have almost as much metadata as before -- which brings us back, again, to some level of trust on these relays to not reveal this metadata to the public, as in the current proposal. |
| 77 | 75 | ||
| 78 | Further possibilities | 76 | ## Further possibilities |
| 79 | --------------------- | ||
| 80 | 77 | ||
| 81 | Some random things that can be optionally done based on this NIP: | 78 | Some random things that can be optionally done based on this NIP: |
| 82 | 79 | ||