[Pull Request] NIP-104: End-to-End Encrypted DMs by erskingardnergithub.com/nostr-protocol/nips/pull/1206
5228 sats \ 4 comments \ @0xbitcoiner 29 Apr nostr

NIP-104

Double Ratchet E2EE Direct Messages
This NIP defines an encrypted direct messaging scheme that provides double-ratchet E2EE (end-to-end encryption) with forward secrecy & post-compromise (backward) secrecy and allows users to access messages from multiple synced devices.
  • Live demo
  • Demo app code
  • Demo app video with explainer

Context
Currently, one-to-one direct messages (DMs) in Nostr happen via the scheme defined in NIP-04. This NIP is not recommended because, while it encrypts the content of the message, it leaks significant amounts of metadata about the parties involved in the conversation.
With the addition of NIP-44, we have an updated encryption scheme that improves some (but not all) of the metadata leakage and improves the obfuscation of message content but this NIP stops short of defining a new kind number or scheme for doing direct messages using this encryption scheme.
There have been a few separate proposals for new ways to do DMs that do not leak metadata. The most accepted (and recently merged) one is NIP-17 which combines NIP-44 encryption with NIP-59 gift-wrapping to hide the actual direct message inside another set of events to ensure that it's impossible to see who is talking to who and when messages passed between the users. This solves the metadata leakage problem and does allow some degree of deniability/repudiation but doesn't solve forward/backward secrecy. That is to say, if a user's private key (or the calculated conversation key used to encrypt messages) is compromised, the attacker will have full access to all past and future DMs sent between those users.

... read more
write
preview
related posts
91 sats \ 0 replies \ @jakoyoh629 29 Apr
That's one small step for man, one giant leap for mankind.
reply
74 sats \ 1 reply \ @BlueSlime 30 Apr
This looks sexy AF.
The best thing nostr has going is the decentralized identities and cryptographic signing.
If you add the hardest e2e private messaging standard on top, then nostr will be a killer app.
I don't believe anyone really wants to be spied on. Even normies are getting salty from the endless tentacle-rape of their electronics by the orwellian surveillance octopus.
If I could ditch signal for a private messaging nostr app, I would do it in a heartbeat and compel all my normie friends to join. And I don't think it would take much persuading to get them onboard.
One thing that is missing though, is a way to manage nostr identities in a mobile wallet. With a much better interface than NIP-7 that supports protocols like this NIP directly.
reply
0 sats \ 0 replies \ @Hamstr 30 Apr
signal just did an upgrade that you can join groups without giving up your number. And there are apps, sessions, simpleX, matrice and something else.
reply
32 sats \ 0 replies \ @Hamstr 30 Apr
From what I understand it's not completely EE2E but rather the lite version. Something about relays metadata that's making it not completely Ee2E.
But yeah it's still a step from anyone viewing all your messages if they login using your npub.
reply