> That is why NOSTR is great, has hundreds of volunteer relays that make difficult to track incoming messages and dozens of different clients to retrieve them that are E2EE without cryptographic doubt.
Most public relays sync notes so private messages are extremely easy to track. You could just connect to one of the larger relays and listen for all notes by and npub hoovering all private dms. That's a massive hit to privacy. Gift wrapping helps, but does not guarantee this information won't get leaked when a single npub keeps requesting certain notes. On top of that if a client is using nip46 and possibly connected via relays, that same hoover can see when you attempted to decrypt a given note. Cloudflare proxying is also used for a majority of big relays. Most users will be connecting via clearnet and standard TLS connections leaking traffic and IP addresses.
We are still working on better ways of improving forward secrecy because I believe there is still a possibility of ciphertext attacks with as much data that is available for a given user.
Speaking as the author of the C reference for nip04 and 44 encryption.
ChipTuner
npub1qd…3fqm7
2024-10-22 20:45:24
in reply to nevent1q…ua9r
Author Public Key
npub1qdjn8j4gwgmkj3k5un775nq6q3q7mguv5tvajstmkdsqdja2havq03fqm7Published at
2024-10-22 20:45:24Event JSON
{
"id": "7901f2e25564d8eeb3794a410576a1e3d4dbf4c59c3aab577033bd499d14a60f",
"pubkey": "036533caa872376946d4e4fdea4c1a0441eda38ca2d9d9417bb36006cbaabf58",
"created_at": 1729629924,
"kind": 1,
"tags": [
[
"e",
"2010dd46b4beebc68f7972134d8780ce996c0ba0745dfb33fb648fc924eb9053",
"",
"root"
],
[
"e",
"43e6b6db9004879b72ad60c40a3f9646842fdb5ec03a47e0328558da8a8649f6",
"wss://nostr-relay.wlvs.space/",
"reply"
],
[
"p",
"ba5115c37b0f911e530ed6c487ccbd9b737da33fd4b88a9f590860378c06af62",
"wss://nostr-relay.wlvs.space/",
"mention"
],
[
"p",
"5c8a576582b8aba3793f2abc5f2a52c1325a900a0a94be0f1cbcc70f4fc5edee",
"",
"mention"
],
[
"p",
"ac3f6afe17593f61810513dac9a1e544e87b9ce91b27d37b88ec58fbaa9014aa",
"",
"mention"
]
],
"content": "\u003e That is why NOSTR is great, has hundreds of volunteer relays that make difficult to track incoming messages and dozens of different clients to retrieve them that are E2EE without cryptographic doubt.\n\nMost public relays sync notes so private messages are extremely easy to track. You could just connect to one of the larger relays and listen for all notes by and npub hoovering all private dms. That's a massive hit to privacy. Gift wrapping helps, but does not guarantee this information won't get leaked when a single npub keeps requesting certain notes. On top of that if a client is using nip46 and possibly connected via relays, that same hoover can see when you attempted to decrypt a given note. Cloudflare proxying is also used for a majority of big relays. Most users will be connecting via clearnet and standard TLS connections leaking traffic and IP addresses. \n\nWe are still working on better ways of improving forward secrecy because I believe there is still a possibility of ciphertext attacks with as much data that is available for a given user. \n\nSpeaking as the author of the C reference for nip04 and 44 encryption. ",
"sig": "607707e0ce5a4a8f95b620576831081195b489100cdde2ae41030f978240fc698756fb4b96b188b8cca01fc3f85cf1a03a85a3d9af2f0c814792f10563acd0b6"
}