Martti Malmi on Nostr: It's a step in the right direction, but it still reveals the recipient and doesn't do ...
It's a step in the right direction, but it still reveals the recipient and doesn't do key rotation, so all your message history and future messages are revealed if your main Nostr key is ever compromised. It's a tradeoff between security and availability. I'd personally choose Signal-style key rotation.
Published at
2024-10-12 07:24:39Event JSON
{
"id": "8bb83903c0cb7f24f6fbb7601bacefea10ddf27fb35e1d25a324716c9dcd57b9",
"pubkey": "4523be58d395b1b196a9b8c82b038b6895cb02b683d0c253a955068dba1facd0",
"created_at": 1728717879,
"kind": 1,
"tags": [
[
"q",
"e0955b002a9dfa37db56c1b61cd062564a9b79a32a2d74ff9bad9c5fce08c169"
],
[
"e",
"e0955b002a9dfa37db56c1b61cd062564a9b79a32a2d74ff9bad9c5fce08c169",
"",
"reply",
"7cc328a08ddb2afdf9f9be77beff4c83489ff979721827d628a542f32a247c0e"
]
],
"content": "It's a step in the right direction, but it still reveals the recipient and doesn't do key rotation, so all your message history and future messages are revealed if your main Nostr key is ever compromised. It's a tradeoff between security and availability. I'd personally choose Signal-style key rotation.",
"sig": "244bc47a18fc1ac07523c259c8758106416d988e4238f08b9bb264fb589158541c29b0b89d7c3734b3b8c3c7393145cf7e567a2a8814ac1bae273ce6c968dca9"
}
