Dr. Hax on Nostr: I like the idea, but there are serious problems with leaking metadata with #nostr ...
I like the idea, but there are serious problems with leaking metadata with #nostr DMs. Not sure people care, but having the ciphertext available to everyone is a risk.
It can be mitigated by having a unique relay for each group, but requiring people to do advanced relay management is not a recipe for success.
This could be fixed at the protocol level. E.g.
Client: give me the encrypted notes for key ID 0xabc123
Server: Sign this nonce with that key and they're yours
Client: here's the sig
Server: here's the encrypted DMs
It still lets the relay see who is messaging whom, when and how often, but that is very much like Signal. But unlike Signal, nostr could pick a different subset of relays for each message so no single relay has all the information. As long as everyone in the group is using the same set of relays, that should be reliable.
Published at
2024-10-12 03:49:49Event JSON
{
"id": "1452c152b299cd57ed57896e70578ea9919b58f802d52c36770d2ef096997f94",
"pubkey": "d30ea98ea65e953f91ab93f6b30ea51eb33c506f87d49f600a139aef00aa9511",
"created_at": 1728704989,
"kind": 1,
"tags": [
[
"e",
"f211ef5bcf9561c82b476ea18cede708fe251de7192822e211d0ba349c7954d4",
"",
"root"
],
[
"p",
"4523be58d395b1b196a9b8c82b038b6895cb02b683d0c253a955068dba1facd0"
],
[
"t",
"nostr"
]
],
"content": "I like the idea, but there are serious problems with leaking metadata with #nostr DMs. Not sure people care, but having the ciphertext available to everyone is a risk.\n\nIt can be mitigated by having a unique relay for each group, but requiring people to do advanced relay management is not a recipe for success.\n\nThis could be fixed at the protocol level. E.g.\nClient: give me the encrypted notes for key ID 0xabc123\nServer: Sign this nonce with that key and they're yours\nClient: here's the sig\nServer: here's the encrypted DMs\n\nIt still lets the relay see who is messaging whom, when and how often, but that is very much like Signal. But unlike Signal, nostr could pick a different subset of relays for each message so no single relay has all the information. As long as everyone in the group is using the same set of relays, that should be reliable.",
"sig": "292898d69ce755124f48f26ac7e910891018ddcfc077706804121fb70567bfbe14831ddd262c40526484f1b99a74927f03ce955fd07d80ca85539b74679debc9"
}