keychat on Nostr: NIP-17 exposes the recipient's identity and lacks both forward and backward secrecy. ...
NIP-17 exposes the recipient's identity and lacks both forward and backward secrecy. However, its advantage lies in better multi-device synchronization capabilities. Because the encryption key and receiving address remain unchanged, users can receive and decrypt all messages simply by importing their nsec. NIP-17 is designed for DM in microblogging applications, not as a standalone chat application. It prioritizes multi-device synchronization over enhanced encryption security. This is not a flaw, as it has suitable application scenarios.
Published at
2024-09-28 08:31:09Event JSON
{
"id": "6df9948a9a740b6a9ea27c6c01ac14537ca7e876e86fd8557b71823eb9fbb2f7",
"pubkey": "bbf923aa9246065f88c40c7d9bf61cccc0ff3fcff065a8cb2ff4cfbb62088f1e",
"created_at": 1727512269,
"kind": 1,
"tags": [
[
"e",
"d159d5162dbb6d85b2be7ca84ba891d1abee74a90c1690ca6a692eff38731b55",
"",
"root"
],
[
"e",
"198363a1b9fd46e8884aea1a81182cfb74945b59595d71b726cf4b9c5f38798a",
"",
"reply"
],
[
"p",
"4523be58d395b1b196a9b8c82b038b6895cb02b683d0c253a955068dba1facd0"
],
[
"p",
"460c25e682fda7832b52d1f22d3d22b3176d972f60dcdc3212ed8c92ef85065c"
]
],
"content": "NIP-17 exposes the recipient's identity and lacks both forward and backward secrecy. However, its advantage lies in better multi-device synchronization capabilities. Because the encryption key and receiving address remain unchanged, users can receive and decrypt all messages simply by importing their nsec. NIP-17 is designed for DM in microblogging applications, not as a standalone chat application. It prioritizes multi-device synchronization over enhanced encryption security. This is not a flaw, as it has suitable application scenarios.",
"sig": "135ae199e2344c0af54385d51bef307bddc6969fae2bdd967d409cfe8871453a68bdcaca08a1cc906f0e0252d39a376be1530c84bd7878fd29a95847a938b8e3"
}
