0 sats \ 3 replies \ @gandlaf21 21 Jan 2023 \ on: emon: encrypted messaging over nostr with lightning integration ⚡ nostr
Just FYI, Encrypted messaging over nostr nip04 is not optimal, and way less secure than for example Signal or something alike.
some drawbacks of Nip04:
  • Senders PUBK is leaked
  • Recipients PUBK is leaked
  • Timestamp is leaked
  • If one private key gets compromised, the whole conversation can be decrypted (due to no key-ratcheting)
write
preview
0 sats \ 0 replies \ @SebasWouters OP 29 Jan 2023
https://excalidraw.com/#json=a3QchmPVJTwUmnGRdgWAE,ruanCZyI0JqggZlZOrLm_A
reply
0 sats \ 1 reply \ @kevkevin 21 Jan 2023
are they using Elliptic curve Diffie Helman is that why? Isn't the point of Diffie Helman to establish a symmetric that both parties can use but in order to do so you need to expose your pubkey
reply
0 sats \ 0 replies \ @gandlaf21 22 Jan 2023
Yes, the senders and receivers pub key are stored in the event data.
You could mask the receiver by sending to many pub keys, but only one real one.
ECDHKE is good, but for conversation, where multiple messages are sent back and forth, you want an additional security parameter. The keys for encryption and decryption should change with each message. So that if a key gets compromised, the history cannot be decrypted
reply