Ephemeral, anonymous chat via QR codes over nostr \ stacker news ~nostr

pull down to refresh

Ephemeral, anonymous chat via QR codes over nostr github.com/ekzyis/nostr-qrchat

1728 sats \ 21 comments \ @ek 10 May 2023 nostr

view all related items

54 sats \ 0 replies \ @ek OP 10 May 2023

You can try the QR code on Github or this one:

https://i.postimg.cc/xTxQqhCR/qr-stackernews.png

Clicking on the QR code on Github also works

240 sats \ 17 replies \ @Monotone 10 May 2023

It seems to me that nostr is not suitable for anonymous chats. There are already many other good solutions

57 sats \ 7 replies \ @TonyGiorgio 10 May 2023

Agreed. Better to not go down too far down the path. Terrible foundation for chat, espeically if something is intended to be "anonymous"

55 sats \ 6 replies \ @ek OP 10 May 2023

I like the ease of use because it's just a key pair.

I don't know of any other service where you can simply generate a key pair and then send encrypted DMs to another key pair (which could also be generated on demand which I don't do here, to be fair).

Isn't that as anonymous as it can be on clearnet?

Or are you concerned because of the current state of NIP-04?

54 sats \ 5 replies \ @TonyGiorgio 10 May 2023

ease of use

Like PGP? And some things are complicated for a reason. Simple doesn't mean you should use it.

concerned because of the current state of NIP-04

That's putting it lightly.

0 sats \ 4 replies \ @ek OP 10 May 2023

No, PGP is hard to use right. (edit: Talking about usage over SMTP here)

I think you are talking more generally about using nostr for anonymous chats. Generally, I agree. Nostr is bad to stay anonymous.

However, I don't see how ephemeral key pairs as used here are not anonymous. I am talking about this specific use case where a random person just wants to contact you to exchange a few messages and then the key will never be used again.

Maybe I should be more clear: It's about the anonymity of the sender, I don't generate a new key pair for the recipient side (yet). So I am indeed not anonymous here.

0 sats \ 3 replies \ @TonyGiorgio 10 May 2023

I guess I don't really get what's the point of the project then. I just see a QR code and a github repo that says "anonymouse chat!"

Not trying to dismiss it or discourage development, but I don't see the point nor understand the claims being made.

view all 3 replies

0 sats \ 8 replies \ @ek OP 10 May 2023

Which do you have in mind?

108 sats \ 7 replies \ @Monotone 10 May 2023

As far as I remember, nostr now has metadata about who sent messages to whom and when. This is not enough for complete anonymity. Though I may not have gotten the point.)

248 sats \ 2 replies \ @ek OP 10 May 2023

Yes, NIP-04 leaks metadata as it is. But since one key pair will never be reused (at least that's my intention), I thought this should still be "anonymous".

I could also create a new ephemeral key pair for the recipient side. Then I think metadata shouldn't matter.

But I could be wrong of course.

0 sats \ 1 reply \ @Monotone 10 May 2023

This option can be useful for one-time short chats, but not for long-term communication.

5 sats \ 0 replies \ @ek OP 10 May 2023

Yes, I agree. That's why it's called ephemeral: new key pairs are generated every time you reload the page.

reply on another page

10 sats \ 3 replies \ @ek OP 10 May 2023

You didn't say which other solutions you were talking about. I would be interested in them.

1458 sats \ 2 replies \ @Monotone 10 May 2023

For example this: https://simplex.chat/

Not much harder to use, but more secure and much more anonymous. It doesn't even have a user ID.

5 sats \ 1 reply \ @ek OP 10 May 2023

Oh, right, I think SimpleX was also mentioned in the discussions about how to improve NIP-04 but I didn't take a look at it yet. Thanks for reminding me!

This looks indeed really promising.

Maybe I can implement the protocol for my use case with QR codes.

Thanks again!

view all 1 replies

0 sats \ 0 replies \ @gzoo 10 May 2023

Like it! 👏👏👏

0 sats \ 0 replies \ @ek OP 10 May 2023

I replied to two people coming from Github but I think I replied too late and the session was already closed, haha

Sorry for being slow!

edit: Oh, I found a bug. An old tab of mine (15min+ old) could still send messages but did not receive messages anymore. I think I need to check subscription states regularly and reconnect if they are closed.