pull down to refresh

It seems to me that nostr is not suitable for anonymous chats. There are already many other good solutions
Agreed. Better to not go down too far down the path. Terrible foundation for chat, espeically if something is intended to be "anonymous"
reply
I like the ease of use because it's just a key pair.
I don't know of any other service where you can simply generate a key pair and then send encrypted DMs to another key pair (which could also be generated on demand which I don't do here, to be fair).
Isn't that as anonymous as it can be on clearnet?
Or are you concerned because of the current state of NIP-04?
reply
ease of use
Like PGP? And some things are complicated for a reason. Simple doesn't mean you should use it.
concerned because of the current state of NIP-04
That's putting it lightly.
reply
No, PGP is hard to use right. (edit: Talking about usage over SMTP here)
I think you are talking more generally about using nostr for anonymous chats. Generally, I agree. Nostr is bad to stay anonymous.
However, I don't see how ephemeral key pairs as used here are not anonymous. I am talking about this specific use case where a random person just wants to contact you to exchange a few messages and then the key will never be used again.
Maybe I should be more clear: It's about the anonymity of the sender, I don't generate a new key pair for the recipient side (yet). So I am indeed not anonymous here.
reply
I guess I don't really get what's the point of the project then. I just see a QR code and a github repo that says "anonymouse chat!"
Not trying to dismiss it or discourage development, but I don't see the point nor understand the claims being made.
reply
Not trying to dismiss it or discourage development, but I don't see the point nor understand the claims being made.
No worries, it's still valuable feedback that the use case is not clear!
But does that mean that the mentioned use cases don't make sense to you?
  • put a QR code on your letter box so people at your door can reach you without any PII
  • put QR codes anywhere where people may want to open instant support chat sessions
  • put QR code at your website to let people chat with you
(just realized I forgot to add "even when you are not at home" in the first point)
However, big reasons were certainly just for fun and see how to build stuff on nostr.
I will print one QR code and put it on my letter box. Let's see if I ever get a message, haha
reply
From a technical standpoint I have no idea what it's doing or how it claims to be anonymous, so from my understandings of how broken nostr DM's are, I do not like it nor want to encourage anyone going down that path.
Which do you have in mind?
reply
As far as I remember, nostr now has metadata about who sent messages to whom and when. This is not enough for complete anonymity. Though I may not have gotten the point.)
reply
Yes, NIP-04 leaks metadata as it is. But since one key pair will never be reused (at least that's my intention), I thought this should still be "anonymous".
I could also create a new ephemeral key pair for the recipient side. Then I think metadata shouldn't matter.
But I could be wrong of course.
reply
This option can be useful for one-time short chats, but not for long-term communication.
reply
Yes, I agree. That's why it's called ephemeral: new key pairs are generated every time you reload the page.
reply
You didn't say which other solutions you were talking about. I would be interested in them.
reply
For example this: https://simplex.chat/
Not much harder to use, but more secure and much more anonymous. It doesn't even have a user ID.
reply
Oh, right, I think SimpleX was also mentioned in the discussions about how to improve NIP-04 but I didn't take a look at it yet. Thanks for reminding me!
This looks indeed really promising.
Maybe I can implement the protocol for my use case with QR codes.
Thanks again!
reply
You're welcome) On the other hand, I support the fact that people are trying to come up with different uses for nostres. This is a good warm-up for the brain, but before that it is better to check the existing options so as not to reinvent the wheel)
reply