Nostr Web Client

I don't want to be rude but if you send me a DM that is not giftwrapped, I'm probably not going to answer. Please use a nostr client that supports giftwraps (Amethyst, 0xChat, ...) or use Matrix to reach me (contact in bio).

If you don't use giftwraps, everyone can see that you've messaged me. Some bored weirdo is going to look at our metadata and post it publicly as a display of their genius. It happened in the past. I wish I could prevent people from sending me DMs here in the first place.

Please be aware of this and don't use normal nostr DMs to improve your own privacy and the privacy of your peers.

Stay nutty 🫡

Reply to this note

Please Login to reply.

Discussion

ABH3PO 1y ago

Clients should just deprecate nip4 DMs, and default inbox relays should be a thing forbetterr onboarding

il_lost_ 1y ago

the thing is, you can't just deprecate it for dm's and use it for other things https://github.com/nostr-protocol/nips/pull/1248

ABH3PO 1y ago

Why can't we? People can do whatever they want, but DMs need to not have leaks, so its in the best interest of the clients to remove it from DMs at least. Everything else can follow.

Maya♨️🫚🥥 1y ago

I don’t understand on primal, I got some, even I never dm someone

JimD 1y ago

Does Damus support "giftwrapping?" If so, where is it in the UI?

Sjors Provoost 1y ago

nostr:npub18m76awca3y37hkvuneavuw6pjj4525fw90necxmadrvjg0sdy6qsngq955 wen?

MF_HODL 1y ago

YES

#YESTR

boston wine 1y ago

Hey nostr:npub1zafcms4xya5ap9zr7xxr0jlrtrattwlesytn2s42030lzu0dwlzqpd26k5 is this a thing/on the roadmap?

semisol 1y ago

giftwraps are a fucked standard

jb55 1y ago

worse is better I guess? they are not ideal but it works.

semisol 1y ago

all it protects is from metadata leaks, I would rather have metadata leaking forward secrecy

boston wine 1y ago

Do you mean that gift wraps break forward secrecy?

semisol 1y ago

they have none which is a bigger deal than metadata leaks

jb55 1y ago

This is somewhat technical and might be tricky to wrap a noggin around.

to get metadata privacy with giftwraps you make a fairly large tradeoff: you have to give up filting at the protocol level. you have to accept unmarked envelopes from anywhere. this can easily be abused and spammed, you have to unwrap the note to see who its from which has computational costs. so you could in theory DoS someone with lots of giftwraps and theres no way around that.

I believe semisol is saying that he would rather not make this tradeoff and just focus on tech that gives forward secrecy if he had to make the choice (correct me if I'm wrong)

They aren't mutually exclusive though, there are things like semisol channels where you could have fairly good metadata hiding and forward secrecy, but its a 1-to-1 thing instead of from anyone.

semisol 1y ago

that’s one half of my point, yes

my other point is a solution offering forward secrecy only is preferable to metadata privacy only

semisol 1y ago

Gift wraps also lack plausible deniability

atyh 1y ago

boston wine 1y ago

Noggin wrapped. Thanks Will

elsat 1y ago

nostr:note13vy95fl9akgukyv4lrazzwr9vnp2ycy0d0nxzg2rjg8uafq9fk8qfz7dx2

elsat 1y ago

Short answer is yes. The challenge is extremely limited resources.

Gzuuus 1y ago

Unfortunately now days nip04 is the only reliable way you can ensure a person is going to receive your dm in their nostr app... nip17 needs a bit of more adoption

eto 1y ago

will primal have giftwraps ??

Pegah 1y ago

What's your opinion about Simplex?

calle 1y ago

I like nostr:nprofile1qqsth7fr42fyvpjl3rzqclvm7cwves8l8l8lqedgevhlfnamvgyg78spz3mhxue69uhhyetvv9ujuerpd46hxtnfduq3qamnwvaz7tmwdaehgu3wwa5kuegpz4mhxue69uhk2er9dchxummnw3ezumrpdejqj9swg4 more

High Heel King 1y ago

Yes 🫡

sommerfeld 1y ago

Only Matrix manages to leak almost as much metadata as NIP04 DMs 😂

calle 1y ago

Can you tell who I'm chatting with? Post below 👇

sommerfeld 1y ago

I can't. Thank god I'm the only one you need to worry about 🙈

calle 1y ago

So you're just making unfounded claims, gotcha.

tank 1y ago

Also assume your nostr DMs to be public one day when one of the two parties’ nsec is compromised, due to lack of forward secrecy.

stl1988 1y ago

I have Amethyst, but I can't find the functionality for gift wraps or NIP-17. It always sends NIP-04 messages. I know Amethyst is supposed to have NIP-17. nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qgwwaehxw309ahx7uewd3hkctcscpyug

ABH3PO 1y ago

You need to set your inbox relays, the nip17 messages are the incognito icon on the messages. If that is on it means the messages are private (as long as both parties don't have compromised keys of course). Amethyst does a backwards compatibility thing where it combines nip04 and nip17 messages with the same participants, which makes it a little confusing for someone wanting to start out, but I think its a good compromise since a lot of people simply don't care.

ScarcityFightClub 1y ago

Thank you

calle 1y ago

Click the little spy icon in the DM text box to use giftwraps. I just sent you a DM

0xtr 1y ago

Which #Matrix client are you using? And why Matrix over SimpleX?

calle 1y ago

I use Element. Simplex is way too clunky for me as a daily driver, too many missing features when I tried, notifications rarely work etc.

I'm trying to replace Telegram as the main chat for Bitcoin dev as much as I can. Matrix has a mature ecosystem and is used by many, can be self-hosted. It's great.

0xtr 1y ago

Yeah, SimpleX definitely has it's UX issues

brito 1y ago

Just support 0xChat.

That is the way to improve it.

VictorieeMan 1y ago

Could we petition nostr:nprofile1qqsraldwhvwcjgltmxwfu7kw8dqef2692yhzheuurd7k3kfy8cxjdqgpz3mhxue69uhhyetvv9ujuerpd46hxtnfduq3samnwvaz7tmhv4kxxmmdv5hxummnw3ezuamfdejsz9thwden5te0v4jx2m3wdehhxarj9ekxzmnype9f6h to implement giftwrapped messages?It would build a solid android/iOS bridge of communication :)

jb55 1y ago

a petition wouldn't really make it go faster. it's really a manpower issue. I'm busy with notedeck and daniel is working on push notifications, lists, etc.

VictorieeMan 1y ago

Well, keep up the good work :) Things take their time, it would just be nice that's all. Looking forward to it

Kay🔆 1y ago

So, simply using 0xChat does the thing or do I need to do anything else?

bullishNuts 1y ago

Yes, gift-wrapped DMs is the default in nostr:npub1tm99pgz2lth724jeld6gzz6zv48zy6xp4n9xu5uqrwvx9km54qaqkkxn72

Moos 1y ago

nprofile1qyw8wumn8ghj7mn0wd68ytfsxyh8jcttd95x7mnwv5hxxmmdqyw8wumn8ghj7mn0wd68ytfsxgh8jcttd95x7mnwv5hxxmmdqy08wumn8ghj7mn0wd68ytfsxvhxgmmjv9nxzcm5dae8jtn0wfnsz9rhwden5te0wfjkccte9ejxzmt4wvhxjmcpremhxue69uhkummnw3ez6vpj9ejx7unpveskxar0wfujummjvuqzqgycd7urua6ajmgc3jjunhcseekkz0swkljhdzs0pvftxlx6cgdnrd80dp Yakihonne support both encryptions ways (legacy and giftwraps) you should check it out, mobile and web app

REDKAZ⚡️| YakiHonne 1y ago

K100

Tim Bouma 1y ago

NIP-17?

Crash Test Dummy 1y ago

How do you tell if it is giftwrapped before viewing it?

Huw 1y ago

nostr:npub1j0ht2m9jgs6mccyvkffd2dlnfusmqfx9mjlwg6fsmfwxm9rfuwdq40w6rf

njelsalvador 1y ago

I didn’t know this was a thing. Interesting points to consider.

Thoughts on SimpleX chat? I found Matrix a lot of work.

brito 1y ago

Simplex is a good telegram replacement. However, it is not comparable to the power of using nostr.

Whereas with SimpleX you either use their default server or have the effort to setup a specific server, with 0xChat you use any nostr server and exist hundreds to chose from.

njelsalvador 1y ago

Thank you for this response. I will lean into learning 0xChat

brito 1y ago

The more people using nostr and 0xChat, the better.