Nostr Web Client

To clarify why many people give me Session as an example as an alternative to Signal, let's take a look at the differences between SimpleX and Session.

Session:

- network of federated servers supported by a shitcoin, will not be viable over time and will lose its incentives because like all shitcoin its value tends to 0.

-Not everyone can set up a server due to its cost.

- It has no encrypted calls or video calls, at least in production.

- It works very poorly.

- they keep an id of users susceptible to be tracked.

SimpleX:

- There is no server network as such, it is like the email protocol, everyone can have their server at a ridiculous cost, the servers only have to comply with the protocol so that clients can send messages through them.

- It has encrypted calls and video calls and it works.

- There is no id with which users can be linked or traced.

- The servers know absolutely nothing about the users, and with whom they communicate, since different routes are used for sending and receiving.

The SimpleX architecture is unique and superior to what has been done so far in private messaging.

Reply to this note

Please Login to reply.

Discussion

closed 2y ago

Tô usando e gostando muito do SimpleX

SovereigntyQuest 2y ago

The only problem I have with SimpleX is persuading friends/family to use it. I love the enhanced privacy options on SimpleX. Voice calls can sometimes be a bit laggy.

mrclownworld 2y ago

Simplex seems like the template for improved DMs in Nostr?

Ominous 2y ago

Try keet. There are no severs. No middle man to relay anything . Voice, video and chat. It is encrypted and has bitcoin integration. Works similar to bittorrent to keep things peer to peer.

Cyph3rp9nk 2y ago

SimpleX is built to solve keet's privacy issues among others.

Keet is not a good solution.

Ominous 2y ago

Thanks ill check into it. What are the privacy issues? Honest question, there is probably something I'm just not seeing or not don't quite have the knowledge to see outright.

78e47dfe... 2y ago

What privacy issues?

Cyph3rp9nk 2y ago

In keet it is very easy to find out the user's ip since it is p2p along with his fixed id with which you could create a communication graph, keet is very bad in terms of privacy.

On the other hand I attach the official documentation of SimpleX comparing it with p2p clients.

Comparison with P2P messaging protocols

There are several P2P chat/messaging protocols and implementations that aim to solve privacy and centralisation problem, but they have their own set of problems that makes them less reliable than the proposed design, more complex to implement and analyse and more vulnerable to attacks.

P2P networks use some variant of DHT to route messages/requests through the network. DHT implementations have complex designs that have to balance reliability, delivery guarantee and latency. The proposed design has both better delivery guarantees and lower latency (the message is passed multiple times in parallel, through one node each time, using servers chosen by the recipient, while in P2P networks the message is passed through O(log N) nodes sequentially, using nodes chosen by the algorithm).

The proposed design, unlike most P2P networks, has no global user identifiers of any kind, even temporary.

P2P itself does not solve MITM attack problem, and most existing solutions do not use out-of-band messages for the initial key exchange. The proposed design uses out-of-band messages or, in some cases, pre-existing secure and trusted connections for the initial key exchange.

P2P implementations can be blocked by some Internet providers (like BitTorrent). The proposed design is transport agnostic - it can work over standard web protocols, and the servers can be deployed on the same domains as the websites.

All known P2P networks are likely to be vulnerable to Sybil attack, because each node is discoverable, and the network operates as a whole. Known measures to reduce the probability of the Sybil attack either require a centralized component or expensive proof of work. The proposed design, on the opposite, has no server discoverability - servers are not connected, not known to each other and to all clients. The SimpleX network is fragmented and operates as multiple isolated connections. It makes network-wide attacks on SimpleX network impossible - even if some servers are compromised, other parts of the network can operate normally, and affected clients can switch to using other servers without losing contacts or messages.

P2P networks are likely to be vulnerable to DRDoS attack. In the proposed design clients only relay traffic from known trusted connection and cannot be used to reflect and amplify the traffic in the whole network.

Cyph3rp9nk 2y ago

#[4]

Ominous 2y ago

That makes more sense to me now. Thanks for taking the time to write such a detailed response! I was under the impression that it solved many of those issues but seem to be wrong. I like the idea of an agnostic protocol over a P2P solution in the long term, I also don't like that keet and holepunch are not open source...