Audits of the new NIP-44 encryption for DMs are up: "The fact that Cure53 was not able to identify any exploitable vulnerabilities can be
interpreted as a positive sign in regard to the security of the NIP44 specification and
implementations. "
But they did offer suggestions to harden the security that will be implemented soon and warned against naive implementations of secp256k1. 🚀
For those who want to read more: https://cure53.de/audit-report_nip44-implementations.pdf
A significant milestone achievement. 🚀
Great to hear!
Probably the most important day of my life
fantastic!
Glad to see this but is it still possible to leak metadata or has that been addressed?
The holy grail is obfuscation of source destination and content. Is there a path for that?
Yep, that has been addressed. There is a key alias design that you can rotate pubkeys to receive DMs. I dont think anyone has coded that yet and it might not be needed since people cant even see the date/time of the message. It could be old, random noise
Congrats nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z and nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn for all the hard work you’ve put in so far 👏
Almost there!
