Replying to Avatar fiatjaf

So I keep seeing suggestions from people on how NIP-04 is bad and how to fix it by tweaking small things. Why wouldn't it be better to copy the Signal protocol though?
Avatar
Code & Psychology ⚡️ 2y ago

I am also thinking about the same! Why to reinvent the wheel?

What is not ideal in signal?

* you need a phone number

* you can't use any server

* might not be fully non-trusting for servers

* Might leak some meta, but I saw even ideas to circumvent that, so maybe this is not the case anymore.

The last point I am still checking, so don't take it as granted.

But otherwise it is

* end-to-end encrypted

* has forward secrecy

* uses ways to mitigate the risks of a key compromise

I think first point is easy.

The second and third point relates, which is the hardest part.

Also hard to keep the motivation of relays to support fully encrypted no-meta leaking messages

Reply to this note

Please Login to reply.

Discussion

No replies yet.