Replying to Avatar Mazin

I’ll preface by saying there is work on a new DM NIP I believe that tries to address the metadata to begin with. This is a better solution as it prevents the relay operator from snooping as well.

NIP-42 is an auth message from the relay to the client that can occur at anytime during the websocket connection. For DMs, it would work like this:

- You (via your client) make a REQ for kind 4 events (DMs) for your pubkey

- The relay sends back an AUTH challenge

- You sign the auth challenge and send it back to the relay who validates that you are the one requesting your own DMs.

If you signed the auth message with a different pubkey than you requested DMs for, the relay would reject your AUTH.
69
Account deleted 2y ago

Danghiu! (Italian for thank you)

Reply to this note

Please Login to reply.

Discussion

No replies yet.