Replying to Account deleted

Could you expand on controlling DM leaks (I do not speak code). I remember reading about the metadata leaks, how does this NIP address that?
Avatar
Mazin 2y ago

I’ll preface by saying there is work on a new DM NIP I believe that tries to address the metadata to begin with. This is a better solution as it prevents the relay operator from snooping as well.

NIP-42 is an auth message from the relay to the client that can occur at anytime during the websocket connection. For DMs, it would work like this:

- You (via your client) make a REQ for kind 4 events (DMs) for your pubkey

- The relay sends back an AUTH challenge

- You sign the auth challenge and send it back to the relay who validates that you are the one requesting your own DMs.

If you signed the auth message with a different pubkey than you requested DMs for, the relay would reject your AUTH.

Reply to this note

Please Login to reply.

Discussion

69
Account deleted 2y ago

Danghiu! (Italian for thank you)