NIP 44 and subsequent work on encrypted messages represent a major improvement over NIP 04, but are not anywhere near on par with simplex, signal, or MLS. If you want real privacy (foward/future secrecy), use those instead.
Discussion
No reason we cant extend nostr to be as good as signal.
but yes until then 🤗
That project is way above my pay grade, but I'd love to see it
Same 😅. I’ve been trying to study simplex to see if we can use some of the ideas on the nostr side, but alas, time.
Yes there is a reason and that is that the engineering prowess of the nostr dev community is, as far as I can see so far, not great.
There is an overall optimistic naiveté -- if not to say outright delusion -- as to how inherently difficult internet-scale distributed systems are.
The nostr dev community will hit a wall where suddenly things won't scale and then wonder how they got into this.
Your skill coding widgets into a app does not prepare you to architect distributed systems, that's on a totally different level.
Or this this guy here who took my totally absurd, facetious post about "trivial quantum computers" serious as if it had any merit. Oh dear.
nostr:note1jhmq45ztsqechdtrqgxdvl8y0datsp02h0l284dqurn9rf8usv0shqnnw7
This is a hilariously bad and short sighted generalization of an entire community. There are individuals here who are insanely good at what they do. Just look at doug hoyte and strfry for example. The community will get stronger when more people with specific expertise come on board.
Presumably that'd be nostr:npub1yxprsscnjw2e6myxz73mmzvnqw5kvzd5ffjya9ecjypc5l0gvgksh8qud4 ? Will follow.
"merkle-tree based set reconciliation" sounds promising ❤️❤️
I wonder if nostr:npub1g7lqk25fl24xd0zh7hr8jgp5smdy2eszjh9nmv7z7w85h6xcs9hq4u8yd9's idea of a good developer is one whose ideological extremism matches nostr:npub1g7lqk25fl24xd0zh7hr8jgp5smdy2eszjh9nmv7z7w85h6xcs9hq4u8yd9s?
Perhaps one which supports fiat only as is stated in their non-descript fake looking profile?
mute incoming.
Between nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s , nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn , nostr:npub1m8ku9p5y3wxkrzep3mkfh2rng3km65c6et65cf09pjc6yjz3a58s9qeuuj , nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z , and nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 alone, the dev brainpower in nostr is significant. Not to mention the hundreds of talented devs like nostr:npub10000000thpep7auj058803nqtymqlf3rw87lzhe6mkfeywnpxg5sjw7nql that roam the relays of nostr.
Carry on.
Disagree. The new one is definatelly better than signal, on par with SimpleX and worse than MLS for large groups. Signal is a centralized metadata-leaking mess.
Yeah. Not everything has to be on Nostr or at least not today. I support integration with nostr or more importantly having options.
Forward secrecy requires every message to be encrypted under a different key that is not derivable from long term secrets, which probably means they have to be randomly generated and both parties probably need to remember those keys somehow, forever, in order to read old messages. We might need a new event kind that stores all those keys encrypted under your own key.
But if people must be able to read their old messages, than compromise of a person's nostr key compromises all of their past communications with everybody, and all of those everybodys should be concerned about that (your secret message exposed because someone else was careless), and forward secrecy won't help.
#m=image%2Fjpeg&dim=972x357&blurhash=QBB%3AgK4o00%3FH%7EqE1Di%3FH_3-%3BRjRPNI%5E%2BRi9F-%3B%25g%25MR*IUxubHWBjYogkB&x=72923f47e92ff9d83a93a299a3f1f220aa856d4cfeb4f34ca8fdbd3befcfdc06
SimpleX is safe? Are you sure? I've heard that it is "trivially decryptable by quantum computers" according to leading nostr experts.
nostr:note19nmkudqsg7cx3z8uh99cgqzytzwskjam45z683rmarfu9pf370lswxlk2t
I don't know about that, but the architecture is much better for avoiding metadata leakage
OK👌