Halp me understand double ratchet. What's the advantage over just periodically generating new keys and doing DH between them? Would be fairly simple to do on Nostr. Even if your main private key was stolen, your message history would be safe.
In addition to DH keys, double ratchet also has individual "message keys" and "sending/receiving chain keys". In what real-life scenario would they be compromised without also compromising all past messages on device?
https://signal.org/docs/specifications/doubleratchet/
For the latter: if you delete your chat history, but your messages were incepted in flight, you want to ensure the keys that are still on your can't decrypt them.
Not sure about the first question.
In general it's better to stick to a well studied protocol than to make ad hoc adjustments to it.
cc nostr:npub1vadcfln4ugt2h9ruwsuwu5vu5am4xaka7pw6m7axy79aqyhp6u5q9knuu7
Definitely not my area but after a bit of reading it seems like this blog post does a really good job of explaining the pretty complex reasoning behind the double ratchet (used to be 'axolotl') setup:
https://signal.org/blog/advanced-ratcheting/
It seems like they're trying to address the difficulties of *asynchronous* messaging (users often offline for a while), as well as both forward and 'backwards' secrecy.
