One thing I’m worried about though is the metadata leakage from NIP-04 events. I know there have been some proposals on how to handle that but I don’t think there is any fix for it yet?
Discussion
I like the not perfect but easy fix of only returning dms for the dm participants via signed authentication. But yeah still needs to be implemented.
IMO from a privacy standpoint it's probably better using nostr only for public communication. If someone wants to carry about a truly private conversation I'd rather use an encrypted DM to set up an actual peer to peer channel that isn't broadcast to the world and use that instead. No point storing the events for everyone else to see even if they can't decrypt them.
nah I still want a signal replacement on an open protocol. nostr having this would be huge.
The reason why signal is so popular is easy and reliable asynchronous comms. I don't believe you can achieve this with a p2p stack. At least with a signal-level ux.
Could it be part of the protocol that relays only send encrypted messages if they know the person receiving is the intended recipient? In that sense the relay is behaving more like a private server and should solve any privacy concerns.