Replying to Avatar semisol

Channels cannot be correlated to users unless:

- you leak via IP

- you leak via activity times

Both of which apply to all schemes.

This is only for obscuring who a user has communicated with at all: if an app establishes channels only when DMing, you only leak A has initiated a channel with B, but adding noise reduces this risk.
Avatar
JeffG 1y ago

Ok. I think I get it now. I’ll try and play with it tomorrow.

Reply to this note

Please Login to reply.

Discussion

Avatar
semisol 1y ago

I’ll be doing some revisions to the spec today for fixing some flaws.

Avatar
semisol 1y ago

Most importantly, an attacker can request re-Initialization of the channel while only having the channel state, allowing them to pretend to be the public key way after the channel gets cut.

I’ll also be introducing a control command to stop using a channel.