Nostr Web Client

I think that is true. I'd be in favor of encrypting petnames so they are still sharable between clients.

If petnames are part of the kind 3 data that clients store publicly on relays then encrypting them would be critical to avoid inadvertent doxxing.

Let's say I have a friend who has a pubkey they share with me that they want to use anonymously. I follow that pubkey and give it a petname. Then I intentionally (with some clients) or unintentionally (with other clients) save my kind 3 follow list to my write relays.

For that matter, maybe it would be better by default to use kind 30000 (from NIP 51) for saving contact lists to relays for client interoperability and then let kind 3's only be for intentionally saving public lists of people for other purposes.

Reply to this note

Please Login to reply.

Discussion

fiatjaf 2y ago

You have a point.

balas 2y ago

any address already on your kind3 is public, and they probably have a name setup in kind0. if I assign the petname "fiatjaf", i'm not doxxing anything. if the contact is supposed to be private, it shouldn't be in kind3 to begin with..

pjv 2y ago

I either don't understand what you're saying or you missed my point.

If my friend bob creates a pubkey to be used to post stuff anonymously but because we're friends, he tells me that pubkey is his. Since he's using that pubkey to post anonymously, he's not going to put "bob" in his kind0. And whatever he may have in his kind0, if I petname that pubkey "bob" so I can remember it's him and then my kind3 list goes up to relays, i just doxxed bob.

I know not to do that. You may know not to do that. I'm not bringing this up for you and me.

balas 2y ago

If you know it's real name, you should not write it anywhere, even encrypted or whatever because clients can get access to unencrypted data when you use them. It's up to you not to doxx your friend, just like you wouldn't reply to a kind 1 post of is with "hi bob!". My point was, anyone with access to sensitive information should not put it online on a social protocol, or at the very least, not on a public list like you said. This doesn't mean petnames shouldn't be used on public lists. Also you could just make a up a petname that you can recognize without explicitly doxxing him.