Why can't we just use Signal or Telegram or something else for DMs? At least for the next 5 years.
Discussion
Thoughts on SimpleX?
I tried to make a NIP a long time ago. There is a very real argument to make that private messages don’t work or scale on a public messaging protocol.
I think that is reasonable, and we should simply advertise our "Signal or Telegram" or whatever address in our metadata.
That's a great idea. How would I do this?
Add it to your metadata. Mine says "telegram: https://t.me/mikedilger"
If your nostr client doesn't let you add freeform custom fields to your metadata, seek out a client that does.
How would you do that without broadcasting yer phone#
Is that the only way you can find someone on those other apps? If so, that's a flaw in those apps.
Eventually the Matrix Protocol phopea will subside and Nostr clients will implement Matrix rooms. All Signal's privacy, with no phone numbers or centralized server.
This wouldn't be bad.
Does matrix privacy actually compare to Signal? From what I remember there was a lot of metadata leak in matrix...
Yeah it’d be terrible until P2P Matrix is done https://arewep2pyet.com/
Almost all of the metadata leak is in the centralized identity server, I am proposing using no identity server at all and relying on public keys ans local contact lists.
Also, there is no alternative, Signal is not an open protocol or a federated network that you can integrate in Nostr clients, it is either Matrix or reinvent your own.
The current metadata leaks in Matrix are due to an architecture that makes every participants’ homeserver store events that reveal chat participants.
If you are concerned about metadata, run your own server, p2p won't help you here because simply put: you still need a hosted highly available homeserver, otherwise the UX and reliability will be unacceptable to most people.
Anyways, this is overstated and exaggerated a lot, people leak metadata to their ISP and their favorite cafe's wifi router all the time.
If anything that can be done it will be added to Matrix, in the meantime, it is the best there is.
All the chat participants should also have their own homeservers, which would be P2P.
Regarding UX, I believe onion-routed store-and-forward is in the works.
I am all for client side embedded servers/nodes, but you didn't solve much if you still need a store and forward server.
The only difference here is then, users will be custodial of the signing keys instead of the server offering availability. Is that a good thing? Depends, it comes with its pains.
Regardless, metada will still leak, that's the nature of relaying data in a performant way, as in non-onion-routing
IM metadata hasn’t been leaked to network operators ever since the wide adoption of HTTPS.
Sir routers can see what IPs you are visiting, regardless of Https, so unless you are using Tor you are leaking metadata, even a VPN is just changing who you are leaking to.
If you make VoIP chat using webrtc you are leaking your IP to your contact, even in Signal, hell, you are leaking your IP to signal server all the time, it is all tradeoffs.
There is no such thing as perfect privacy.
But why can’t we just put our #[2] link in our profiles and chat that way? Just need to figure out a way to sign / verify some kind of proof you’re a specific npub you claim to be when chatting
I suggested this a week ago! Vitor shot me down.
nostr:note1jqqj82agwsc7v9gvrf6kmuxcyr5974h3nj73xum4qnmjmrw40cqs7y0p56
I like DMs… one great use case is bots for reminders and other things. And being able to copy paste content in the same app is awesome.
Problems are:
* Identity: We need to make it easy to find the right fiatjaf on that other chat app
* Privacy: Many chat apps require phone number
* Inertia: nip04 is expected to be a way to chat with people, so people default to it. You would have to run a reply-bot to push people to whatever other channel you prefer and you have to get all clients on board to retire nip04. I know you try but it's impossible. Even you as our CEO can't do that.
* Integration: I can beautifully mention nostr:npub1504jj42t6flu5l6n7e389e9mt8gxduhnzuyv7dq4gr95w20mmpqscx0cg0 in nip04 but not on Telegram
I think we would need first a plan and then a shame campaign to kill nip04 but I don't see what that plan could look like. It would have to be something better than nip04 and quite frankly I don't see Telegram and Signal as better. By knowing that who chats with whom when being public knowledge, people don't fall for the illusion of this being private as they do with TG and Signal, while there it's just some privileged people that still know all that meta data.
Of course, on nip04 I can also reference all other nostr resources in a decentralized way, without picking a client.
Signal has been my main messaging app for years. Open source, not for profit, and Moxie is a boss.
Are you sure ? Serious Q.
I used to think that too. (Open source and NFP).
But Not anymore. Pls can you check and inform me, if those 2 points are actually still true.
Keet?
i tried, they are all crap
i use nostr for dms mainly
Also if i could use those i wouldnt be here.
Dont give up on yourself.
for years i search for a good decentralized network.
I come here and dev tells me to use centralized walled gardens because they have no faith
fiatjaf jesus belive in what you made and dont throw it away
maybe bluesky is an option then, without faith no proyocoll succeeds
That moment if you research years,
finding a good social network
and one of the devs tells you to use propritary/centralized networks
i feel like shit now, thanks fiatjaf
I think fiatjaf either feels as if the current E2EE messaging NIP is insufficiently secure (which I wouldn't understand) or it just taking the Nostr DAU dropoff pretty hard.
The solution to the former isn't telling people to use centralized/compromised services, however.
😂
improved DMs would be great a feature better than what fedi and bsky got, could even make new user stay on nostr
instead of what?
Network effect explains most things...
have keysend built into Nostr - now there's a thought!
nostr:npub1sg6plzptd64u62a878hep2kev88swjh3tw00gjsfl8f237lmu63q0uf63m ? thought of this yet?
Both Telegram and Signal require mobile phone numbers for identity. Thanks but no, thanks.
Much better to use something like Matrix?
No man we need to hurry
is this something that cannot be built on top of Nostr in any reasonable way? or are you suggesting perhaps 5 years to structure it?
Element is a better idea.
Signal requires a telephone, not just a username.
Since people are taking issue with Telegram (no e2ee by default) and #Signal (requires phone numbers), let me suggest another alternative (besides #Matrix):
#SimpleX.
Requires no identifiers whatsoever. E2ee by default. Security audited. Reproducible build on #Fdroid.
Name is horrible and silly, I .
PGP encrypted E-mail works fine for private messaging.
Non of these alternatives do any better in terms of preserving privacy.
Jabber, man. Jabber.