How different is the giftwrap time ?
Discussion
It's currently randomized to up to 2 days in the past to avoid time collision attacks. We can reduce that period as the GiftWrap annonimity set increases.
But the real answer is negentropy or the time-based sync protocols. We have to get that going as well.
How can you do time based sync when you randomize the created_at ? Unless you pull everything with a 2 day granularity
Also sending giftwraps over AUTHd connections would be a tracking concern
yep, Clients should not auth when sending wraps. The signature comes from a random key anyway, there is nothing the AUTH will do for the connecting client.
Client asks 1 hash for everything, if it is the same, stop.
Client asks for 1 hash per week, pick the week with missing events (likely the last one), ask for 2-day interval hashes.
You can start per month as well, dending on the system's confidence over it's up-to-date status.
Right now, I just re-download the past two days. There is not enough DMs to be a problem anyway.
yeah negentropy would be a killer app here 🤔
i guess spam is a huge problem, but you could still utilize gift wraps in an alternative scheme where you establish certain rendezvous keys that you query on? For example a rendezvous request that you accept and do a key exchange, and then that rendezvous key is added to your private contact list keychain that you accept giftwraps from? Maybe in a rotating fashion. nostr:npub12262qa4uhw7u8gdwlgmntqtv7aye8vdcmvszkqwgs0zchel6mz7s6cgrkj mentioned something like this but it may be different.
It's the same spam we see on NIP-04. Anyone that just send tons of messages from random keys. The only difference is that relays can't do anything about GiftWraps. It must be resolved at the Client level.
Someone sent a bunch of GiftWraps to me a few months ago. Amethyst just ignored them all, deleted the event contents but kept the ids to avoid downloading them again.
We tested key aliases to hide the main pubkey of the user from the p-tag. You could give an alias to your friends and just download those messages instead. Something like a priority inbox. You can even rotate that key periodically to improve privacy.
But client must login to the relay and it only send the events you own to client. Same as NIP-04.
How to alias a key to your pubkey the relay know and others don't know?
Yes, the client logs into the User's Private DM relays. Ideally, private DM relays auth and only send GiftWraps if the authed user is p-tagged.
The relay shouldn't know the alias to your key. You can auth with the alias key instead of the private key to download the GiftWraps to the alias key.
🤟 what a clever method.
Yes, we must query everything in the last two days everytime.