Replying to Avatar Comte de Sats Germain

I thought I was the cause of that other note... I know, I understand very little. Just curious.
Avatar
Comte de Sats Germain 1y ago

I have another idea. I know its retarded, but you can tell me how.

You could split the encrypting and decrypting a different way - like folding paper hamburger style instead of hotdog. Instead of having a program with a module that does all of the process of decrypting, the receiving program only knows how to handle keys. The message itself contains the code to read the message. Meaning, the algorithm used is kept a secret, like the private key, but of course private keys don't go in messages. By doing that, the message, while encrypted, is also a binary that executes itself on whatever machine received it, and it just does one thing : deletes itself on a timer. Or, slightly better, the message contains an incomplete binary and the receiving program does some variation of concatenation to complete it in a predictable way. But the key thing that made me think this is, encryption is pointless unless the sender can be confident that the message was deleted - hence, turning the message into an executable that deletes itself.

I can think of two flaws already, but I also can think of solutions to those flaws - I just am nervous about my novice level computer lingo. So I'll just see what you say.

Reply to this note

Please Login to reply.

Discussion

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

that is a long way of saying "move the decryption into the signer" and make the signer the message viewer

i think that's possible but the idea that clients are spying on you to that level where the previous situation was the clients were entrusted with the key to do all that autonomously...

there is a big difference between unlocking your entire inbox forever, and granting access to read TO SHOW you your messages

the phobia i seem to be facing is that... now that most clients use detached signers, they are afraid that their apps are handling more secrets that you wrap in the encryption

it's silly, they just seem to be trying to unconsciously argue for them to not do a small bit of extra work - ie, make DMs work reliably

nostr:nprofile1qyw8wumn8ghj76r0v3kxymmy9e3k7unpvdkx2tn5dahkcue0qy88wumn8ghj7mn0wvhxcmmv9uq32amnwvaz7tmjv4kxz7fwv3sk6atn9e5k7tcpzamhxue69uhhyetvv9ujumn0wd68ytnzv9hxgtcpz4mhxue69uhkg6t5w3hjuur4vghhyetvv9usz9mhwden5te0v96xcctn9ehx7um5wghxcctwvshszgrhwden5te0v9cxcctrv45kuargv4eh2m3wdehhxarjxyhxxmmd9uq3kamnwvaz7tmxv4jkguewdehhxarj9e3xzmny9a6x7mneqyshwumn8ghj7en9v4j8xtnwdaehgu3wvfskuep0w3uhqetnvdexjur5qqsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgs4gzkmk and his #coracle (and i think his other apps use this stuff too) are the only clients aside from blowater's 0xtr messenger are the only nostr apps that are even trying

nostr:nprofile1qyv8wumn8ghj7enfd36x2u3wdehhxarj9emkjmn99uq3zamnwvaz7tmwdaehgu3wwa5kuef0qythwumn8ghj76twvfhhstnwdaehgu3wwa5kuef0qyv8wumn8ghj7cm9d3kxzu3wdehhxarj9emkjmn99uq3samnwvaz7tmrwfjkzarj9ehx7um5wgh8w6twv5hsz9nhwden5te0v96hg6pwdehhxarjxyhxxmmd9uq3wamnwvaz7tmjv4kxz7fwdehhxarj9e3xzmny9uq3camnwvaz7tmrdpexjum5wp5kcmpwdehhxarjxyhxxmmd9uqzq0vy9tlv6h3f8u5tvcnexdcy50acec2n42ga0y9tz8m2w5k5ffpd4fh76v from nostr.wine has basically given up on trying to get sanity around auth and DMs, most clients now finally support DMs... two years later, i don't think the client devs really understand how fucking retarded they have been the whole time about this, acting like implementing these features was undermining the protocol, when in fact, not implementing them is undermining the viability of the protocol

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

gah, i get things backwards all the time (imagine how it is when i'm coding lol)

most clients now support auth

meanwhile nostr:nprofile1qyv8wumn8ghj7enfd36x2u3wdehhxarj9emkjmn99uq3wamnwvaz7tmfde3x77pwdehhxarj9emkjmn99uq3samnwvaz7tmrv4kxcctj9ehx7um5wgh8w6twv5hszythwden5te0dehhxarj9emkjmn99uq3samnwvaz7tmrwfjkzarj9ehx7um5wgh8w6twv5hsz8mhwden5te0vfhhxarj9ekxjemgw3hxjmn8wdcx7un99e3k7mf0qy2hwumn8ghj7er9wd3ksmm0d35kueeww4ej7qgwwaehxw309askgun99eeh2tcpr9mhxue69uhkvet9v3ejumn0wd68ytnzv9hxgtmjw5qzq0vy9tlv6h3f8u5tvcnexdcy50acec2n42ga0y9tz8m2w5k5ffpdprlx2x and nostr:nprofile1qyghwumn8ghj7mn0wd68ytnvv9hxgtcpzemhxue69uhks6tnwshxummnw3ezumrpdejz7qgewaehxw309aex2mrp0yhxummnwa5x2un99e3k7mf0qy88wumn8ghj7mn0wvhxcmmv9uq32amnwvaz7tmjv4kxz7fwv3sk6atn9e5k7tcpzamhxue69uhhyetvv9ujumn0wd68ytnzv9hxgtcprpmhxue69uhkv6tvw3jhytnwdaehgu3wwa5kuef0qyghwumn8ghj7vf5xqhxvdm69e5k7tcpzamhxue69uhky6t5vdhkjmn9wgh8xmmrd9skctcqypftfgrkhjammsap4marwdvpdnm5nya3hrdjq2cpezputzl8ltvt6arddjr have struggled to run paid relays for over a year, because without auth it's almost impossible to practically get people to pay for relay service

and adjunct to that, Mazin most notably has been trying to pionere the use of automated messages from his relay service relating to subscriptions... i have done a little work with writing nostr chatbots, and its doable, but client support is pretty unreliable ,and like nostr:nprofile1qyghwumn8ghj7mn0wd68ytnhd9hx2tcpzfmhxue69uhkummnw3eryvfwvdhk6tcppemhxue69uhkummn9ekx7mp0qyfhwumn8ghj7am0wsh82arcduhx7mn99uq3vamnwvaz7tmzv4mx7tnwdaehgu339e3k7mf0qydhwumn8ghj7argv4nx7un9wd6zumn0wd68yvfwvdhk6tcpz9mhxue69uhnzdps9enrw73wd9hj7qgcwaehxw309ashgtnwdaehgunhdaexkuewvdhk6tcpz4mhxue69uhkgetnvd5x7mmvd9hxwtn4wvhsqgrucv52prwm9t7ln7d7w7l07nyrfz0lj7tjrqnav299gtej5frupczltv89 says, who is also another relay service entrepreneur, it's really hard to get messages out to people over nostr

Avatar
Comte de Sats Germain 1y ago

Everything I was about to write... you've probably already thought of... Well anyways, thanks for your work on relays. All of y'all.

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

yeah, too much thinking

Avatar
Comte de Sats Germain 1y ago

Remember that idea I wrote earlier today? That was fucking retarded. Cntrl + c exists.

Wow. I'm on a roll.

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

you can't have many well trodden paths in your mind without having stupid quite often... you have to walk out to that dead end a few times to realise "oh yeah, this place, let's not go here again"

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

i want to say also, this urge to find solutions is the root of what makes a person decide to become a programmer... it seems obvious to me you have the bug in you so maybe have a go at writing some simple things that solve simple problems you see that nobody else has done... that's how it starts, and then after that, you will be addicted