Replying to Avatar Gustavo

I don’t know much about cryptography, but there’s probably a way to craft an arbitrarily weak private key that wouldn’t take much effort to break. This key could then be used to sign “ephemeral events.” If we want to mimic an ephemeral message lasting X seconds, the ephemeral key should have a corresponding level of difficulty to break within X seconds (not necessarily linear; this is just a simplistic example). If the message should "last" 10X seconds, the ephemeral private key should be 10X weaker, and so on.

In many cases, denying authorship is more critical than simply deleting an event.

The good thing about this approach is that, after sending an ephemeral message (that may have a timestamp), as time passes, it becomes increasingly harder to assert with confidence that I was the original author.

cc: nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqppemhxue69uhkummn9ekx7mp0qythwumn8ghj7anfw3hhytnwdaehgu339e3k7mf0qyghwumn8ghj7mn0wd68ytnhd9hx2tch2deau

Avatar
Peter Todd 1y ago

That's a good idea. But OpenTimestamps ruins it.

Reply to this note

Please Login to reply.

Discussion

Avatar
Brunswick 1y ago

A lightning payment or p2pk cashu token behind proof of work is an interesting concept that could provide an incentive to "expire" a message

Avatar
Gustavo 1y ago

It doesn’t need to be timestamped

Avatar
Gustavo 1y ago

The other day I was reading about ring signatures. I don’t know if they work for Nostr private keys, but if they do, we can use two private keys—the sender’s and a random one—in a ring signature. Then we can reveal an arbitrary part of the random private key in the “ephemeral message” so we can control how difficult it is to guess it.

Avatar
Peter Todd 1y ago

The thing with time-stamping is you can't prevent someone else from time-stamping your data. If someone can prove that the signature existed prior to when someone else could have cracked the key, that's evidence that the signature wasn't faked.

Avatar
Gustavo 1y ago

You guys are much smarter than I am, but this was my best effort to express what I’d like to see in Nostr.

https://github.com/nostr-protocol/nips/pull/1595

cc: nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s (that will probably my first and only NIP, I promise)