So do us library devs stop building till y'all figure this DM encryption thing out lmao. I'm never going to have working DMs :(
E2EE DMs are coming to Nostr 🔒
After being nerd sniped by hearing nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 mention OTR for the millionth time on the Bitcoin Review podcast, I spent the last few weeks digging into OTR, the Signal protocol, and a grab-bag of other cryptography.
The end result is that I (am pretty sure at least) that I found a way to do E2EE (end-to-end encrypted) DMs on Nostr in a way that is both forward and post-compromise secure AND doesn't require any centralized servers.
Demo video: https://share.cleanshot.com/nMKk6cn0
Live demo app: https://drdm-demo.vercel.app
And finally, the NIP (for those of you with bikes in need of a shed): https://github.com/nostr-protocol/nips/pull/1206
Huge thanks to nostr:npub1klkk3vrzme455yh9rl2jshq7rc8dpegj3ndf82c3ks2sk40dxt7qulx3vt and nostr:npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft for the chats while I worked out the details.
Discussion
😬 Sorry. But we need solid DMs. None of your work will be wasted. The new nip requires 44 and 59 to function.
Your research is appreciated, just poking fun! That's actually very encouraging to hear, it's more difficult than you think finding working cryptography primitive libraries with stable ABIs without writing sha256 all over again.