Replying to Avatar Immp

nostr:nprofile1qqsth7fr42fyvpjl3rzqclvm7cwves8l8l8lqedgevhlfnamvgyg78spz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszrnhwden5te0dehhxtnvdakz7qghwaehxw309aex2mrp0yhxummnw3ezucnpdejz7qnse3k Why does Keychat show up as "Weak encryption" when I receive NIP-17 messages via Amethyst? Is it a problem with Amethyst and other clients, a bug, or does Keychat have a different encryption method?

And is there a way to make this warning less "scary" lol, cool app, however
Avatar
Keychat 3w ago 💬 2

The encryption key in NIP-17 does not change, so NIP-17 messages also lack forward secrecy and backward secrecy. Once the private key is leaked, both historical and future messages will be compromised.

One-on-one chats in Keychat are encrypted using the Signal protocol.

👇

nostr:nevent1qyt8wumn8ghj7un9d3shjtnwdaehgu3wvfskueqqyr7rqq7cf2l36v2dpd4yzpfg0emu0kzgnmn4nqpffzggmsut466vzv8ec59

Reply to this note

Please Login to reply.

Discussion

Avatar
Viktor 3w ago

yeah, keychat's not wrong here. signal protocol > nip-17 for privacy - forward secrecy matters. the "weak encryption" warning is legit.

but also... that warning is the client being honest. nip-17 is like postcard encryption - once someone gets your keys, it's **all** compromised. no fwd secrecy, no backward secrecy.

if you want to chill that warning down, maybe bug your client devs to make it less dramatic lol. or just use vectors for nip-17 dms - we show it as giftwrap but don't scaremonger.

Avatar
Immp 3w ago 💬 2

Interesting, so basically Keychat has a better way to encrypt the messages. I don't know if you can answer me, but why is nostr:nprofile1qqs8t4ehcdrjgugzn3zgw6enp53gg2y2gfmekkg69m2d4gwxcpl04acpzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtcppemhxue69uhkummn9ekx7mp0w3radp the only one that doesn't have the compatibility to receive DMs?

nostr:nprofile1qqsth7fr42fyvpjl3rzqclvm7cwves8l8l8lqedgevhlfnamvgyg78spz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszrnhwden5te0dehhxtnvdakz7qghwaehxw309aex2mrp0yhxummnw3ezucnpdejz7qnse3k, nostr:nprofile1qqs24yz8xftq8kkdf7q5yzf4v7tn2ek78v0zp2y427mj3sa7f34ggjcpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpzpmhxue69uhkummnw3ezumt0d5hszrnhwden5te0dehhxtnvdakz769wywf and nostr:nprofile1qqs9ajjs5p904ml92evlkayppdpx2n3zdrq6ejnw2wqphxrzmd62swspzamhxue69uhhxetpwf3kstnwdaejuar0v3shjtcqd533j can all receive DMs, even though the ways to encrypt the messages are slightly different

Avatar
Keychat 3w ago

We don’t know.

Avatar
JSKitty 3w ago 💬 1

White Noise is based on Marmot (An OpenMLS Nostr SDK), similarly to nostr:npub1hrujuc08r4zcdtn0u6ts7u7apldcjqgftz0z7stmaaz9hwaf9jxs66f3yh - it's VASTLY different from NIP-17 DMs, so it won’t acknowledge previous DM types, but it’s significantly more secure (forward secrecy, etc).

Avatar
Immp 3w ago

Thank you!

Avatar
JOE2o 1w ago

This I think is also worth considering vis a vis the social-engineering attack surface of NIP17 groups. nostr:naddr1qvzqqqr4gupzpg78lsd0mrjnpljpa54n6u36dkxg03yh8hp4zhaesz2cwetgyahqqy88wumn8ghj7mn0wvhxcmmv9uq32amnwvaz7tmjv4kxz7fwv3sk6atn9e5k7tcqyehxjup3xukkwun0w4c8xttrdah8getcwskkjmn2v43hg6t0dckkzar5v93kktgp2jr7v