Subnostr

Replying to

Crusty 👨‍💻

Definitely. Alias is for increasing privacy, so we need strong guarantees.

The current plan for increasing privacy:

1️⃣ Open-source, so you can verify the code

2️⃣ Emails are stored as Private DMs, so encrypted

3️⃣ Your data is stored on nostr, so you can anytime move

I see 2 biggest problems now:

1️⃣ Smtp receives the emails in plain text

2️⃣ If your private key is compromised, your email history is compromised

The 2️⃣nd is a general nostr problem, so probably we get to use a solution, or I will think about one, if the base is ready.

The 1️⃣st seems kind of the toughest on the trust side, because you have to trust the smtp server relaying your mails onto nostr. As the rest is already happening behind private messaging/data storage on nostr.

I want to solve first the 1️⃣st problem.

Until that, if I release, source code can be verified, and smtp code will be small, so easy to verify.

Also I don't plan to read/associate or scan emails. This means spam filtering has to be solved on the user side, as usual on nostr. And because smtp code will be small, it will be easy for you to verify that no reading or so happening there.

But I want to minimize the trust further, but not yet know how. Maybe somehow I shall host the smtp servers for the users, therefore, they always control how their emails are relayed.

franzap 1y ago

Sounds good. It doesn't matter if the SMTP server is open source - we still need to trust the operator. The only thing that fixes that is your reputation (open source helps there but probably not enough)

Reply to this note

Please Login to reply.

Discussion

Crusty 👨‍💻 1y ago

Yes, unfortunately if the server that converts the plain text mails to some encrypted something (an smtp) is not in your control, you have trust involved. And it there is trust, you need reputation to have some "punishment". I would be gladly not having trust though. Maybe the other idea helps a bit, but I have to design that to see how it is possible.