Nostr Web Client

🚨 PSA: On #nostr be careful with DMs.

Using your npub (public) key people can see who you are sending DMs to and can. even see the back and force messages encrypted. They can’t read your messages but it’s still information you may not want to divulge. It’s not a problem as long as you know this is the case.

If you want to test this, login with your npub (not private key) in a client that supports read only mode and see what is public: https://snort.social

Consider boosting this message so nobody is caught off guard.

Reply to this note

Please Login to reply.

Discussion

doot 2y ago

are there any thoughts on an alternative to this, that’s still native to nostr

Kruw 2y ago

You can exchange a new temporary npub in the first round of encrypted messages to keep the timing and amount of future messages hidden - #[4]

doot 2y ago

nice, could probably be automated by the client too

BitcoinEagle.dev 2y ago

Yep, we need Signal protocol that just uses npub for identity and doesn't broadcast the messages

BitcoinEagle.dev 2y ago

The future secrecy is a big deal. There is a chance the private key will leak. We don't use HW wallets for nostr. All your DMs will likely become public eventually