Nostr

When I was reading the MLS protocol last year, I was picturing using it to rearrange destinations for the usual NIP-17 gift wraps such that Clients would use the group ratchet to find where the group is at. In that way, it would simply reuse the usual NIP 17 messaging scheme.

However, the unclear part to me is how much metadata leaks in the key exchange procedures. There will be messages going back and forth between member to rotate the group into new keys and I think that has a change of being traceable. Time correlations could allow the public to reassemble the hierarchy of keys.

It feels like MLS authors were trying to solve group chats so that they forgot about metadata tracing on all intermediate needs of the protocol.

But I also think that the metadata leak is solvable. We just need to invest the time to do it.

Change this if you want 1y ago

Somehow signal managed to kill the metadata leaks using MLS what the concern over here ?

Reply to this note

Please Login to reply.

Discussion

Vitor Pamplona 1y ago

Metadata does leak to the signal server. They just claim they don't track it. Which is why I don't like these types of solutions with central servers.