nostr:npub1sg6plzptd64u62a878hep2kev88swjh3tw00gjsfl8f237lmu63q0uf63m realized how rotten to its core and compromised the system had

become and that beyond encryption, the only thing that could survive would be a COMPLETELY decentralized system, hence his move to back NOSTR…

No one is off limits.

I will be building more here from now on…

"Nothing about any of the protocols we’ve developed requires centralization; it’s entirely possible to build a federated Signal Protocol-based messenger, but I no longer believe that it is possible to build a competitive federated messenger at all." — Signal Founder Moxie https://signal.org/blog/the-ecosystem-is-moving%C2%A0

This is because the encryption process is completed on the client side, and relays only pass the encrypted messages.

Keychat and Simplex Chat both use the Signal protocol to encrypt messages, so both meet the following security requirements 1-4:

Anti-Forgery

Anti-Forgery ensures that the sender of a message is verifiable and the message has not been tampered with.

End-to-End Encryption

End-to-end encryption ensures that only the sender and receiver can decrypt and read the message content, protecting it from unauthorized access by servers or other network devices.

Forward Secrecy

Forward secrecy ensures that even if the current key is compromised, historical messages cannot be decrypted, since each message uses a new encryption key, which is deleted after use.

Break-in Recovery

Break-in Recovery ensures that if the current key is compromised, future messages cannot be decrypted, and the system can recover from the attack. This feature is also known as backward secrecy.

Metadata Privacy

Protecting the privacy of communication involves more than just protecting the content of messages; it also includes protecting the identities of the communication parties and other data.

Regarding the fifth point, metadata privacy. The designs of Keychat and Simplex Chat are different.

Simplex’s metadata privacy protection scheme

"Simplex chat is the first messenger without user IDs."

“To deliver messages, instead of user IDs used by all other platforms, SimpleX uses temporary anonymous pairwise identifiers of message queues, separate for each of your connections — there are no long term identifiers.”

“Temporary anonymous pairwise identifiers

SimpleX uses temporary anonymous pairwise addresses and credentials for each user contact or group member.

It allows to deliver messages without user profile identifiers, providing better meta-data privacy than alternatives.”

We can understand this mechanism as, if a Simplex Chat user has 10 friends, they have 10 IDs, using different IDs with different friends?

Keychat’s metadata privacy protection scheme

Current chat applications and email have forgotten that an address is not the same as an ID, treating the ID as the address. Emails and current chat applications send messages as [from: Alice's ID to: Bob's ID]. Regardless of how your geographical address changes, when Alice sends an email to Bob, it’s always [from: Alice's ID to: Bob's ID]. This compromises metadata privacy.

However, letters work differently; they are [from: Alice's current geographical address to: Bob's current geographical address].

Keychat separates the receiving address and sending addresses from the ID, and the receiving address and sending addresses are also different. Keychat messages are [from: Alice's one-time sending address to: Bob's almost one-time receiving address]. This makes it difficult for outsiders and relay administrators to determine who is sending messages to whom.

Which scheme do you think is easier to understand and better protects metadata privacy?

Finally, Keychat also uses ecash sat as a stamp for messages, with relays funded by stamp revenue to sustain operations.