I don't think that NIP-44 fixes the metadata leak by itself:

> **Note: this format DOES NOT define any kinds related to a new direct messaging standard, only the encryption required to define one.**
>
> [...]
>
> Every nostr user has their own public key, which solves key distribution problems present in other solutions. However, nostr's relay-based architecture makes it difficult to implement more robust private messaging protocols with things like metadata hiding, forward secrecy, and post compromise secrecy.
>
> The goal of this NIP is to have a simple way to encrypt payloads used in the context of a signed event. When applying this NIP to any use case, it's important to keep in mind your users' threat model and this NIP's limitations.

NIP-44 is meant to address it and is already implemented in many clients, e.g., Amethyst, OxChat.
https://github.com/nostr-protocol/nips/blob/master/44.md

RAIKO

I do. We also have a group there for SN. See chat in footer.

the integration of a nostr client with simplex would be a real game changer. 

it would result in this weird hybrid social media + chat client + zap wallet. it could almost literally become an "everything app"

imo, Nostr's publication-via-redundant-relays model makes DMs (and any "secret" message) an antipattern. The relay model is meant for public, widespread publication where metadata is a feature. If we want secrecy, it won't be via a new fancy cryptography scheme over this model. 

jurraca

fabohax

rdytostack

Nostr metadata in general is vulnerable to the same thing.

Kathleen_Croteau

calle

Someone posted an image of my encrypted nostr DMs on Twitter. Of course I know that it's possible to see the metadata but I didn't realize how creepy it feels. You can see who I talk to and when. You could deduce my social circles, maybe even real world activity related to my messaging patterns.

From now on, I will stop using normal DMs on nostr. The traces they leave is horrifying and you shouldn't use DMs either.

Please do not send me any DMs from your npub if you have something to communicate to me.

Use a random npub or a giftwrap or use a different method or use a different network to reach me.

Nostr DMs have always been a complete privacy hell and I urge anyone to realize this and act accordingly.

 is going to help against this but I haven't looked into the details yet. So if someone can share details, would be much appreciated :)

nostr

privacy

Note from @calle on Oct 18, 2023, 10:18 AM:

> Someone posted an image of my encrypted nostr DMs on Twitter. Of course I know that it's possible to see the metadata but I didn't realize how creepy it feels. You can see who I talk to and when. You could deduce my social circles, maybe even real world activity related to my messaging patterns.
>
> From now on, I will stop using normal DMs on nostr. The traces they leave is horrifying and you shouldn't use DMs either.
>
>*Please do not send me any DMs from your npub if you have something to communicate to me.*
>
> Use a random npub or a giftwrap or use a different method or use a different network to reach me.
>
> Nostr DMs have always been a complete privacy hell and I urge anyone to realize this and act accordingly.
>
> I repeat: DO NOT DM ME. I WONT DM YOU.

I think [_NIP-17 (old 24) Sealed Gift-Wrapped Messages for Private DMs and Small Group Chats_](https://github.com/nostr-protocol/nips/pull/686) is going to help against this but I haven't looked into the details yet. So if someone can share details, would be much appreciated :)

_this is a great candidate crosspost for ~nostr and ~privacy_

