75 sats \ 3 replies \ @RAIKO 10 Feb freebie \ on: Reminder and example about impact of metadata leak in Nostr DMs privacy
NIP-44 is meant to address it and is already implemented in many clients, e.g., Amethyst, OxChat.
https://github.com/nostr-protocol/nips/blob/master/44.md
I don't think that NIP-44 fixes the metadata leak by itself:
Note: this format DOES NOT define any kinds related to a new direct messaging standard, only the encryption required to define one.[...]Every nostr user has their own public key, which solves key distribution problems present in other solutions. However, nostr's relay-based architecture makes it difficult to implement more robust private messaging protocols with things like metadata hiding, forward secrecy, and post compromise secrecy.The goal of this NIP is to have a simple way to encrypt payloads used in the context of a signed event. When applying this NIP to any use case, it's important to keep in mind your users' threat model and this NIP's limitations.