Replies (44)
👀
Why do you believe that the private keys will inevitably leak?
I know users :)
Problem is, devices are pseudo IDs since most people use only one device with no VPNs and integrate everything.
So, annonymity will become impossible since they can identify the sender via the unique device keys.
Content will still be encrypted though 😁
Might there be a way to download, encrypt, and export a DM file to then be uploaded and decrypted by the new device?
I like it. Can’t the private key be migrated to a new device?
Idk but it sounds like a great idea. I don't like how DMs work on Nostr now. Maybe it's possible to send the messages to a another device, in case you have a new one
Interesting idea. Would the messsges be sent peer to peer then or would they still be communicated via relay? Personally I worry though about things that cause lock in to specific clients (there's a kind of centralization risk for nostr there too).
The idea of using a different key for DMs does seem useful, maybe even one that can be rotated to give forward privacy. I was working on a NIP last week for a type of onion routing for DMs and there it was suggested to use something like RSA keys. Reason being that messages can be decrypted without knowing who encrypted them and this ends up improving privacy under that scheme:
GitHub
NIP-103: Onion Routed Direct Messages by threeseries · Pull Request #499 · nostr-protocol/nips
This NIP should help improve privacy with respect to kind 4 events on nostr.
What if device keys also got stolen? Then the DMs can also be read.
Maybe it's better that no server stores the messages. Storing would be responsibility of the device, not the server.
This was, even if the keys on the device would be lost, no message would be compromised
If it's is in the secure element, its impossible to get the secret out of there.
No, that's the whole point. The key cannot leak because it can't exist anywhere else.
Relays are a nice feature. P2P doesn't really work because the two devices are rarely online at the same point, even if the two are fully-connected phones.
I think this is a good idea but should be another kind (not 4)
As long as leaking the nostr master key doesn't give access to each device's private key, it could work.
How do you handle sending a DM to all device keys at the same time?
If a goal is widespread adoption, I suspect this would work against that.
I think what people want is easy messaging but without spam/scam. Not difficult messaging. “Was it on this phone? That phone? Was it on the desktop computer? Which browser? No, must be the tablet. Nope not there either. What the heck happened to that message I want to re-read?!”
Like with my ledger? 😅
Only one key for all devices? That feels bad.
Laughs in Ledger firmware update
Then what do you mean by "grant" access? A list of other pubkeys that can post on the temporary key's behalf with something like NIP26 or NIP46?
I will wait for the NIP text. :)
The silicon does not support printing secrets. Same for ePassport, it does not support printing your fingerprints. The only way to extract them is to hack the transistors or root it if it is more complex system like Intel CPU.
The way it works is that it derives some symmetric key and gives it to you or even encrypts data for you.
That is already how secret chats work on Telegram on Android. To transfer the secret chat you need to hack the database.
Add i2p and ipfs...
Actually it could fix the metadata leaks problem, if a new key is used for each contact, I reckon.
Though I would expect these new data mining algorithms to easily rebuild the metadata from other information. Humans are too predictable.
I knew you were going to say that
this is how it should be imo
DM that burns after reading
Sounds good but need a device to device DM history transfer type situation like you do when setting up Signal on a new phone.
Even if that opens many opportunities for security breaches no matter how well implemented?
Look at signal as a case study, has there been many breaches with their design? You can only have dms on one device at a time, transferring them deletes them from the old device.
You can have dms on 1 cell phone and 4 additional devices with signal. Messages are available on any/all devices from the moment each device is linked (no backwards history available)
Sure, but Nostr can't keep your DMs in your phone only (relays and the other party have it and can prove it at any point in time).
We have to address security in a different way.
I'm new to nostr and the whole decentralized world, so my question might be trivial.
When the time comes to change the device would you lose the network you built? Could you sign up to the new device with the same use name and still be verified?
One issue I see for less developed countries, like Brazil, is that cell phones are stollen all the time. It's not rare cases of people buying a new phone to have it stollen the next month. I device based identification would be very impractical for this scenarios.
I agree!
It would make for a niche adoption.
Currently, no. You just need to sign in with the same private key. Make sure to export it from the app and keep it safe.
I believe I wasn't clear sharing question.
I understand a little bit how it works now. I would like to understand what you are proposing.
For what I understood, each device can be logged in to one user and the user will be linked to that specific device. Is that correct? If that is the case, my previous question comes with that assumption.
On the new idea, the nostr master key would generate a new key for every device. The user wouldnt be able to export it. When you change phones, people would be forced to rotate their keys for the DMs, not for the rest of nostr. Their profile stays the same, but messages go somewhere else.
If we then add private groups (nostr doesn't have this yet) we could add all device keys in the same "group" so that all your DMs can be seen by all your devices.
Got it! Thanks!
Keys on proprietary hardware are not secure. A better solution would be an open source security token as described here for email:
GnuPG: E-Mail-Verschlüsselung unter Android – Nitrokey Teil4
Kopplung eines Nitrokeys mit einem Android-Smartphone zur E-Mail-Verschlüsselung via OpenKeychain und FairEmail.
Even more secure would be an open source hardware wallet with display and seed backup on steel with nostr and openpgp feature.
@BitBoxI am for it. The idea is very good. We need this. And one more thing. Imgs within DM...we need some kind of encrypted img format on the relay and when user get img on phone, the img is decrypted in secure space. When img is decrypted, comfirmation is send to relay and incrypted img expire in 1 day. So example. Sender take picture with camera. Sender select this picture in Ametheyst app within DM. Picture is automatic encrypted in the phone. When user click send, msg is send to relay with text and encrypted img. ...
SimpleX does a bit of this. Each DM conversation uses a unique keypair. Great idea.
