It's ok, hit me up when Marmot gets audited like nip17 and has at least 2 implementations users can log in and see the same chat history.
Login to reply
Replies (17)
... and see the same chat history.
So you are calling the feature a bug.
In marmot MLS this is a feature.
That's a deal breaker for me. Either offer interoperability or GFO. Otherwise this is just another vendor-lock in scheme to block people from moving away from a company's products.
MLS is mostly a corporate play, so I am not surprised they have successfully brainwashed folks to think that is a feature.
Which explains why it doesn't exist in Amethyst. Marmot is an upgrade from Signal to make it decentralized. Signal has a feature (perfect forward secrecy). The way they work around that is linking a device from the main account, and offering to copy historical messages to the linked device. If the feature you want doesn't exist in Signal, it probably will never exist in marmot. Of course don't quote me on anything. I am barely a spectator in this space. I have just been burned by Signal's centralization so I prefer marmot.
Forward secrecy in signal is a lie exactly because you can export/import stuff or connect with a desktop app. I don't need your keys, I just need to connect my desktop to your signal app. Then puf.. all the "perfect forward secrecy" turns into theoretical BS.
I assume it copies it directly from what exists in storage on my phone. If true then your statement assumes the implemented solution assumes actual perfect forward secrecy. I mean, if it was truly perfect forward secrecy than I couldn't write the messages down on paper as I get them and share with a friend.
Sure.. I find the use of "forward secrecy" terms just marketing bullshit most actual engineers know it only exist in theory. So, to me, that is not a good sales point for Marmot.
I do like the scaling of group sizes, though... But I wouldn't use it because of "forward secrecy"...
Good thing that I was able to implement it from scratch on Amethyst (including ChaCha20 itself) so, the audit + my own knowledge was enough to make me very confident in the approach.
Also, in 3 years, nobody has found any flaw in it to breach.
Except my key point: if I loose my nsec. Almost nobody in the bitcoin community fully trusts their nsec / seed phrase except in hardware wallets. We are constantly told to keep our seeds offline. Marmot solves this for PMs.
That's why we have signers. We don't move our nsecs around just like you wouldn't move your Marmot keys around.
I have a hardware signer. I never use it. I have Amber, yet my nsec somehow leaked. I blamed Amber, but who knows with these things.
How did it leak? Amber is super small, we can review the entire code in a couple hours if the problem was there.
I am not 100% sure if it leaked. All I know is something 'liked' a post in Amethyst that I did not recognize doing myself. And Amber was acting super buggy on my phone. It would pop up every time I try to use it. It was a huge pain just to post that my nsec got leaked. Then I wiped my phone for good measure. Amber is asynchronous so everything is a callback. I still use it, but I also swap out my nsec for fresh for privacy too. So at this point, I don't care if I loose my nsec. The PM messages would be nice to use but I don't use PMs for obvious reasons. I only use marmot or signal.
Why not use Amber to store my bitcoin? If it is so secure? Well, because maybe at some point the device itself isn't secure.
I don't care because I use Signal with disappearing messages. If/When my device gets hacked, hopefully the hack left some trace or strange behavior that I pick up on. If it doesn't then it was probability very sophisticated. Most zero days leave traces.
If your device gets hacked, nothing can protect your messages... No matter how advanced their encryption is. If that is your thread model, you don't even need to encrypt anything because it is all irrelevant at that point.
Except the messages that are already deleted in Signal. I have a system. It works. Moving on.
Sure, but malwares are not detected right away, it takes a long time. So while you are running the malware can see your messages before you delete them.
Yes and hopefully it takes awhile before malware makes it onto my system too.