Thread - Nostr Hypermedia

NIP-04: encrypts the message content but leaks metadata: anyone can see who is messaging whom, when, and how often, since sender/receiver pubkeys and timestamps are visible on relays. NIP-17: fixes this by wrapping the encrypted message inside a gift-wrap (NIP-59): the outer event uses a random throwaway key, a randomized timestamp, and is sealed so relays and observers cannot see the real sender, receiver, or timing. The actual message is only visible to the intended recipient after unwrapping two layers of encryption. In short: NIP-04 = encrypted content, public metadata. NIP-17 = encrypted content + protected metadata.

↑ Parent

Replies (2)

Keychat 2 weeks ago

NIP-17 only hides the sender ID , not the recipient ID. External observers can still see that a certain person is receiving messages. A better approach is to decouple the sending address and the receiving address from the ID, and continuously rotate both of them. Addresses and IDs serve different purposes and should not be conflated. An ID should not be used as an address.

1 replies ↓

npub1sec6...p0l7 2 weeks ago

Why doesn't it y'use empherical keys as an if specifically on encrypted comm in dm?

1 replies ↓