τέχνη's avatar
τέχνη 5 days ago
I have some concerns about the Marmot protocol / whitenoise.chat @JeffG > Messages in White Noise are encrypted end-to-end and temporarily relayed through several Nostr servers, which cannot read them and don’t permanently store them. Relays act as transient delivery points, discarding data after transmission. How can we guarantee that they don’t permanently store them? If they do, this is a clear “Harvest Now, Decrypt Later” attack. > Users can further prioritize privacy by selecting trusted relays or hosting their own, Messages are designed to be propagated on Nostr. It’s a gossip protocol. It’s not designed to have access control lists at the foundation. So how does running our own server actually help us? > ensuring no single entity retains control over their communications. See, this statement frames the concern as being about “my communication is being blocked”. But the real concern is “my communication is being harvested and decrypted by 3 letter agencies”.

Replies (2)

JeffG 's avatar
JeffG _@jeffg.fyi 4 days ago
1. You can't guarantee they'll destroy them. If you're in a situation that requires that level of caution, then you should run your own relays. 2. I disagree with your premise that Nostr is a gossip network. It's explicitly not. The outbox/inbox model is predicated on user choice and clients doing their best to respect that choice. Harvest now, decrypt later is only solved by better crypto (PQ in this case) or controlling the whole stack (incl relays).
1 replies ↓
τέχνη's avatar
τέχνη 3 days ago
> If you're in a situation that requires that level of caution My thinking is basically that the “harvest now, decrypt later” thing is something everyone should be concerned with. Because it requires way less effort than something like an actual directed attack. Normal people should primarily be concerned with this type of attack (if you could even call it an attack). > then you should run your own relays. How does running my own relay solve that problem exactly? How would I then ensure that my messages are not being stored by any other relay? Because doesn’t the protocol assume that messages propagate to other relays as well?