Thread

🛡️
Pretty basic construction of Nostr silent DM's that break the DM graph privacy nightmare. Others probably have suggested the same thing because it's too damn simple and obvious of a solution. Still gonna put it up here, maybe someone has comments. Might become a NIP proposal if there is interest. I've coded it up and it works quite nicely.
image image image

Replies (2)

Yeah this seems similar to this from a long while back
GitHub
GitHub - vinliao/clust: Nostr CLI client built with Rust (not ready yet!)
Nostr CLI client built with Rust (not ready yet!). Contribute to vinliao/clust development by creating an account on GitHub.
 In some stuff I wrote here
GitHub
GitHub - monty888/monstr_terminal: some terminal apps for nostr using monstr, the monstr files are currently embedded for the time being, until monstr becomes a proper module if I can ever work out how...
some terminal apps for nostr using monstr, the monstr files are currently embedded for the time being, until monstr becomes a proper module if I ca...
 I copied this implementation to support events via shared inboxes.
Apart from the shared secret issue, one thing not addressed here is sender authentication. Assuming the encryption key is `S' = w * Q2`, since the sender signs with the ephemeral key `w`, unless the recipient can somehow verify that `w` belongs to the intended counterparty, the recipient has no way of authenticating the sender. Anyone who correctly guesses one of the participants of the silent inbox (e.g. a relay operator would be able to trivially figure this out in many cases) can send a DM to that participant with an ephemeral private key of their own, pretending to be the other participant.