Thread

🛡️
while nip17 isn't as secure as signal in the cryptographic sense, it does have a nuanced advantage of being able to send to personal inbox relays where only you have access to the encrypted material. its up to you if you consider this more or less secure... if there's nothing for an adversary to decrypt, does forward secrecy gain you anything? as long as we're not blasting giftwraps to public relays then it should be pretty secure.
jb55's avatar jb55
yeah definitely, but you do get inbox relays so there is not a pile of encrypted messages in one place
View quoted note →

Replies (3)

Yup. While it is possible to blast everything to public relays, the better option is to put an application relay behind a firewall or into its own segregated network, accessible by the app only. This is way stronger than having everything in a password-protected database that stores everything in the clear and is only one admin password away from total breach.
🛡️
My biggest issue with nostr DMs right now is that I never know if the other person's client supports the type of DM I sent. In fact, I never even know what type of DM I am sending. Lately, if I DM someone, I just send the same message from multiple clients in hopes that they'll see one of them.
if there were an onion service keypair derived from the nsec, so that it was reproducible, and launched locally automatically by a client for the purpose of providing a Nostr relay for both the user’s own posts and DMs, it would make nip17 competitive with other messengers on the basis of privacy. There’s messengers that already do this. Briar, Ricochet Refresh. Of course, it requires you to wait until your client is on at the same time as your conversation partner’s for message delivery if you aren’t using external relays for gossip. Short of that being implemented, it is unlikely that a fraction of a percent of nip17 users will ever operate a private inbox relay.