Vitor Pamplona on Nostr: > There's no protocol that protects against a malicious participant that shares the ...
> There's no protocol that protects against a malicious participant that shares the keys.
Correct, but that is not the point. The point is that a secret-based channel can be the target of multiple social attacks that play on people's lack of cryptographic knowledge on top of the usual secret managing mistakes people already do on a regular basis.
In this case, I am willing to bet that people will create a "My Chatgroups" Google Doc with all the active links to their most important chats. And if they need to share information that was discussed in the chat, they will share the link and enable other people to see everything without the other participant's approval.
The design is particularly bad for activists that don't or can't trust their counterparty from exposing them.
> The link sharing can be improved but I think this part is making reasonable trade offs and could be modified to prevent mistakes users might make without much trouble.
There are other solutions that don't need link sharing trade-offs: https://github.com/nostr-protocol/nips/pull/686
> I think its too easy to id what npubs are group chats, and subsequently who the participants are with taps on the relays.
Agree.
Correct, but that is not the point. The point is that a secret-based channel can be the target of multiple social attacks that play on people's lack of cryptographic knowledge on top of the usual secret managing mistakes people already do on a regular basis.
In this case, I am willing to bet that people will create a "My Chatgroups" Google Doc with all the active links to their most important chats. And if they need to share information that was discussed in the chat, they will share the link and enable other people to see everything without the other participant's approval.
The design is particularly bad for activists that don't or can't trust their counterparty from exposing them.
> The link sharing can be improved but I think this part is making reasonable trade offs and could be modified to prevent mistakes users might make without much trouble.
There are other solutions that don't need link sharing trade-offs: https://github.com/nostr-protocol/nips/pull/686
> I think its too easy to id what npubs are group chats, and subsequently who the participants are with taps on the relays.
Agree.