Vitor Pamplona on Nostr: What if DMs were device-based? We could use a secret from the device to create a new ...
What if DMs were device-based?
We could use a secret from the device to create a new private key to use exclusively DMs. Since the new DM key can stay in the device's secure element, there is no way for any other device to access your DMs, even if you keys leak (they will inevitably do).
Pros:
- avoids leaking DMs when the nostr key leaks.
- DMs that expire when the phone expires
Cons:
- users cannot migrate the DM history to a new phone/client
With private group DMs, we could add all device keys in a single DM message so that current devices of a user can read the DM history.
We could use a secret from the device to create a new private key to use exclusively DMs. Since the new DM key can stay in the device's secure element, there is no way for any other device to access your DMs, even if you keys leak (they will inevitably do).
Pros:
- avoids leaking DMs when the nostr key leaks.
- DMs that expire when the phone expires
Cons:
- users cannot migrate the DM history to a new phone/client
With private group DMs, we could add all device keys in a single DM message so that current devices of a user can read the DM history.