What is Nostr?
keychat / Keychat
npub1h0u…rwx8
2024-08-31 10:02:11

keychat on Nostr: Designing a DM for a microblogging app is not the same as designing a chat app. A ...

Designing a DM for a microblogging app is not the same as designing a chat app.

A chat app opts for better security while accepting poorer multi-device synchronization capabilities.

A DM opts for better multi-device synchronization capabilities while accepting weaker security.

We need to determine what our primary goal is, make trade-offs, and recognize that there is no perfect solution.

As reflected in the note below, the advantages and disadvantages of NIP-17 are two sides of the same coin.
Old Nostr DM (NIP-4) integrates four capabilities into a single Nostr key—it serves as an ID, an encryption key, a receiving address, and a sending address.

The encryption key in NIP-4 does not change, so NIP-4 messages lack both forward secrecy and backward secrecy.

Consequently, if the private key is compromised, both historical and future messages can be exposed.

The receiving and sending addresses remain constant, which poses a severe issue for metadata privacy in NIP-4 messages;

Everyone can see who (ID) is sending messages to whom (ID).

Currently, most Nostr apps use NIP-4 for DM functionalities, such as Damus and Primal.

——————————————————————————————————————

New Nostr DM (NIP-17) integrates three capabilities into a single Nostr key—it serves as an ID, an encryption key, and a receiving address.

Kind-17 separates the sending address from the ID, making the sending address random and concealing the sender's real ID, thus improving metadata privacy.

The encryption key in NIP-17 does not change, so NIP-17 messages also lack forward secrecy and backward secrecy. Once the private key is leaked, both historical and future messages will be compromised.

The receiving address remains constant, so there is still a slight issue with metadata privacy in NIP-17 messages; everyone can see who (ID) is receiving messages.

Apps like 0xchat and Amethyst use NIP-17 to implement DM functionalities.

——————————————————————————————————————

In Keychat, the ID, encryption key, receiving address, and sending address are separated.

The encryption key, the receiving address, and the sending address are updated independently and continuously.

Keychat's encryption key is derived using the Signal protocol, and each message uses a unique encryption key, which is deleted after use.

Thus, Keychat messages have both forward secrecy and backward secrecy. Even if an encryption key is compromised, only the current message can be leaked, and historical and future messages remain secure.

Keychat's sending address is randomly generated for each message.

Therefore, external parties do not know the sender's ID.

Keychat's receiving address is derived using the Signal protocol, with almost every message using a unique receiving address.

Thus, external parties do not know the receiver's ID.


——————————————————————————————————————

However, it's important to emphasize that NIP-4 and NIP-17 offer superior multi-device synchronization capabilities because they integrate three capabilities into a single Nostr key—it serves as an ID, an encryption key, and a receiving address.
Author Public Key
npub1h0uj825jgcr9lzxyp37ehasuenq070707pj63je07n8mkcsg3u0qnsrwx8