JeffG on Nostr: Ok – so Signal is great. Good encryption, etc. Obviously, the main thing that we ...
Ok – so Signal is great. Good encryption, etc. Obviously, the main thing that we want to improve there is the centralized coordinator in the middle.
My original proposal was an adaptation of the Signal protocol for Nostr. https://github.com/nostr-protocol/nips/blob/2169fab971591d0b4a450ef08aeb6301c5d2a0da/104.md
But I got lots of feedback on that one that 1) group messaging needs to be first class and 2) multiple device support needs to be first class. Both of these are actually the same thing - supporting groups.
With the signal protocol, the way that the symmetric encryption works, when you're in a group, you're effectively creating a DM to every member of the group, encrypting it separately, and sending it out. Signal makes this feel like less of a big deal because they do some tricks on the server side to make it less heavy for the client.
In the nostr version of the signal protocol, you have no server to do work for you, so your device has to do all that work itself.
With MLS, because it's using a different data structure (binary trees) for managing encryption keys and users in a group, you go from a situation where group scaling is a linear problem (each new user in a group adds the same amount of work for all clients) to a log problem (where each new user in a group adds wayyyy less work for all clients).
There are also other benefits of MLS.
1) it's about to be an internet standard (like TLS, etc) so we conceivably get interoperability with other networks/clients
2) it's built to allow for the use of multiple ciphersuites and the graceful change/upgrade of the ciphersuites over time.
The only drawback is that it's very complex and very new. My work so far on getting MLS to Nostr has been focused on updating dependency libraries to allow for support of schnorr signatures over the secp256k1 curve (what nostr - and bitcoin - uses). I'm very convinced this is the right long-term solution for private messaging on Nostr but it's going to take a bit longer to get it probably ready for implementation.
If you haven't see it already, you can follow along with what I'm doing in my weekly posts. Also, if you're interested in working with me on all this, that'd be awesome.
nostr:naddr1qvzqqqr4gupzq9eemymaerqvwdc25f6ctyuvzx0zt3qld3zp5hf5cmfc2qlrzdh0qqxnzdejxy6rzwf5xvmnwveh25uk9n
My original proposal was an adaptation of the Signal protocol for Nostr. https://github.com/nostr-protocol/nips/blob/2169fab971591d0b4a450ef08aeb6301c5d2a0da/104.md
But I got lots of feedback on that one that 1) group messaging needs to be first class and 2) multiple device support needs to be first class. Both of these are actually the same thing - supporting groups.
With the signal protocol, the way that the symmetric encryption works, when you're in a group, you're effectively creating a DM to every member of the group, encrypting it separately, and sending it out. Signal makes this feel like less of a big deal because they do some tricks on the server side to make it less heavy for the client.
In the nostr version of the signal protocol, you have no server to do work for you, so your device has to do all that work itself.
With MLS, because it's using a different data structure (binary trees) for managing encryption keys and users in a group, you go from a situation where group scaling is a linear problem (each new user in a group adds the same amount of work for all clients) to a log problem (where each new user in a group adds wayyyy less work for all clients).
There are also other benefits of MLS.
1) it's about to be an internet standard (like TLS, etc) so we conceivably get interoperability with other networks/clients
2) it's built to allow for the use of multiple ciphersuites and the graceful change/upgrade of the ciphersuites over time.
The only drawback is that it's very complex and very new. My work so far on getting MLS to Nostr has been focused on updating dependency libraries to allow for support of schnorr signatures over the secp256k1 curve (what nostr - and bitcoin - uses). I'm very convinced this is the right long-term solution for private messaging on Nostr but it's going to take a bit longer to get it probably ready for implementation.
If you haven't see it already, you can follow along with what I'm doing in my weekly posts. Also, if you're interested in working with me on all this, that'd be awesome.
nostr:naddr1qvzqqqr4gupzq9eemymaerqvwdc25f6ctyuvzx0zt3qld3zp5hf5cmfc2qlrzdh0qqxnzdejxy6rzwf5xvmnwveh25uk9n