mleku on Nostr: this is why kind 4 DMs are not as insecure as you might think revealing the contents ...
this is why kind 4 DMs are not as insecure as you might think
revealing the contents requires revealing your key, because the signature is not on the plaintext, it's on the encrypted text, so you decrypt it, you lose the authenticity, and thus, your credibility
it's hearsay
if you complicate things with further schemes like double ratchet, compromising one message is easy enough, but the other side has to see all the shit as well so they can compromise every message they receive
WITHOUT REVEALING THEIR SECRET KEY
so, actually, it's arguable what is better, if the threat model is betrayal
PSA
actually proving someone told you something in a kind 4 DM requires you to make your nsec public
screenshots don't count
Published at
2024-07-04 23:48:54Event JSON
{
"id": "f324c016a0f0012b418bb24ae4865350a52f45c099acf5046fd81e0e620ff8aa",
"pubkey": "4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"created_at": 1720129734,
"kind": 1,
"tags": [
[
"e",
"4759586f86feb3c7a4d5b84999f07e56fe01700c6073f90bc06fbcd31bd8e821",
"",
"mention"
],
[
"p",
"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"wss://relay.damus.io/",
"mention"
]
],
"content": "this is why kind 4 DMs are not as insecure as you might think\n\nrevealing the contents requires revealing your key, because the signature is not on the plaintext, it's on the encrypted text, so you decrypt it, you lose the authenticity, and thus, your credibility\n\nit's hearsay\n\nif you complicate things with further schemes like double ratchet, compromising one message is easy enough, but the other side has to see all the shit as well so they can compromise every message they receive\n\nWITHOUT REVEALING THEIR SECRET KEY\n\nso, actually, it's arguable what is better, if the threat model is betrayal\n\nnostr:nevent1qvzqqqqqqypzqnyqqft6tz9g9pyaqjvp0s4a4tvcfvj6gkke7mddvmj86w68uwe0qqsywk2cd7r0av785n2msjve7pl9dlspwqxxqulep0qxl0xnr0vwsggpl2ka6",
"sig": "1d19546edc314e17f3c292fbbafac81411d19fa4a91c3404cdbd0f1970a9aa2cfae4b8930cc292bbaec668fd4c75d2bb04f7d5a882d3fd8dd8d2b266bfaeaa5b"
}