Don’t treat DMs as particularly secure, they’re pretty simple an don’t have many of the good properties that existing E2EE messaging alternatives like Telegram/Signal/WhatsApp have (ratcheting keys, key exchange between two parties, etc.)
You leak your nsec and all your past DMs are readable and you’re easily impersonated. Also everyone can just see who you’re messaging and when, even if they can’t read it (because the DMs are jus events published to your relays like normal posts)
1f52b / 1F52B
npub1raf…gns2
2023-02-16 23:31:12
in reply to nevent1q…h9uu
Author Public Key
npub1raftzmju5gq77twqxrumv5gnweew2t0p4v5upv8kku4vsz4j8jzq3tgns2Published at
2023-02-16 23:31:12Event JSON
{
"id": "4c5978400058c639e7cee31f6c8440e89c4dc4d75c4fcd9fc26ebd8240d4818a",
"pubkey": "1f52b16e5ca201ef2dc030f9b651137672e52de1ab29c0b0f6b72ac80ab23c84",
"created_at": 1676586672,
"kind": 1,
"tags": [
[
"e",
"09ea57320007c42ea2905940ac0dad2d18e49618b513d4d383eff2e2b0d6fda3"
],
[
"e",
"a1c35f0452a45b813a50bb170e40bfeac1459e08f52fc015a00546c7dc759d28"
],
[
"p",
"eb362a4ad5c55e5ff02ceda83eaab5dbf4e8be07abec25615bb2e3ebbff7bd61"
],
[
"p",
"8766a54ef9a170b3860bc66fd655abb24b5fda75d7d7ff362f44442fbdeb47b9"
]
],
"content": "Don’t treat DMs as particularly secure, they’re pretty simple an don’t have many of the good properties that existing E2EE messaging alternatives like Telegram/Signal/WhatsApp have (ratcheting keys, key exchange between two parties, etc.)\n\nYou leak your nsec and all your past DMs are readable and you’re easily impersonated. Also everyone can just see who you’re messaging and when, even if they can’t read it (because the DMs are jus events published to your relays like normal posts)",
"sig": "1072677117278261f5dcb0353038ef333af83aa461574a10f4793d5af5e1fbcb59649d774240bd8619a4e67ae94c65a2f1baad053ae0d326ae823d837b068554"
}