-
Notifications
You must be signed in to change notification settings - Fork 597
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrating from NIP-04 to NIP-44 encryption #1598
Comments
I don't know if it makes sense to keep kind as the reference point. Many encryptions are not based on a specific kind. And some kinds have more than one encryption in such a way that it would be important to differentiate. For instance, health data has 2 encryptions, one that stores a key to view the health data and another one to edit that data. It would be important for a signer to highlight when the permission is not only to see but to edit. |
The idea is to just inform it is e.g. health data related. So that user can be sure it is something that a health related app should be safely allowed to decrypt. edit: just don't want Health App to decrypt my secret pr0n bookmarks? |
But why stay there? Why not allow the writer an alt that describes what's in the payload? The signer just displays the alt. |
I think alt would be ok but it can't be automated. I mean, client can easily just add the event.kind for you when encrypting, without asking for alt. |
The client just adds the alt in the same way we add the alt tag to each event without asking the user about it. |
Another way of doing this would be to specify a few codes for different payloads in each nip and then use those codes instead of kinds. In that way the signer doesn't need dynamic translations of alt content. |
Yeah so you proposing |
Something on those lines. I am not exactly sure if it is the best way. What I know is that kinds alone might not be enough info for signers, depending on the application. Maybe a |
Better if Like |
Not a bad idea but I don't think it's worth the trouble. Specially because I think our best possible future involve not dealing with nip44 encryption with user keys directly anymore, but only as a way to talk to bunkers, and bunkers would just sign events, while all encryption needs will be provided by per-device keys using MLS or something else. |
I'm skeptical about MLS saving the world. Per-device keys? Like I have to kinda "join" a group with myself (my other device) so that I can decrypt something the other device encrypted? Seems to be the wrong tool when not doing DMs/chat. |
Yes, exactly.
Me too, and I hate all this crappy IETF I-am-cryptographer-and-I-love-Signal technology vibes but I don't see any other way because I want FROST bunkers and they can't encrypt. Also per-device encryption keys sounds like a sensible idea even if we don't use full-blown MLS. |
@vitorpamplona at #1228, the same alt would apply to many event kinds (all replaceables/addressables in that case). So maybe better be Or maybe we always do |
Even on #1228, the code should describe what kind of event this is first and then what type of information it is trying to assess. Knowing that the app is asking for an So, |
edit: skip this, see next comment
Wait, could
As the ciphertext is used when computing the event.id, we cannot add a regular event reference like Thought its possible to do like
Now we are able to do |
Borrowing ideas from #1540 (use one-letter tags or @), Plaintext "label" could be Examples:
Now when client uses nip07 like |
I will experiment with a slightly different version of this in the future. |
We should take the opportunity to do
nip44.encrypt('{ "k-i-n-d": event.kind, data: "<plaintext>" }')
(the arg is a stringifed JSON) instead ofnip44.encrypt("<plaintext>")
when encrypting things inside events.This way nip07/46 can decrypt and inform it is decrypting something related to a specific event kind so the user can make an informed decision to allow or deny it.
Ack or nack?
note: used "k-i-n-d" key instead of "kind" to avoid collision with a plaintext that happens to be a stringified json with "kind" and "data" keys.
The text was updated successfully, but these errors were encountered: