What is that one client?

Yes it is :( I really would like to have a good option to DM on nostr. Cause I don't want to use another thing for DMs

lol.

Thankfully @npub1whtn...r3ec is there and some amazing people are working on it.

Thats the reason It will never work as a Nostr DM protocol.

Nip-04 with better encryption is #goodenough for so many use cases. Especially, if you can trust the (community or grpup) relay you're using it on.

Trust is involved in one way or another. Marmot just moves that trust almost all the way to the clients. And very few well-intentioned.apps can even implement the thing property. Hard to interop, easy to mess things up on the none-Marmot aspects (multi-device, key package sharing, etc...), ... All very centralizing if you play it out. Compare that to Nip-04 with better encryption. - Where the trade-offs are clear AF. - Where you can interop so easily. - Where you know exactly what to verify in the code of even vibed apps, to know if it does what it needs to. - Where there's an inherent incentive tot go towards personal and community relays. It's not geek-jerk-off-heaven, but it does the job.

Turns out if you want privacy you must either run sth yourself, pay or trust someone not logging. No protocol spec can circumvent the economics of this situation.

And @Five keeps bringing up the good point that for business comms (regarding disputes etc...) you NEED signatures.

This :110percent:

big release in two weeks!

Yeah Nip04 with NIP44 encryption is the best thing out there. So obvious to anyone what it does and does not do. You want to private, use a different key. 🤯

Exactly! Should be MarkDown too I thought today. Better for email-like comms and agent comms too.

Yup. NIP17 I just don't get. It works well for one situation: two humans who trust each other and each have their own dedicated relay. Which, I grant, that is a real situation, and it's a novel solution there, but that's it. Two humans sharing the same relay, you can easily work out who is talking to who, so may as well just have the NIP04 exposed metadata so you're not fooling each other. NIP17 groups is a non-starter for me. And then the giftwrap spam/client-side processing tax on top of it all. I just dunno.

I'm too noob to know if you could easily get an :mail: Email like multi-recipient version to work with this tho. Let me know, if you have insights there 😉

For group email, no, not really. Normal email has several baked-in protections that make this kind of context injection / split-view tomfoolery a lot harder to pull off. You have to go back decades to the very early days of email before you get to a situation like we have now with NIP-17 groups. There are some workarounds, most having to do with every client trying to keep a spying eye on every other client in some George Orwell 1984 JOSN dystopia, but they all end up in this uncanny valley between NIP04 and MLS, too hard for people to understand and not enough payback for being too hard to understand. You could do nostr email with NIP04++ DMs though.

That's what I'm asking, how exactly would Nip-04++ Email work? You just do the same but you: - send it to multiple recipients when needed - include history references of earlier "mails" ?

Ah yeah, mostly the same, but one less event. NIP17 in a group of 5 people is 5 events NIP04++ is 4 events, since you don't need a separate one encrypted for yourself (they're all encrypted to you). And there's enough to work with in the exposed metadata to make these kinds of split-view attacks not worth trying to pull off.

👌

Also NIP17 has a subject-type tag that people can just change randomly, but for NIP04++ email you'd want to make it so the email subject tag holds firm. So subsequent messages like

oops.. like ["e", "999", "wss://relay.io", "root"] with 999 being event ID and the root marker meaning that's the one that started this. Something like that.

Yeah, good point :Drake_Yes: