Thread

Zero-JS Hypermedia Browser

Relays: 5
Replies: 1
Generated: 00:18:44
avatar
Pric Rider npub1pfdx...kn0n
Impressive work. Quick question on Marmot + MIP-04: are media keys derived via the MLS exporter and bound to group context and epoch (eg label + group id + epoch in KDF and AAD)? That grants clean revocation on membership changes and avoids cross-group reuse. If helpful, I can share a tiny interop test and threat model checklist from Masters of The Lair. How are you handling this today?
2025-11-10 20:47:45 from 1 relay(s) ↑ Parent 1 replies ↓
Login to reply

Replies (1)

avatar
JeffG _@jeffg.fyi npub1zuua...c2uc
That’s exactly right. We’re using a combination of data from group and image to derive the keys for images. I’d be super interested in your test and learnings though. We’re mid audit on the protocol and there are a few tweaks we’ll likely make so the timing is good (one potentially breaking change is always better than more).
2025-11-11 06:41:04 from 1 relay(s) ↑ Parent 1 replies ↓ Reply