aiolabs/webapp
1
0
Fork 0
Code Issues 16 Pull requests 1 Projects Releases Packages Wiki Activity Actions

Migrate private messaging from NIP-04 to NIP-17 #10

New issue
Open
opened 2026-01-01 20:40:30 +00:00 by padreug · 1 comment
padreug commented 2026-01-01 20:40:30 +00:00
Owner
Copy link

Problem

NIP-04 (the original Nostr direct message scheme) leaks significant metadata:

  • Recipient's public key is visible in event tags
  • Makes it possible to infer who is communicating with whom
  • Uses outdated encryption (AES-256-CBC with non-hashed ECDH key)
  • No forward secrecy

Solution

Migrate to NIP-17 which combines:

  • NIP-44 encryption (ChaCha20 with HKDF-derived conversation key)
  • NIP-59 gift-wrapping to hide the encrypted message inside another event

Privacy benefits of NIP-17:

  • No metadata leak - Participant identities are hidden
  • Hidden timestamps - Each message's real date/time is concealed
  • Hidden event kinds - Event types are obscured
  • Hidden tags - Other event tags are not visible publicly

References

Future Consideration

For large group messaging, consider NIP-EE (MLS-based) which provides better scalability and forward secrecy, though NIP-17 is sufficient for 1-to-1 and small group conversations.

## Problem NIP-04 (the original Nostr direct message scheme) leaks significant metadata: - Recipient's public key is visible in event tags - Makes it possible to infer who is communicating with whom - Uses outdated encryption (AES-256-CBC with non-hashed ECDH key) - No forward secrecy ## Solution Migrate to **NIP-17** which combines: - **NIP-44** encryption (ChaCha20 with HKDF-derived conversation key) - **NIP-59** gift-wrapping to hide the encrypted message inside another event ### Privacy benefits of NIP-17: - **No metadata leak** - Participant identities are hidden - **Hidden timestamps** - Each message's real date/time is concealed - **Hidden event kinds** - Event types are obscured - **Hidden tags** - Other event tags are not visible publicly ## References - [NIP-17 specification](https://www.e2encrypted.com/nostr/nips/17/) - [NIP-44 PR](https://github.com/nostr-protocol/nips/pull/574) - [NIP-59 improved direct messages](https://github.com/nostr-protocol/nips/pull/351) - [Nostr NIPs repository](https://github.com/nostr-protocol/nips) ## Future Consideration For large group messaging, consider NIP-EE (MLS-based) which provides better scalability and forward secrecy, though NIP-17 is sufficient for 1-to-1 and small group conversations.
padreug commented 2026-01-01 20:43:49 +00:00
Author
Owner
Copy link

Related: nostrmarket

This also affects aiolabs/nostrmarket which uses private messaging for merchant/customer communication.

Recommended approach: Implement backwards compatibility

  • Support receiving both NIP-04 (old) and NIP-17 (new) messages
  • Send new messages using NIP-17
  • Display a warning when receiving NIP-04 messages indicating the sender is using an outdated/less private protocol

This allows gradual migration without breaking existing conversations.

## Related: nostrmarket This also affects `aiolabs/nostrmarket` which uses private messaging for merchant/customer communication. **Recommended approach:** Implement backwards compatibility - Support receiving both NIP-04 (old) and NIP-17 (new) messages - Send new messages using NIP-17 - Display a warning when receiving NIP-04 messages indicating the sender is using an outdated/less private protocol This allows gradual migration without breaking existing conversations.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
atio
demo-newui
feat/link-agg/newlayout
feature/link-aggregator
demo-login
cfaun
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: aiolabs/webapp#10
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?