NIP-46, NIP-51, NIP-90: "encrypted" tag to indicate the encryption method used#1259
NIP-46, NIP-51, NIP-90: "encrypted" tag to indicate the encryption method used#1259alexgleason wants to merge 4 commits into
Conversation
alexgleason
changed the title
|
I modified NIP-51 as well. EDIT: And NIP-24. |
|
This doesn't solve anything because NIP-44 support still has to be hardcoded. |
|
The "encrypted" tag lets users (or clients) optionally encrypt data in certain events. The same tag can also be used to indicate the encryption method used. Of course people sill have to implement NIP-44. But don't you see the bigger picture of why this tag is a good idea? To put it another way: should we remove the This is consistency and unification of events with optionally-encrypted payloads. |
|
I had written a long answer, but decided to not post it. I've written these same arguments way too many times and I don't want to bore the reader. |
|
I don't think adding a value helps at all, because it's easy to detect the difference between 04 and 44 (04 has |
Not only has
|
|
The main thing I was trying to solve is having an optionally-encrypted event that may be either nip04, nip44, or not encrypted at all. Then I realized the "encrypted" tag could be useful to put on any encrypted event. It seems better than detecting the encryption to go with the author's intention. |
|
It's not detecting based on the author's intention, but based on a standard everybody follows. |
The issue is that the encrypted tag might not be aligned with the |
|
I feel like yall are missing my point. I created a new NIP-78 event. This event is optionally encrypted: {
kind: 30078,
tags: [['d', 'pub.ditto.pleroma_settings_store']],
content: JSON.stringify(settingsStore),
}or: {
kind: 30078,
tags: [['d', 'pub.ditto.pleroma_settings_store'], ['encrypted', 'nip44']],
content: signer.nip44.encrypt(JSON.stringify(settingsStore)),
}To me this is obviously valuable. And the My mistake in this MR was touching NIP-46, which I know brings up a lot of feelings. |
|
I would never use the tag. I would just check if:
The tag is just noise.
It's not about NIP-46. |
|
@vitorpamplona I coded that and then reverted it because it seems wrong for clients to "guess" about the encryption method being used. It tickles that part of my brain that wonders how I can exploit it, and it seems to not be a best practice regarding security. Also, if the event content is a string that isn't a JSON-stringified object, an |
I don't think there is an alternative. Resilient clients will have to guess or end up not displaying some content. Knowing the mess already out there, I can't trust the signing client to set the |
Be careful to not run Vitor's code without first checking that the content is at least 28 characters long. |
Future bug: I mentioned kim iversen and then Amethyst broke. It thought the content was encrypted because I typed "iv". |
|
I should be able to paste an entire nip04 ciphertext into a note without a breaking. |
|
Hum.. I think it's something else. The IV check is not in production yet 🤔 |
Coracle detects encryption type based on |
5 participants
I remembered that NIP-90 has an "encrypted" tag with no value, and it got me thinking we could utilize that tag as a more general-purpose "hey the thing in the content is encrypted" indicator, for events that may or may not have encrypted data.
Then I realized, since it has no value, we could add a
"nip04" | "nip44"to indicate the type of encryption used.Then I realized we could also use this tag on NIP-46 to help ease the transition in #1095 #1248
As I'm typing this I realize(fixed), that we could also use this on NIP-51 lists which also have an "optionally encrypted" criteria, and might also want to benefit from knowing which encryption is used.So basically it's one simple idea that solves a lot of problems.