Semisol @Semisol - 17d
Introducing a new general purpose event encryption proposal that completely hides the sender and recipient including from relays in a way that is DoS resistant, and has plausible deniability, and forward secrecy. https://gist.github.com/Semisol/bc0b36915d9898e03f150e1a8cb25c00
The ₿itographer⚡️ @The ₿itographer⚡️ - 17d
Wait.... that sounds too good. What's the catch?
There’s none
Well you need a protocol to sync shit across your devices if you have multiple.
sommerfeld @sommerfeld - 17d
Holy shit, how long was this cooking?
not long. wrote it up in an hour or two. compared to gift wraps, it provides DoS resistance as you can only ask for events in channels you care about, relays can filter initialization events using pubkeys, forward secrecy is possible, and plausible deniability is also possible since any party can forge a conversation making any evidence as good as “trust me bro”
s/forward secrecy is possible/forward secrecy is the default/
mleku™️ @mleku - 17d
it doesn't seem to me like this really solves the problem, if we assume the attacker has control of the relay that was sent the channel inits, maybe i'm missing something? also, the channel state has to be stored by both ends somehow, or it only works, like simplex, per client key
the worst a relay can do is drop messages. the key generated for channels is completely unrelated to the init message, and it can be queried from a dedicated connection on say a different tor circuit.
Gift wraps lack deniability and forward secrecy. They also still leak metadata which this protocol does less and gift wraps are not DoS resistant. Gift wraps also “obscure” created_at for no reason (relays still know) and make it harder to implement sync.
maybe you haven't actually written any relay code, because you would then understand the relay sees the IP addresses they are coming from piece of cake to just log all that and filter for correlations between channel requests and IP addresses or, like i say, am i missing something?
I just said use a dedicated tor circuit to query for events on each channel. You can’t correlate two different circuits via IP because they have different exit nodes.