Cool that Nostr chats are getting a security audit from @paulm of noble-cyphers fame. Wondering what kind of security guarantees Nostr DMs provide and how Farcaster, Status, and/or XMTP compare

Security, austrian school. Developing noble cryptography: audited js libraries for web3. https://paulmillr.com/noble

Cool that Nostr chats are getting a security audit from @paulm of noble-cyphers fame. Wondering what kind of security guarantees Nostr DMs provide and how Farcaster, Status, and/or XMTP compare
https://x.com/paulmillr/status/1803970529629487114

BDFL of Quilibrium, Eng @ Farcaster, ex-Coinbase, always opinionated, never hydrated

/quilibrium

Software Engineer @ Cadence Design Systems. B4: Stanford EE / Illinois ECE

.@cassie made fc dms which are superior in security (signal ratchet), but it seemed quite complex. It’s unclear if the ratchet is still being used.

Nip44 is very simple and doesn’t guarantee much. In fact you can check this in its disclaimers section. It’s just a good start.

No one uses status. Smtp leaks metadata everywhere and is not e2ee.

DCs on Warpcast lost E2EE a while ago so we could support web DCs, but we'd like to revisit this some point soon now that PRF is on the menu

webauthn's PRF feature — can provide a way we can restore E2EE for DCs on web by "unlocking" access via passkeys, but of course with the caveat that web browsers still have a much bigger blast radius for attack compared to an app