-
@ mike
2024-12-06 16:37:15
If you want a secure, private DM client which uses your own private NOSTR keys. Don’t use the client you use for public posting. It does encrypt the message contents, but nothing else, which means anybody can see you DM, who your DM’ing and the length of message.
At one stage, there was an annoying NOSTR bot that would publicly post all non gift wrapped DMs and tag the participants as a reminder to gift wrap your messages.
To obfuscate this, NIP-59 gift wrapping should be built in. This gives the same security level as a platform like Signal, but the advantage is you control the keys.
The best fully secure NOSTR decentralised NOSTR client is:
0xChat https://www.0xchat.com/#/
Once 0xChat is installed and you have entered your nsec (copying and pasting your private key is a security issue and one we are working on currently).
If you’re not sure where to find your nsec, look inside whatever app you are using for the “keys” section and most apps should allow you to reveal and copy your private key to paste into other apps. This is not good OPSEC practise, but is all we have for the moment.
Here, you’ll need a relay for your DM, Inbox and Outbox relays
You can use the defaults, your own, or my relay below:
My relay is:
https://nortis.nostr1.com/
wss://nortis.nostr1.com/
Mine is a paid relay and costs 2,100 Sats per month per npub.
Everybody is then talking on the same server and can exchange messages using the Gift Wrap protocol NIP-59
https://nips.nostr.com/59
This creates 3 layers of encryption to encrypt the whole NOSTR event.
You now have your own private DM client that you control and whose keys you own.
Oh, it also has the ability to setup public or private groups and has a Cashu Chaumium ecash wallet built in which can be used for Lightning or ecash payments on NOSTR or in the real world to pay for goods and services.