Stacks + Nostr
  • Introduction: Stacks + Nostr
  • SIP and NIP Summaries
    • SIP Summaries
      • SIP-000: The Stacks Improvement Proposal Process
      • SIP-001: Burn Election
      • SIP-002: The Clarity Smart Contract Language
      • SIP-003: Stacks P2P Network
      • SIP-004: Cryptographic Commitment to Materialized Views
      • SIP-005: Blocks, Transactions, and Accounts 👀
      • SIP-006: Clarity Cost Execution Assessment
      • SIP-007: Stacking Consensus
      • SIP-008: Clarity Parsing and Analysis Cost Assessment
      • SIP-009: Standard Trait Definition for Non-Fungible Tokens
      • SIP-010: Standard Trait Definition for Fungible Tokens
      • SIP-012: Burn Height Selection for a Network Upgrade to Introduce New Cost-Limits
      • SIP-013: Standard Trait Definition for Semi-Fungible Tokens
      • SIP-015: Stacks Upgrade of Proof-of-Transfer and Clarity
      • SIP-016: Metadata for Tokens
      • SIP-018: Signed Structured Data
      • SIP-020: Bitwise Operations in Clarity
    • NIP Summaries
      • NIP-1
      • NIP-2
      • NIP-3
      • NIP-4 👀
      • NIP-5 👀
      • NIP-6 👀
      • NIP-7
      • NIP-8
      • NIP-9
      • NIP-10
      • NIP-11
  • Feature Unlocks
    • Decentralized Identity Verification
    • Censorship-Resistant Social Networking
    • Secure Asset Management
    • Private Voting and Governance
    • Decentralized Notifications
    • Trustless Collaboration
  • Related Tech 👀
    • BNS
    • sBTC
  • Experimental Design and Methodology
  • Results and Discussion
  • Conclusion
  • Additional Research
    • ZKP
    • Indistinguishability Obfuscation from Well-Founded Assumptions
  • SIP-xx Draft
  • Disclaimer:
Powered by GitBook
On this page
  1. SIP and NIP Summaries
  2. NIP Summaries

NIP-4 👀

NIP-4 introduces encrypted direct messaging in NOSTR but comes with a security warning due to its limitations and metadata leaks.

NIP-4 introduces encrypted direct messaging with kind 4 events in the NOSTR protocol. The content field contains the base64-encoded, AES-256-CBC encrypted string of the message, followed by the base64-encoded initialization vector (IV) as a querystring parameter. The tags field must have an entry identifying the recipient in the format ["p", "<pubkey, as a hex string>"]. It may include an entry identifying the previous message in a conversation or a message being replied to in the format ["e", "<event_id>"]. Note that the secret used for encryption is the X coordinate of the shared point and not the default libsecp256k1 implementation. A JavaScript code sample is provided for generating an encrypted event.

However, NIP-4 has a security warning stating that it does not meet state-of-the-art encrypted communication standards and leaks metadata in events, so it should not be used for sensitive information. Moreover, clients should avoid processing encrypted messages like regular text notes, as doing so would leak tags and deliver the message to unintended recipients.

Source: https://github.com/nostr-protocol/nips/blob/master/04.md

PreviousNIP-3NextNIP-5 👀

Last updated 2 years ago