WingNews logo WingNews
top | item 44337235

(no title)

shark_laser | 8 months ago

Why not 0xchat?

Private key login, encrypted private chats and contacts, encrypted group chats, and lightning payments. Decentralised, built on Nostr. Available on all platforms.

https://www.0xchat.com/

discuss

order

maqp|8 months ago

https://github.com/0xchat-app states it doesn't have desktop clients.

Also, the direct messages have three types

1) NIP-04 DM: "Most widely used", but also, "not recommended". Reeks of Telegram that also has non-secret chats being the most popular option

2) Gift-Wrapped DM: Uses different encryption algorithm but no forward secrecy? Forward secrecy has been around for 20 years.

3) Secret DM: Can't be recovered on different devices. Why can't the backup be self-contained database like Signal has?

Also "Secret chat requires consent from peer." Like what :D You have to wait for contact's approval to have a private conversation with them. Sounds like it incentivizes all chats to start with less secure protocols.

The nice part about writing your own chat system is the security agility in that you can bump any security property without having to fight with protocol standardization bodies. Having three DM protocols inside the same app is wild.

rpdillon|8 months ago

I think the point here is that everyone has email. A chat client built on Nostr is fine (and I want to love Nostr), but it just doesn't have the reach or ubiquity of email.

lxgr|8 months ago

Nor does Delta. Nobody will “chat” with me via their Gmail email focused UI, so it’s effectively a separate network anyway.

Using an email address as an identifier for IM is a great idea (I hate that everything uses phone numbers for this, which are not internationally portable and not possible to reasonably “self-custody” the way TLDs are).

But using the actual email protocol as a backing protocol for instant messaging seems like a weird contortion and still makes this effectively a separate protocol, the split being servers that do and don’t support all necessary extensions. The overhead must also be staggering; just look at an email header to see how much is going on for each message these days.

AJ007|8 months ago

When you start looking at alternative messengers outside of Matrix, XMPP, and IRC, there isn't much where third parties can operate or implement both servers and clients.

Certainly if no one can implement these two things it is functionally a closed source project. It also is a security failure from the standpoint of control, validation, and also future security and vulnerability patching (there's a graveyard of dead "secure" messaging apps.)

Is DeltaChat perfect from a security standpoint? No, but it's certainly well above the hurdle most people are at now. Most people are using non-encrypted communication that is actively scanned & stored, or e2e on paper stuff where one party controls the client, server, application, and storage (trust me e2e security.)

Telegram, Discord, Facebook Messenger, stop using that shit.

heavyset_go|8 months ago

Doesn't Nostr expose the fact that you sent messages to certain people via its blockchain?

unboxingelf|8 months ago

Nostr doesn’t have a blockchain or token.

Notes and Other Stuff Transmitted by Relays.

It’s just signed json messages distributed by [websocket] relays.

data_maan|8 months ago

0xchat on the surface seems better: looks like a professionally maintained codebase, with clear ways to interact with the devs.

But - has there been security audit been done?

emptysongglass|8 months ago

Is it just me or does the website render poorly on mobile?