Jeff Thibault

@jb55 @Cameri I created a new PR. The NIP now contains a way to obfuscate the sender and receiver's pubkey. POC python code also added.

> * how is R[d-] defined? in order for receiver to send back DMs from the R[d+] pubkey they will need to know the R[d-] It's the same as Step...

Yeah, an outside observer will have no clue what people are talking to each other. However, if two people are messaging via a malicious relay, such as one that logs...

> @jeffthibault any chance we could see a working implementation of this NIP? There is a link to the POC implementation code that I wrote at the top of this...

It seems like this kind of timing analysis is possible but as you mention, it is only probabilistic, not conclusive. You correctly mention that the probability of discovering the recipient's...

@phyro Thanks for clearly breaking it down. The analysis is both logical and valid. With that being said, it does rely on the heuristic that `B'` will first appear on...

A thought I had to reduce the bloat that @fiatjaf mentioned is to make the decoy key proof event ephemeral. The clients do not need them after initial contact so...

> If both clients are not connected at the same time the ephemeral event will be missed. Something to be aware of. Right... Okay, will leave it as is for...

@ursuscamp I understand your confusion. The content of the DKP is encrypted. In the spec, I am just trying to show what the content looks like in plaintext because it...

@bebopkid I would not say this and #27 are duplicates. Although they are similar.