nostr/nips
1
0
Fork 0
mirror of https://github.com/nostr-protocol/nips.git synced 2024-09-18 11:13:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added NIP-04 metadata leak warning

Browse Source
This commit is contained in:
Bartholomew Joyce 2023-03-23 08:54:22 -06:00 committed by fiatjaf_
parent 2394e5cc63
commit 56f84f79bd
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
04.md
View File

@ -47,3 +47,7 @@ let event = {
## Security Warning
This standard does not go anywhere near what is considered the state-of-the-art in encrypted communication between peers, and it leaks metadata in the events, therefore it must not be used for anything you really need to keep secret, and only with relays that use `AUTH` to restrict who can fetch your `kind:4` events.
## Client Implementation Warning
Client's *should not* search and replace public key or note references from the `.content`. If processed like a regular text note (where `@npub...` is replaced with `#[0]` with a `["p", "..."]` tag) the tags are leaked and the mentioned user will receive the message in their inbox.