diff --git a/17.md b/17.md index 0f51367a..a18a0c8e 100644 --- a/17.md +++ b/17.md @@ -108,6 +108,50 @@ It's advisable that users choose relays that conform to these practices. Clients SHOULD guide users to keep `kind:10050` lists small (1-3 relays) and SHOULD spread it to as many relays as viable. +## Key Aliases + +Key Aliases hide the user's main key from the public gift wrap. + +Key Alias Events use `kind:10059` replaceable events to privately inform peers of the set of pub keys a user is ALSO subscribing their GiftWrap filters with. The event MUST include a `p` tag for each active public key with an optional relay url to be used with that key. These keys work in addition to the user's main public key. The `relay` url MAY or MAY NOT be included in the user's private inbox relay list (i.e. kind `10050`), + +```js +{ + "pubkey": "", + "kind": 10059, + "created_at": now(), + "tags": [ + ["p", "", ""] + ["p", "", ""] + ["p", "", ""] + ["expiration", "1600000000"] // optional + ] +} +``` + +`kind:10059` MUST be unsigned, sealed, and gift-wrapped to each receiver individually. They MAY or MAY NOT contain the same aliases for every receiver. + +Receiving Clients SHOULD pick one of the keys listed as `p` tags in this event to use as `receiverPublicKey`. Both the wrap and the seal SHOULD be encrypted with this key. + +Receiving Clients SHOULD expect a rotation of these aliases and MUST not store past versions of this event. + +In order to decrypt incoming wraps, Sending Clients SHOULD store the private key for all pubkey aliases in an encrypted kind `10058` event. + +```js +{ + "kind": 10058, + "tags": [], + "content": nip44Encrypt(JSON.stringify([ + ["p", "", "", ""] + ["p", "", "", ""] + ["p", "", "", ""] + ["p", "", "", ""] + ["p", "", "", ""] + ])) +} +``` + +Private tags are JSON Stringified, NIP-44-encrypted to the signer's keys and placed inside the `.content` of the event. + ## Benefits & Limitations This NIP offers the following privacy and security features: