From a8fab58526f3cafa9d511512e2881f505fbe1626 Mon Sep 17 00:00:00 2001 From: fiatjaf Date: Tue, 7 Mar 2023 07:31:21 -0300 Subject: [PATCH] add security warning on nip-04. --- 04.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/04.md b/04.md index 153456ae..63b1177f 100644 --- a/04.md +++ b/04.md @@ -43,3 +43,7 @@ let event = { content: encryptedMessage + '?iv=' + ivBase64 } ``` + +## Security Warning + +This standard does not go anywhere near what is considered the state-of-the-art in encrypted communication between peers, and it leaks metadata in the events, therefore it must not be used for anything you really need to keep secret, and only with relays that use `AUTH` to restrict who can read your `kind:4` events.