Damus
Open in Damus
Gzuuus · 7w
Definitely, or even obfuscated with a derived key. It would be nice if signers came with a 'derive' method so that apps could request derived keys. Of course, this is nuanced and would require the use...
 mleku profile picture
mleku @mleku
the second key used for ECDH with ASD is a one shot only need its secret while generating it, the public key in the prefix with the nonce lets you decrypt the message if you use a key you have the secret for as the second key. PKI based encryption is confusing at first, but you can always encrypt to yourself using a one shot second key, if you have the private key from the other half.
Gzuuus · 7w
Hey, that's interesting. I've never heard about this one-shot ECDH. I was digging a bit and thinking about how apps can respect user privacy more. AFAIK, the one-shot approach generates a new derived key each time, which is great. However, for app-specific data where a long-term relationship is expe...