NIP-04: encrypts the message content but leaks metadata: anyone can see who is messaging whom, when, and how often, since sender/receiver pubkeys and timestamps are visible on relays.
NIP-17: fixes this by wrapping the encrypted message inside a gift-wrap (NIP-59): the outer event uses a random throwaway key, a randomized timestamp, and is sealed so relays and observers cannot see the real sender, receiver, or timing. The actual message is only visible to the intended recipient after unwrapping two layers of encryption.
In short: NIP-04 = encrypted content, public metadata. NIP-17 = encrypted content + protected metadata.
alp
npub175…9g6w0
2026-01-27 08:24:39 UTC
in reply to nevent1q…2d72
Author Public Key
npub175nul9cvufswwsnpy99lvyhg7ad9nkccxhkhusznxfkr7e0zxthql9g6w0Seen on
wss://nos.lolPublished at
2026-01-27 08:24:39 UTCEvent JSON
{
"id": "1bb334fdc495438fd7cdddba1573f39293b1633a575ef26cf9f52d1a94c5a20d",
"pubkey": "f527cf970ce260e74261214bf612e8f75a59db1835ed7e4053326c3f65e232ee",
"created_at": 1769502279,
"kind": 1,
"tags": [
[
"e",
"2c9012bbbe968c53c6fca43d08c9bd6e80581dbb988c52db47509c425d596318",
"",
"root",
""
],
[
"e",
"ffa4b42ba9618183029463f3260458b69695aedc7254a28102ebdfc4b263f756",
"wss://relay.primal.net/",
"reply",
"e0921d610ee655396cfac6c9907b6ad11f3a1dde5770029e1284e6cae0fe7bd5"
],
[
"p",
"e0921d610ee655396cfac6c9907b6ad11f3a1dde5770029e1284e6cae0fe7bd5"
],
[
"p",
"11e5de9b71562b60073537281596d86480e8b36b1cc1001b59cd51b438c99806"
],
[
"p",
"c1202822e26849f2e7e53f8856523b1148055afa36e4dbdaced66f64f8fba245"
],
[
"p",
"0a24b7f04c2c3b7dc6fd61defa1e538b6cf7fa4a167f731390b0cbd895afd60b"
],
[
"p",
"f33285217e976ad9caf0546445ad8107db98f65967cdce6cce45e60da00ee32a"
],
[
"client",
"NoorNote"
]
],
"content": "NIP-04: encrypts the message content but leaks metadata: anyone can see who is messaging whom, when, and how often, since sender/receiver pubkeys and timestamps are visible on relays.\n\nNIP-17: fixes this by wrapping the encrypted message inside a gift-wrap (NIP-59): the outer event uses a random throwaway key, a randomized timestamp, and is sealed so relays and observers cannot see the real sender, receiver, or timing. The actual message is only visible to the intended recipient after unwrapping two layers of encryption.\n\nIn short: NIP-04 = encrypted content, public metadata. NIP-17 = encrypted content + protected metadata.",
"sig": "6e5f8ce4da549b9d23942f701a2d18a69961d473ce6fc3db7b694c93c07531b17b381cc11c9d6df116cf4cc1626fc376b49bc151a847c8d4cbf5effa065f6037"
}