Well. Analogies work fine. It starts with an invitation because everything is authenticated.
The invitation happens somewhere else. In person, email, text, whatever you trust to be "good enough"
Dear Alice,
If you would like to communicate send a reply addressed to "Sam" from "Henry" at 42 Windsor Gardens.
Sincerely, Bob
Dear Sam at 42 Windsor gardens,
Dhdh&667fhhrjjjjrjeokdns
Sincerely, Henry
Online all the network can see is that Henry is sending Sam a message at 42 Windsor Gardens
Now substitute cryptographic keys for names. And Ip addresses for physical addresses. The server at that address first checks if "Sam" is a valid alias in that server, if not it just drops the message with no reply. Then it checks if "Henry" is a known contact. Again drop if not. Failure is silent to prevent timing attacks and server discovery via pings.
The contents of the reply will be Alice sending Bob her real key and an alias key so he can contact her at her address.
The only things a man in the middle can see are that two nodes are sending data with some ephemeral public keys and what kind of encryption they are using.
A large actor could figure out from IPs who is talking to who, but that is it. You can always go through some onion routing if you really want.
This doesn't cover all the details, like encryption key derivation, and key rotation, but none of that is visible externally. All you get is alias1@server1 sent a message to alias2@server2 those servers and aliases might not even be the actual source or destination. Just one hop on the way.
Daniel Wigton
npub1w4…q30zp
2026-01-29 15:32:36 UTC
in reply to nevent1q…v6m9
Author Public Key
npub1w4jkwspqn9svwnlrw0nfg0u2yx4cj6yfmp53ya4xp7r24k7gly4qaq30zpPublished at
2026-01-29 15:32:36 UTCEvent JSON
{
"id": "c25cb7f4b712e3017d79643c49acc3f71640e41b66ef363d9695aaa5963ded5d",
"pubkey": "75656740209960c74fe373e6943f8a21ab896889d8691276a60f86aadbc8f92a",
"created_at": 1769700756,
"kind": 1,
"tags": [
[
"alt",
"A short note: Well. Analogies work fine. It starts with an invit..."
],
[
"e",
"d1ff6ddaef84493765ee9b6b09c79c20e4d7c16a4995bddf64ae522d1cbbe276",
"wss://theforest.nostr1.com/",
"root",
"d28413712171c33e117d4bd0930ac05b2c51b30eb3021ef8d4f1233f02c90a2b"
],
[
"e",
"be6986df85e818afe73babd8d871f91faa71f347592c5859eda8ec7b7677dda7",
"wss://theforest.nostr1.com/",
"",
"75656740209960c74fe373e6943f8a21ab896889d8691276a60f86aadbc8f92a"
],
[
"e",
"80cca273ae993ad7f9b43fdeb2898108deac93bf56303d74f0bda426db3418dc",
"wss://theforest.nostr1.com/",
"reply",
"d28413712171c33e117d4bd0930ac05b2c51b30eb3021ef8d4f1233f02c90a2b"
],
[
"p",
"75656740209960c74fe373e6943f8a21ab896889d8691276a60f86aadbc8f92a",
"wss://theforest.nostr1.com/"
],
[
"p",
"d28413712171c33e117d4bd0930ac05b2c51b30eb3021ef8d4f1233f02c90a2b",
"wss://relay.damus.io/"
]
],
"content": "Well. Analogies work fine. It starts with an invitation because everything is authenticated.\n\nThe invitation happens somewhere else. In person, email, text, whatever you trust to be \"good enough\"\n\nDear Alice,\n\nIf you would like to communicate send a reply addressed to \"Sam\" from \"Henry\" at 42 Windsor Gardens.\n\nSincerely, Bob \n\n\nDear Sam at 42 Windsor gardens,\n\nDhdh\u0026667fhhrjjjjrjeokdns\n\nSincerely, Henry \n\n\nOnline all the network can see is that Henry is sending Sam a message at 42 Windsor Gardens\n\nNow substitute cryptographic keys for names. And Ip addresses for physical addresses. The server at that address first checks if \"Sam\" is a valid alias in that server, if not it just drops the message with no reply. Then it checks if \"Henry\" is a known contact. Again drop if not. Failure is silent to prevent timing attacks and server discovery via pings.\n\nThe contents of the reply will be Alice sending Bob her real key and an alias key so he can contact her at her address. \n\nThe only things a man in the middle can see are that two nodes are sending data with some ephemeral public keys and what kind of encryption they are using. \n\nA large actor could figure out from IPs who is talking to who, but that is it. You can always go through some onion routing if you really want.\n\nThis doesn't cover all the details, like encryption key derivation, and key rotation, but none of that is visible externally. All you get is alias1@server1 sent a message to alias2@server2 those servers and aliases might not even be the actual source or destination. Just one hop on the way.",
"sig": "de158da2e30f439aa3f862b4c7033496ec6b009d604b9e29b213cb9e66730dfa7360d40b626d8b79c3522f261dd6ce02298dc2866d6e8cbea4aaa4acdf9cd0d9"
}