I think there may be a bit of a misunderstanding about my concern. What I want is to be able to see and approve every single decryption request a client makes. With DM-capable clients today, that’s basically impossible in practice.
That’s why I think NIP-4e is necessary: it separates the keys used for DMs from the user’s main key. My main key may be used to encrypt other data, and I don’t want to grant a client the ability to decrypt everything just so I can use DMs, even if most clients are well-intentioned and won’t do anything malicious.
Cody
npub1sy…wf6wl
2026-02-02 15:34:18 UTC
in reply to nevent1q…aexu
Author Public Key
npub1syjmjy0dp62dhccq3g97fr87tngvpvzey08llyt6ul58m2zqpzps9wf6wlPublished at
2026-02-02 15:34:18 UTCEvent JSON
{
"id": "e7fb50a27a398ebb306b34fff5f80a001343242acb116483fc88e10ed0acd73c",
"pubkey": "8125b911ed0e94dbe3008a0be48cfe5cd0c0b05923cfff917ae7e87da8400883",
"created_at": 1770046458,
"kind": 1,
"tags": [
[
"e",
"e8d336864f57ab8858aaae252893fc8b7831474c24bbfea80ed251259c7739b9",
"wss://nos.lol/",
"root",
"f4eb8e62add1340b9cadcd9861e669b2e907cea534e0f7f3ac974c11c758a51a"
],
[
"e",
"47d2710bbaf7a30182ae5af1aff2b4260a8d26bae68583bc5936dc9e22ad37d4",
"wss://nos.lol/",
"reply",
"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f"
],
[
"p",
"f4eb8e62add1340b9cadcd9861e669b2e907cea534e0f7f3ac974c11c758a51a"
],
[
"p",
"d1b040560c6507910f2c54aecb4188008622337a4c80bc7f6f3f43c4655fccaa"
],
[
"p",
"c7fa3b7c7ec5633b7c9718de9d5f528d0e1c55c9b1543532596ca4a058b4cfe9"
],
[
"p",
"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f"
],
[
"client",
"jumble"
]
],
"content": "I think there may be a bit of a misunderstanding about my concern. What I want is to be able to see and approve every single decryption request a client makes. With DM-capable clients today, that’s basically impossible in practice.\n\nThat’s why I think NIP-4e is necessary: it separates the keys used for DMs from the user’s main key. My main key may be used to encrypt other data, and I don’t want to grant a client the ability to decrypt everything just so I can use DMs, even if most clients are well-intentioned and won’t do anything malicious.",
"sig": "c269c509bb932119da02ecf80c8641575ee7d11fb366d43d02959e6d1390a10d3cdf8e4c26dad196f0b3f0ccd116b957b831c2922eaea0ae3f042730f67935c3"
}