Author: alicexbt 2023-08-20 17:13:33+00:00
Published on: 2023-08-20T17:13:33+00:00
In the email, the sender is replying to Dan and apologizing for the late response. They mention that based on their previous communication, they want to share some points after reading an article titled "Serverless PayJoin Gets Its Wings" (link provided: https://payjoin.substack.com/p/serverless-payjoin-gets-its-wings). The sender wants others to also evaluate these points.The points mentioned are as follows:1) The sender doesn't believe that NIP 4 (not defined in the email) has any security issues, but there may be privacy issues. They mention that it is just a metadata leak, which should be fine if a new npub (also not defined) is used each time users do payjoin. The message itself will remain secret because it is encrypted.2) There is a concern about backwards compatibility due to npub, relay, etc. shared in the payjoin URI, as implemented by Kukks (not further explained). The sender is uncertain about how to fix this issue.3) The sender states that relays have no incentive to engage in any malicious activity if multiple relays are used. However, they admit to not being clear about what malicious activity can be done with encrypted messages.4) IP address is mentioned as an issue in many projects, but the sender suggests that users or wallet implementations can manage this by using tools like RiseupVPN, Tor, i2p, etc.5) Some senior developers have suggested using random padding, and the sender agrees that it makes sense. They mention "/dev/fd0 floppy disk guy" without providing further context.The original message from Dan is not included in the extracted information, as only the relevant points from the sender's response are summarized.
Updated on: 2023-08-21T01:52:32.866878+00:00