ExploreTrendingAnalytics
Nostr Archives
ExploreTrendingAnalytics
SimpleX Chat216d ago
An essay explaining why we don't plan to use MLS: https://www.poberezkin.com/posts/2025-08-12-mls-the-naked… A sidenote, is that Nostr's Whitenoise avoids its main problem. TL;DR: MLS security model is "Trust me bro".
💬 14 replies

Replies (14)

Vitor Pamplona216d ago
If white noise avoids it, why not use it?
0000 sats
Vitor Pamplona216d ago
Which doesn't make much sense since all MLS communication on WhiteNoise is wrapped and encrypted again. But maybe I am wrong.
0000 sats
Keychat216d ago
Because sending addresses are decoupled from IDs and constantly change, a message relay cannot reliably infer who is in the group.
0000 sats
Keychat216d ago
—the lack of participation privacy If you understand that in Keychat ID are decoupled from sending/receiving addresses and addresses are continuously rotated, you’ll realize it’s almost impossible for a message relay to identify the participants in a group. 📝 ea5a4232…
0000 sats
SimpleX Chat216d ago
This has the same problem that was drawing criticism with early design of SimpleX network - while there is no persistent/observable identity on the protocol level, there is a fixed transport identity - relays can see which IP addresses communicate with which IP addresses. So it would require a similar solution to what we did with SimpleX network to mitigate it.
0000 sats
JeffG 216d ago
We don't have an "Authentication service" that issues and verifies a user's identity. We use nostr pubkeys for identity. I also think that we avoid the "participation privacy" issue that he mentions in the article but want to clarify what he means with him before claiming anything. 😉
0000 sats
SimpleX Chat216d ago
Yes, the post mentions WhiteNoise
0000 sats
SimpleX Chat216d ago
WhiteNoise is mentioned in the post.
0000 sats
LittleBit104d ago
So the thing is that while Double Ratchet is a good encryption algorithm, MLS is a flawed implementation of it?
0000 sats
SimpleX Chat82d ago
MLS uses ratcheting trees, it's different from Double Ratchet.
0000 sats
LittleBit104d ago
So the thing is that while Double Ratchet is a good encryption algorithm, MLS is a flawed implementation of it?
0000 sats
SimpleX Chat82d ago
MLS uses ratcheting trees, it's different from Double Ratchet.
0000 sats
LittleBit104d ago
Honestly they should make it where if only one device can carry the chat database, then a desktop or server should be the primary device and then a phone or other devices can link to it. Their current solution of linking a mobile to a desktop doesn't really work (at least on iOS) because mobile devices have issues running background processes. I've never tried Session, and I don't know many people who use SimpleX. I do like SimpleX's idea of no accounts though (Session has accounts).
0000 sats
SimpleX Chat216d ago
As for address rotation, it's currently possible manually, so they are not completely static, and this feature is used a lot, and it will be automatic next year. The challenge with automatic rotation is reduced usability - data backups do not allow restoring connections, so it requires smarter approach to make sure that the solution is usable.
0000 sats
Keychat216d ago
Keychat’s receiving address is updated using the Signal double ratchet, and so far rotating the receiving address has had almost no impact on the stability of message reception.
0000 sats