NIP-46 - Nostr Remote Signing Rationale Private keys should be exposed to as few systems - apps, operating systems, devices - as possible as each system adds to the attack surface. This NIP describes a method for 2-way communication between a remote signer and a Nostr client. The remote signer could be, for example, a hardware device dedicated to signing Nostr events, while the client is a normal Nostr client.

NIP-57 Lightning Zaps draft optional This NIP defines two new event types for recording lightning payments between users. 9734 is a zap request, representing a payer’s request to a recipient’s lightning wallet for an invoice. 9735 is a zap receipt, representing the confirmation by the recipient’s lightning wallet that the invoice issued in response to a zap request has been paid. Having lightning receipts on nostr allows clients to display lightning payments from entities on the network.

NIP-56 Reporting optional A report is a kind 1984 event that signals to users and relays that some referenced content is objectionable. The definition of objectionable is obviously subjective and all agents on the network (users, apps, relays, etc.) may consume and take action on them as they see fit. The content MAY contain additional information submitted by the entity reporting the content. Tags The report event MUST include a p tag referencing the pubkey of the user you are reporting.

OpenSSL is an open-source software library that provides secure communications over computer networks and is widely used for implementing encryption and decryption for various purposes. In this tutorial, you will learn how to encrypt and decrypt files using OpenSSL on the command line. Step 1: Install OpenSSL OpenSSL is typically installed on most Unix-based systems, including Linux and macOS. To verify if OpenSSL is installed on your system, run the following command in the terminal:

NIP-23 Long-form Content draft optional This NIP defines kind:30023 (a parameterized replaceable event) for long-form text content, generally referred to as “articles” or “blog posts”. kind:30024 has the same structure as kind:30023 and is used to save long form drafts. “Social” clients that deal primarily with kind:1 notes should not be expected to implement this NIP. Format The .content of these events should be a string text in Markdown syntax. To maximize compatibility and readability between different clients and devices, any client that is creating long form notes:

NIP-65 Relay List Metadata draft optional Defines a replaceable event using kind:10002 to advertise preferred relays for discovering a user’s content and receiving fresh content from others. The event MUST include a list of r tags with relay URIs and a read or write marker. Relays marked as read / write are called READ / WRITE relays, respectively. If the marker is omitted, the relay is used for both purposes.

7zip is a popular open-source file archiving software that supports a wide range of compression formats, including its own .7z format. It also offers strong encryption features, which can be accessed via the command line. In this tutorial, you will learn how to encrypt not only the contents of a file but also the file names using 7zip from the command line. Step 1: Download and Install 7zip To use 7zip from the command line, you first need to download and install the software.

In today’s digital world, privacy and security are more important than ever. As the amount of sensitive information being stored and transmitted electronically continues to grow, it’s essential to have tools that can protect this information from being intercepted and misused. One such tool is GPG, an encryption program that has been at the forefront of secure communication for over 25 years. In this article, we’ll take a look at the history of GPG, from its early days as PGP to its current form as GnuPG.

Introduction Jailbreaking an iOS device involves removing the restrictions imposed by Apple and gaining root access to the underlying operating system. While jailbreaking can provide users with more freedom and customization options, it also comes with significant security risks. In this article, we will discuss the security implications of jailbreaking an iOS device and provide some recommendations for keeping your device secure. Jailbreaking iOS Device Risks One of the main security risks associated with jailbreaking is that it exposes the device to malware and other malicious software.

In today’s digital age, the internet has become an integral part of our lives. From online shopping and banking to social media and messaging, we rely on the internet for almost every aspect of our personal and professional lives. With this increased reliance on the internet comes the need for better protection of our sensitive information. This is where end-to-end encryption comes in. End-to-end encryption (E2EE) is a method of secure communication that protects the privacy of the message being sent.

In January 2021, a massive data leak of Twitter user information was discovered. The leak affected over 330 million Twitter users, and included sensitive information such as email addresses, phone numbers, and locations. The source of the leak was a hacker group that claimed to have gained access to Twitter’s internal systems. The Twitter data leak is a stark reminder of the vulnerability of personal information in the digital age. With the increasing use of social media and other online platforms, our personal data is being stored in vast quantities by companies and organizations.

In recent years, Facebook has been at the center of several high-profile data breaches, which have resulted in the personal information of millions of users being exposed. These breaches have raised serious concerns about the security of personal information in the digital age and the potential dangers of sharing sensitive data on social media. The most notable of these breaches was the Cambridge Analytica scandal in 2018, where the personal data of 87 million Facebook users was harvested and used for political advertising purposes.

In recent years, there have been several high-profile data breaches involving Google, one of the largest tech companies in the world. These breaches have raised serious concerns about the security of personal information and the potential dangers of using online services. One of the most notable data breaches involving Google was the exposure of personal data of hundreds of thousands of Google+ users in 2018. The breach was caused by a software vulnerability, which allowed third-party developers to access sensitive information such as name, email address, occupation, and gender.

Cryptocurrency has taken the world by storm and Bitcoin is one of the most widely used virtual currencies. Despite its growing popularity, Bitcoin and other cryptocurrencies have faced several data breaches, which have raised concerns about the security of digital currencies. In this article, we’ll take a look at some of the most significant Bitcoin data breaches and the impact they have had on the cryptocurrency market. Mt. Gox Mt. Gox was one of the largest Bitcoin exchanges in the world, handling over 70% of all Bitcoin transactions at its peak.

NIP-21 nostr: URI scheme draft optional This NIP standardizes the usage of a common URI scheme for maximum interoperability and openness in the network. The scheme is nostr:. The identifiers that come after are expected to be the same as those defined in NIP-19 (except nsec). Examples nostr:npub1sn0wdenkukak0d9dfczzeacvhkrgz92ak56egt7vdgzn8pv2wfqqhrjdv9 nostr:nprofile1qqsrhuxx8l9ex335q7he0f09aej04zpazpl0ne2cgukyawd24mayt8gpp4mhxue69uhhytnc9e3k7mgpz4mhxue69uhkg6nzv9ejuumpv34kytnrdaksjlyr9p nostr:note1fntxtkcy9pjwucqwa9mddn7v03wwwsu9j330jj350nvhpky2tuaspk6nqc nostr:nevent1qqstna2yrezu5wghjvswqqculvvwxsrcvu7uc0f78gan4xqhvz49d9spr3mhxue69uhkummnw3ez6un9d3shjtn4de6x2argwghx6egpr4mhxue69uhkummnw3ez6ur4vgh8wetvd3hhyer9wghxuet5nxnepm Source: nostr-protocol/nips/21.md version: 37f6cbb 2023-11-15T21:42:51-03:00

In 2013, Yahoo experienced one of the largest data breaches in history, resulting in the personal information of over 3 billion users being exposed. This breach was a major wake-up call for users about the dangers of sharing personal information online and the importance of online privacy. The Yahoo data breach was caused by a state-sponsored hacker who gained access to the company’s systems and stole sensitive information such as names, email addresses, phone numbers, dates of birth, and security questions and answers.

In the world of technology, data breaches are becoming more and more common. From large corporations to small businesses, no one is safe from the prying eyes of cybercriminals. In this article, we’ll take a wild ride through some of the most famous data breaches of all time and see just how much information was stolen. Buckle up and let’s get started! Yahoo (2013) - This massive breach affected all 3 billion of Yahoo’s user accounts.

OpenSSL and BoringSSL are two of the most widely used cryptography libraries in the world, both providing essential encryption and secure communication services to millions of websites, applications, and devices. While both libraries are widely trusted, they differ in important ways when it comes to security and performance. In this article, we’ll take a closer look at the two libraries and compare them in terms of vulnerabilities, performance, and source code.

The most famous OpenSSL vulnerabilities OpenSSL is a widely used open-source cryptography library that provides secure communication for many websites and applications. Despite its widespread use, OpenSSL has suffered from a number of critical vulnerabilities over the years, exposing sensitive information and putting the security of millions of users at risk. In this article, we’ll take a look at some of the most famous OpenSSL vulnerabilities. Heartbleed (2014) - One of the most famous OpenSSL vulnerabilities of all time, Heartbleed allowed attackers to steal sensitive information, including passwords and encryption keys, from memory.

The most famous BoringSSL vulnerabilities BoringSSL is a fork of OpenSSL, created by Google, that aims to provide a more secure and performant cryptography library. Despite its focus on security, BoringSSL has suffered from a number of critical vulnerabilities over the years, exposing sensitive information and putting the security of millions of users at risk. In this article, we’ll take a look at some of the most famous BoringSSL vulnerabilities.

WhatsApp is a popular cross-platform instant messaging app that has over two billion monthly active users. It is known for its end-to-end encryption, which promises to protect the privacy of users’ messages and calls. However, the security of WhatsApp has been called into question after several data breaches have been reported in recent years. One of the most significant data breaches involving WhatsApp occurred in May 2019, when it was revealed that spyware was used to infiltrate the phones of human rights activists and journalists.

NIP-50 Search Capability draft optional Abstract Many Nostr use cases require some form of general search feature, in addition to structured queries by tags or ids. Specifics of the search algorithms will differ between event kinds, this NIP only describes a general extensible framework for performing such queries. search filter field A new search field is introduced for REQ messages from clients: { ... "search": <string> } search field is a string describing a query in a human-readable form, i.

Apple is known for its strong commitment to privacy and security, with the company often highlighting these features as a selling point for its products. Despite this reputation, there have been several high-profile data breaches involving Apple over the years. In this article, we’ll take a look at some of the most well-known data breaches affecting Apple, what information was leaked, and what you can do to protect your privacy.

NIP-33 Parameterized Replaceable Events final mandatory Moved to NIP-01 . Source: nostr-protocol/nips/33.md version: 37f6cbb 2023-11-15T21:42:51-03:00

NIP-45 Event Counts draft optional Relays may support the verb COUNT, which provides a mechanism for obtaining event counts. Motivation Some queries a client may want to execute against connected relays are prohibitively expensive, for example, in order to retrieve follower counts for a given pubkey, a client must query all kind-3 events referring to a given pubkey only to count them. The result may be cached, either by a client or by a separate indexing server as an alternative, but both options erode the decentralization of the network by creating a second-layer protocol on top of Nostr.

NIP-18 Reposts draft optional A repost is a kind 6 event that is used to signal to followers that a kind 1 text note is worth reading. The content of a repost event is the stringified JSON of the reposted note. It MAY also be empty, but that is not recommended. The repost event MUST include an e tag with the id of the note that is being reposted. That tag MUST include a relay URL as its third entry to indicate where it can be fetched.

NIP-42 Authentication of clients to relays draft optional This NIP defines a way for clients to authenticate to relays by signing an ephemeral event. Motivation A relay may want to require clients to authenticate to access restricted resources. For example, A relay may request payment or other forms of whitelisting to publish events – this can naïvely be achieved by limiting publication to events signed by the whitelisted key, but with this NIP they may choose to accept any events as long as they are published from an authenticated user; A relay may limit access to kind: 4 DMs to only the parties involved in the chat exchange, and for that it may require authentication before clients can query for that kind.

NIP-19 bech32-encoded entities draft optional This NIP standardizes bech32-formatted strings that can be used to display keys, ids and other information in clients. These formats are not meant to be used anywhere in the core protocol, they are only meant for displaying to users, copy-pasting, sharing, rendering QR codes and inputting data. It is recommended that ids and keys are stored in either hex or binary format, since these formats are closer to what must actually be used the core protocol.

NIP-40 Expiration Timestamp draft optional The expiration tag enables users to specify a unix timestamp at which the message SHOULD be considered expired (by relays and clients) and SHOULD be deleted by relays. Spec tag: expiration values: - [UNIX timestamp in seconds]: required Example { "pubkey": "<pub-key>", "created_at": 1000000000, "kind": 1, "tags": [ ["expiration", "1600000000"] ], "content": "This message will expire at the specified timestamp and be deleted by relays.\n", "id": "<event-id>" } Note: The timestamp should be in the same format as the created_at timestamp and should be interpreted as the time at which the message should be deleted by relays.

NIP-36 Sensitive Content / Content Warning draft optional The content-warning tag enables users to specify if the event’s content needs to be approved by readers to be shown. Clients can hide the content until the user acts on it. l and L tags MAY be also be used as defined in NIP-32 with the content-warning or other namespace to support further qualification and querying. Spec tag: content-warning options: - [reason]: optional Example { "pubkey": "<pub-key>", "created_at": 1000000000, "kind": 1, "tags": [ ["t", "hastag"], ["L", "content-warning"], ["l", "reason", "content-warning"], ["L", "social.