Encrypted relays and clients.
Storage is never unencrypted, neither npubs nor their content. Transmissions are always encrypted with the recipients npub, and requests are made encrypted with the relays public key. Decrypt-encrypt always happens in one step, so decrypted content is never even sitting in memory where it might go to swap. Booting the system up requires a key that is never stored but only sits in memory until system shutdown, so I've the machine gets compromised or confiscated it can't divulge anything.
I bet a device exists to decrypt content off-system, so the system with the database doesn't have the capability to decrypt on its own with even a temporarily stored key.
James Lewis
npub1nf…pxa3x
2023-08-27 11:30:00
in reply to nevent1q…28ra
Author Public Key
npub1nf9vm6uhs4j7yaysmjn9eqlf7et5t6hvrkdqgpd995vcc9yfjyas0pxa3xPublished at
2023-08-27 11:30:00Event JSON
{
"id": "f17f70a3e88ef20c6390473181a623fc2b6cdeca671ef09cb20e3e88b3dc1588",
"pubkey": "9a4acdeb978565e27490dca65c83e9f65745eaec1d9a0405a52d198c1489913b",
"created_at": 1693135800,
"kind": 1,
"tags": [
[
"e",
"1f9d1ed995b92b660bfde45965ce0931939657b6c40670531d91d10b0d672a5a",
"",
"reply"
],
[
"p",
"1c9dcd8fd2d2fb879d6f02d6cc56aeefd74a9678ae48434b0f0de7a21852f704"
]
],
"content": "Encrypted relays and clients. \n\nStorage is never unencrypted, neither npubs nor their content. Transmissions are always encrypted with the recipients npub, and requests are made encrypted with the relays public key. Decrypt-encrypt always happens in one step, so decrypted content is never even sitting in memory where it might go to swap. Booting the system up requires a key that is never stored but only sits in memory until system shutdown, so I've the machine gets compromised or confiscated it can't divulge anything.\n\nI bet a device exists to decrypt content off-system, so the system with the database doesn't have the capability to decrypt on its own with even a temporarily stored key.",
"sig": "995860ad2939895925355cf9311deff2b2b02bbf3c4d02b0ef3f429624576b4581f140c67b0daa5b6e392c75c913f39b7749c4d48aee37df3875a2ac706b8c9e"
}