They are not only. The problem with decryption is that the signer doesn’t know what kind of event it is decrypting, so a lists app can decrypt DMs.
You could say “let’s send the event to decrypt that is signed”, but the problem there is that the app can:
1. Take the ciphertext from a kind it does not have access to
2. Ask the app to sign an event with that ciphertext and with a kind it has access to
3. Ask it to decrypt that event
The only robust solution is NIP-44 v3
semisol
npub122…cgrkj
2026-05-16 21:41:13 UTC
in reply to nevent1q…48t4
Author Public Key
npub12262qa4uhw7u8gdwlgmntqtv7aye8vdcmvszkqwgs0zchel6mz7s6cgrkjPublished at
2026-05-16 21:41:13 UTCEvent JSON
{
"id": "68e11c41895c8abda771b448b40766f07b4eb74bc5a3083956d6106df07355e9",
"pubkey": "52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd",
"created_at": 1778967673,
"kind": 1,
"tags": [
[
"e",
"834cac7ba88ecbb9213b3fa3c5cb59bd56de508204d854a163680eaf9833257a",
"wss://smesh.lol",
"root"
],
[
"e",
"a69cd52b523348ff7d213e3fd91293bceae1ab219d2aa60bdc65e5128bf922eb",
"wss://nos.lol",
"reply",
"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f"
],
[
"p",
"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f"
]
],
"content": "They are not only. The problem with decryption is that the signer doesn’t know what kind of event it is decrypting, so a lists app can decrypt DMs.\n\nYou could say “let’s send the event to decrypt that is signed”, but the problem there is that the app can:\n1. Take the ciphertext from a kind it does not have access to\n2. Ask the app to sign an event with that ciphertext and with a kind it has access to\n3. Ask it to decrypt that event\n\nThe only robust solution is NIP-44 v3",
"sig": "e8c43a50957bc746cb9d96429535d040b40f808fd568a79c84002dd1908416d59bde1403b05ab411a6cb093e7447dc30eff6941eed53b5e48adb697ef79d47e2"
}