nbAfter extensive research into decentralized social networks, it is now time for a state of the art 🧵 thread on the subject of #DataSovereignty and its relation to end-to-end encryption and decentralized identity management. For this, I will contrast the two currently most used decentralized social networks protocols: #ActivityPub and #Nostr. #Fediverse #Nomad #Identity #Privacy #E2EE #DPKI #DIDs #SSI 1/11
The implementation of end-to-end encryption (E2EE) has been discussed in the Fediverse for a long time and there are several approaches, especially from the Mastodon community (see Mastodon E2EE proposal by soatok, Mastodon issues "Add end-to-end encryption API" 13820 and "support zero-knowledge encryption for toots/DMs" 19565), but none of them is production ready. Nostr has already made that step: In contrast to ActivityPub, the contents of DMs there are end-to-end encrypted. However, the problem with that is that the user's privacy is not protected. All user interactions (events) on Nostr, i.e. who communicates with whom and when (= the metadata), are publicly accessible, including DMs. In NIP-04, the Nostr developers themselves point out that the standard behind DMs "does not go anywhere near what is considered the state-of-the-art in encrypted communication between peers". 6/11