Mastodawn

slugr Jul 24, 2025

that’s on the person forging, it’s not doing any crazy forging on its own. it could, but like you said, i think that’d run into an issue of not being believable by not matching the personas and conversation context. that said, my belief is you probably don’t need perfect forgeries, just the ability to create plausible ones.

there’s still lots of open questions around usability and the practical deniability of it, just want to make sure the crypto side makes sense.

slugr Jul 24, 2025

Can this messaging protocol achieve cryptographic deniability?

https://leminal.space/post/23416713

Can this messaging protocol achieve cryptographic deniability? - Leminal Space

I’m designing an identity-less, ephemeral messaging protocol where messages can be forged after-the-fact. The goal is protection against coercion or device seizure scenarios. Core mechanism: * Session keys derived via SPAKE2 from shared secret * ChaCha20 encryption with deterministic nonces: sequence || timestamp * HMAC authentication during conversation Forgery capability: Anyone with session keys can create alternative messages using the same sequence/timestamp that decrypt to different content. My question: Does this actually achieve cryptographic deniability? Are there ways someone could distinguish a real conversation transcript from a forged one? I have a working prototype and want to validate that the approach is sound.

slugr Jul 24, 2025

Revery v0: identity-less, ephemeral, deniable messaging.

https://leminal.space/post/23380526

Revery v0: identity-less, ephemeral, deniable messaging. - Leminal Space

i’ve been working on this for a bit, finally got a proof of concept worked out with a desktop app. would love some feedback, mostly on the concept and protocol. it hasn’t been security audited so don’t use it for anything crazy.

Show thread

slugr Feb 9, 2025

neovim. i much prefer the motions of helix, but there’s just some plugins i can’t live without.