Skip to content

Commit

Permalink
Move exit notifications to NIP 86
Browse files Browse the repository at this point in the history
  • Loading branch information
Jon Staab committed Dec 1, 2023
1 parent 9551856 commit 4a0a219
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 18 deletions.
2 changes: 1 addition & 1 deletion 72.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ The goal of this NIP is to create moderator-approved public communities around a

# Community Definition

`kind:34550` SHOULD include any field that helps define the community and the set of moderators. `relay` tags MAY be used to describe the preferred relay to download requests and approvals.
`Kind:34550` SHOULD include any field that helps define the community and the set of moderators. `relay` tags MAY be used to describe the preferred relay to download requests and approvals. A community definition event's `d` tag MAY be its name. If a `title` tag is provided, it SHOULD be displayed instead of the `d` tag.

An `access` field MAY be provided to indicate whether the community is private or semi-private so that members know to request access and whether they should post publicly to the group (see [./87.md](NIP 87) for more details). If access is not "open", clients MUST publish events only to the relays listed.

Expand Down
6 changes: 3 additions & 3 deletions 86.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,13 @@ NIP-86
Shared Keys
-----------

`draft` `optional` `author:staab` `author:earonesty` `author:vitorpamplona` `author:water783`

A shared key allows key holders to encrypt and decrypt messages to all other key holders. A shared key is issued by a single pubkey (the `admin`) who has sole authority to issue invitations and key rotations.

This NIP relies on [NIP 59](./59.md) for event wrapping.

## Key Sharing

Keys are shared via a `kind 24` rumor sealed by the `admin` key, wrapped using the shared key, and addressed to each recipient individually. The rumor MUST have a single `privkey` tag containing the shared private key.
Keys are shared via a `kind 24` rumor sealed by the `admin` key, wrapped using an ephemeral key, and addressed to each recipient individually. The rumor MUST have a single `privkey` tag containing the shared private key.

```json
{
Expand All @@ -28,6 +26,8 @@ To rotate the shared key, the `admin` must publish a new `kind 24` rumor as desc

An `expiration` tag (defined by NIP-40) MAY be included on the wrapper to support a weak form of forward secrecy (weak, since it relies on relays to delete the event). This can reduce the impact of a member's private key being leaked, which could otherwise expose old shared keys and messages addressed to those keys.

When revoking access from pubkeys who previously had access, a key rotation event SHOULD still be sent to those pubkeys, but without the `privkey` tag.

## Using the Shared Key

Anyone holding the shared key may privately post events of any kind as a rumor sealed by their own key, wrapped using the shared key, and addressed to the shared key.
Expand Down
14 changes: 0 additions & 14 deletions 87.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,6 @@ NIP-87
Closed Communities
------------------

`draft` `optional` `author:staab` `author:earonesty`

Some online communities may want a measure of privacy. While nostr's architecture isn't conducive to high levels of privacy due to metadata leakage and the difficulty of implementing ratchets for key rotation, it can provide basic encrypted channels appropriate for use with large groups with dynamic member lists.

This is a different trade-off from NIP 24's encrypted chat, which is simpler and provides more privacy, but is inflexible and doesn't scale as well.
Expand Down Expand Up @@ -59,18 +57,6 @@ On receipt, an admin SHOULD remove the pubkey by rotating keys.
}
```

## Exit Notifications

When removing someone's access from a community, admins SHOULD notify them by sending a `kind 27` rumor wrapped with an ephemeral key and addressed to the former member's key. The rumor's `content` MAY include a message, and its `tags` MUST include an `a` tag pointing to the community definition event's address.

```json
{
"kind": 27,
"content": "You're fired",
"tags": [["a", "34550:<admin pubkey>:<group name>"]]
}
```

## Messages

Any community member MAY post an event to the community either publicly following NIP 72, or privately. Private events MUST be sealed by the user's own key, wrapped by
Expand Down

0 comments on commit 4a0a219

Please sign in to comment.