Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: Why do ActivityPub and Nostr not encrypt an "event" content and metadata
3 points by ahmedbaracat 3 months ago | hide | past | favorite | 5 comments
Hi, I am getting interested in decentralized protocols like ActivityPub and NOSTR and wondering if there is a good reason to not encrypt both the event data and metadata (event kind, time, etc) with the poster private key. Essentially each event only making public that an event is created/signed by Person X but no other data can be retrieved about said event.



Each post could be encrypted (before publishing) using a unique key (derived from the private key of the poster) and then signed with the private key (of the poster) before publishing.

Then the poster could later choose to selectively publish (or make them available to individuals) some of these unique keys, to make posts readable.


What would be the usecase for publishing events in a social media protocol (i.e. ActivityPub) with no information?


Only ppl who you allow to follow you gets to access the unencrypted data.


Then you would need to encrypt the data to many public keys, could be difficult but possible.

Also means adding a new follower requires you to rewrite old posts, right?


Yes, these solutions are possible. Or maybe manage followers through an ACL controlled by a smart contract or something similar. That’s why I am asking really, to see if there are easier ways. It feels like this should be a common problem, but we probably got used to everything being public by default.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: