Feature Request: disable DM for ActivityPub bridged users

[Sjors]

When the kind 0 of a user has a proxy tag, you should disable DM functionality.

Afaik nobody implemented this, and there's no sane way to do it currently.

It's even hard (impossible?) for the bridge to rejected kind 4 messages: https://gitlab.com/soapbox-pub/mostr/-/issues/91

This means any DM just goes into the void with no feedback.

Example user:

{
  "id": "d015ffc7b1df1be705dd10c675e4c3bf6ad9b79a722c0ebd0f7cf70fd6abf34a",
  "pubkey": "d962f9c1ee1ec5f2ba97339ef8f732c928f3eaffb46599bb5c35f282c83f6314",
  "created_at": 1726342649,
  "kind": 0,
  "tags": [
    [
      "proxy",
      "https://mastodon.nl/users/sjors_1",
      "activitypub"
    ]
  ],
  "content": "{\"name\":\"sjors_1\",\"about\":\"Mostly testing stuff.\\n\\nsearchable\",\"nip05\":\"sjors_1_at_mastodon.nl@f.sprovoost.nl\"}",
  "sig": "08b176044810e4dc4d0b97b23af34127e65ef123af142881a4d842c5062a8ab041395091745e19ed8e2017426c24c20c2bddc865bfb6487f1495f1a224776276"
}

https://njump.me/npub1m930ns0wrmzl9w5hxw003aejey5086hlk3jenw6uxheg9jplvv2qmz4fr3

[alltheseas]

@alexgleason do you have any guidance on nostr <-> mastodon DMs?

[alltheseas]

Thank you @Sjors. This sounds like a nostr wide issue - I'll mirror in the nostrability repo

[alexgleason]

It's possible to bridge nip-04 messages with ChatMessage activities on AP, but I'll probably never do it. I'm mostly happy with things being "broken" at the moment. What if someone builds a bridge that can handle DMs? Then Damus is hardcoded to not work? What it needs is a capabilities system, where users can announce their capabilities via an event, and clients can adapt to that. Eg { capabilities: { accepts_dms: false } }

[Sjors]

I'm all in favor of a capabilities API. But I also think it's fine to assume a bridge doesn't support it, until such an API exists. Especially given that no actual bridge supports it or even wants to support it.

[alexgleason]

It's an incorrect usage of the semantics. And if clients do that, they'll never change it. Do you realize how hard it is to just coordinate lunch with 5+ people?

[Sjors]

It's an incorrect usage of the semantics.

Why? NIP-48 defines multiple proxy types like rss and web that inherently don't support DM. It doesn't specify that these protocols SHOULD, or even MAY, support DM. It seems perfectly reasonable to me to assume that they don't.

nip-04 DMs are also totally unsuitable for a bridge like Mostr which has access to the private keys. Although nip-04 has serious downsides, users would not expect their encrypted messages to be downgraded to plain text. So any client implementing nip-04 imo should absolutely not send those to a proxy.

This can be reconsidered with future DM standards that are designed to be interoperable, like MLS.

Or if there's a proxy type to something that also uses (secp256k1) key pairs.

And if clients do that, they'll never change it.

If enough users complain they will. It's more like converting 5 friends to vegetarianism: doesn't have to be simultaneous.

[jb55]

tbh we will likely get rid of nip04 dms entirely. nip17 is a bit more sane

[Sjors]

nip17 would be nice for sending a message from the plain-text Fediverse to a Nostr user, because it doesn't leave as much meta data visible. But the other way around it still has the same problem: the bridge admin and the mastodon instance admin can read it.

[jb55]

well this is the current state of DMs on the fediverse? Maybe we could put a warning when sending to fediverse users?

[alexgleason]

@jb55 If you were to add a warning, I would suggest something like this:

This user is bridged from an external network. Your message may not be seen, and it could be intercepted by third parties.

[Sjors]

A warning might be fine. Though I wouldn't want to be sitting on that kind of non-public data as a server admin, that's a separate issue.