NIP-59 Gift Wrap

59.md

@@ -0,0 +1,69 @@
+NIP-59
+======
+
+Gift Wrap
+-------------------------------
+
+`draft` `optional` `author:kieran`
+
+This NIP defines a simple method to protect event metadata leakage by using randomly generated keys.
+
+A gift wrap event is a `kind 1059` event which wraps another event with a single use key.
+
+This event kind can be used to wrap DM's or other events which are considered private.
+
+This is similar in concept to [Onion Routing](https://en.wikipedia.org/wiki/Onion_routing).
+
+To wrap an event, sign it as usual then serialize it to JSON. This string should then be encrypted using NIP-44 with a different private key. 
+
+Next, add the signed payload to the `content` field of a new `kind 1059` event, signed with the same key used to encrypt the content.
+
+The key used to sign the wrapper and encrypt its contents can be created using any appropriate strategy:
+- For the strongest security guarantees, it SHOULD be randomly generated.
+- The sender MAY use `sender private * event id mod curve.n` instead of a completely random key. If this is done, the sender can "retain access" to the sent message and is capable of decrypting, deleting or otherwise operating on the outer message.
+
+A `p` tag for the recipient MUST be added to the `tags` field on the outer event. To protect recipient
+identity, this may be a regular pubkey, or one representing a group of people sharing a private key for
+decryption.
+
+The sender MAY copy tags from the inner event to the outer event. This weakens privacy guarantees,
+but may be useful to accommodate server-side filtering. A `k` tag MAY be added to the outer event to
+denote the `kind` of the inner event.
+
+Example wrapped event:
+```json
+{
+    "id": "0bb58c5e646ff1a310d888347cd392f0490d80d9ce963a43d10f0af0b3a92d58",
+    "pubkey": "67813274a3e44cc5f939cc29f1faa4e6b38f1ee4a22469262d6d9d19c377f027",
+    "content": "{\"ciphertext\":\"0s44ii9QNQMmKl/+Bmo0dUoVqCI3dqyPweoA1H06qkguf8u3Hr8sK7lUYKi/DHrR2PiLKuJRHC42mBn+e4jyM49yj+QL0cg3p5MbGiSmExEQPnofaBS6PtU/6Fa30XPNoywC9ptaPiDpEPNTxsI+LgCoCgUc3o9iJzKJRgzfaUVhjugjXmGw6Un8DgX7yfY3JBraxZClfC6FNV3yTtmRdi9AHmphJa5xW8l/XeI1k3C+Qv5z4mMI4GfiYXnqLbHtaMSeTaI31zmyr4nX9Bpnb14PSdiKpHEN1aAmJXgs/mXRw5KS44EDnjSJwItwow/yWNlGZZ2lT21ay9uc7LeD2rNOIOpW3xO5Pqd51NpYgjk+1lD9L8djQCpWRzsJoCr2/G1+qeGre+q/5g7re2aQbA3M9iSqEzBlkw841fq5AJYEDcsCXzFFQwo0ydJutBhzP2YOFuPbGgvWZat2bLRu26PZMMB3Z6ZprzyBrLIgZ4uOJ74/Rpflh4I5xl4r9Yvp37bLkxq25diG/78x0/AsBlgIJzMeNivZ7LCxm9a/nu5Ygj1H8g==\",\"nonce\":\"CvLX+kBOEBM5ZRm/I+4fncvGqbrcb6Dy\",\"v\":1}",
+    "kind": 1059,
+    "created_at": 1686840217,
+    "tags": [
+        [
+            "p",
+            "63fe6318dc58583cfe16810f86dd09e18bfd76aabc24a0081ce2856f330504ed"
+        ]
+    ],
+    "sig": "cdcc561865cc4f028311159a9417b717d93a681f957621052335bb3c581f85490cb3f596d251e92f7174d34eeb406ff009acde37588322fcb75c380e335a1b73"
+}
+```
+
+The `content` is NIP-44 encrypted JSON string with the temporary key, this is the inner event:
+```json
+{
+    "id": "a3b3d167f560e9d15434534ee7bf51cf272b15e40e3e9a64501fb83fd0f06326",
+    "pubkey": "63fe6318dc58583cfe16810f86dd09e18bfd76aabc24a0081ce2856f330504ed",
+    "content": "example",
+    "kind": 1,
+    "created_at": 1686840217,
+    "tags": [
+        [
+            "p",
+            "63fe6318dc58583cfe16810f86dd09e18bfd76aabc24a0081ce2856f330504ed"
+        ]
+    ],
+    "sig": "675a8cd35925928d6623ba18aea0eeb9691c462c59cac4a6441f9495eaec7182107ece7b7012bb628e28029f059362fcbce9bce3a00c05817480603d8f8112f5"
+}
+```
+
+Clients can decrypt the gift wrapped event and can continue to work as normal.