Appearance
Kind 4: Encrypted Direct Message
Overview
Encrypted Direct Message (kind 4) events are used for private communications between users. They contain encrypted content that can only be decrypted by the intended recipient. This kind has been deprecated in favor of Kind 14 (NIP-17), which offers improved security.
Specification
| Property | Value |
|---|---|
| Kind Number | 4 |
| Event Range | Regular |
| Defined in | NIP-04 |
| Status | Deprecated - replaced by NIP-17 |
Content Format
The content field contains encrypted text in the format: <encrypted_text>?iv=<initialization_vector>
Where:
encrypted_textis the AES-256-CBC encrypted message, base64-encodedinitialization_vectoris the base64-encoded IV used for encryption
The encryption uses a shared secret derived from the ECDH (Elliptic Curve Diffie-Hellman) key exchange between the sender's private key and the recipient's public key.
Schema
"content": "<base64_encrypted_text>?iv=<base64_initialization_vector>"Tags
| Tag Name | Description | Format | Required |
|---|---|---|---|
p | Recipient's public key | ["p", "<pubkey-hex>"] | Yes |
e | Referenced message | ["e", "<event-id>", "<optional-relay-url>"] | No |
Client Behavior
Clients should:
- Encrypt messages using AES-256-CBC with a shared secret derived from ECDH
- When receiving, attempt to decrypt any kind 4 events directed at the user
- Display decrypted messages in a private conversation interface
- Warn users about the security limitations of kind 4 messages
- Suggest using kind 14 messages (NIP-17) instead
- NEVER parse and replace public key or note references in the encrypted content, as this would leak metadata
Relay Behavior
Relays should:
- Store and forward these events to the recipient
- Consider implementing
AUTHrestrictions to limit who can fetch kind 4 events
Use Cases
- Private conversations between two users (deprecated)
- Legacy support for older clients
Example
json
{
"id": "4b6d349a85fee455b0772f2fb9f22174c6c665fc9fda55d96c815a93a3308814",
"pubkey": "79dff8f82963424e0bb02708a22e44b4980893e3a4be0fa3cb60a43b946764e3",
"created_at": 1671217411,
"kind": 4,
"tags": [
["p", "f7234bd4c1394dda46d09f35bd384dd30cc552ad5541990f98844fb06676e9ca"]
],
"content": "HGm567PuoNQ08syARjPYKCKLfT0C6xGNFcjAKKYc+RXhIKl3AnxPFrFBxXQykkhzpMcfG6qJxqv9SDEReaZIQw==?iv=AD78LxC/6KBYsFL5qPurow==",
"sig": "908a15e46fb4d8675bab026fc230a0e3542bfade63da02d542fb78b2a8513fcd0092619a2c8c1221e581946e0191f2af505dfdf8657a414dbca329186f009262"
}Encryption Process
JavaScript example of the encryption process:
js
import crypto from 'crypto'
import * as secp from '@noble/secp256k1'
// Get shared secret using ECDH
let sharedPoint = secp.getSharedSecret(ourPrivateKey, '02' + theirPublicKey)
let sharedX = sharedPoint.slice(1, 33) // Only use X coordinate
// Create initialization vector and cipher
let iv = crypto.randomFillSync(new Uint8Array(16))
var cipher = crypto.createCipheriv(
'aes-256-cbc',
Buffer.from(sharedX),
iv
)
// Encrypt the message
let encryptedMessage = cipher.update(text, 'utf8', 'base64')
encryptedMessage += cipher.final('base64')
let ivBase64 = Buffer.from(iv.buffer).toString('base64')
// Final encrypted content
let content = encryptedMessage + '?iv=' + ivBase64References
Related Kinds
- Kind 14: Direct Message - The recommended replacement for kind 4
Notes
- Security Warning: This standard is not state-of-the-art in encrypted communication and leaks metadata in the event. Do not use for highly sensitive information.
- The encryption uses only the X coordinate of the ECDH shared point as the secret, and it is not hashed.
- This differs from the default libsecp256k1 ECDH implementation which uses the SHA256 hash of both X and Y coordinates.