Definition
NIP-17 specifies private direct messages on Nostr that hide not just message content but the surrounding metadata — who is talking to whom, when, and how often. It supersedes the old NIP-04 direct messages, which encrypted the text but exposed sender, recipient, and timing in plain view on every relay, leaking the entire social graph of a conversation. NIP-17 combines two lower-level standards to close those gaps and is the current recommended way to do confidential one-to-one or small-group chat on Nostr.
How a message is sent
The actual message is a kind 14 chat event (or kind 15 for file attachments). Crucially, this inner event is a rumor — it is never signed and never published directly. It is encrypted with NIP-44, sealed inside a kind 13 event signed by the sender's real key, and then gift-wrapped in a kind 1059 event following NIP-59, with the outer wrap signed by a fresh, single-use random keypair. A separate gift wrap is produced for each recipient and one for the sender (so your own client can reconstruct the conversation across devices). The result is that participant identities, the real date and time, the inner event kind, and the subject tags are all concealed from public view. Because the unsigned rumor cannot be cryptographically attributed, participants also retain deniability: a leaked message archive proves nothing on its own.
Relay handling and discovery
Metadata-hiding creates a delivery problem: if nobody can see who a message is for, how does it find its destination? NIP-17 solves this with a small, deliberate disclosure. Each user publishes a kind 10050 event listing their preferred DM relays — typically a short list of two or three. A sending client looks up the recipient's 10050 list and posts the gift wrap only to those relays. Well-behaved DM relays enforce NIP-42 authentication, serving each wrap only to the client that proves ownership of the tagged recipient key, so even the anonymous envelopes are not free to enumerate. On receipt, the client unwraps, opens the seal, and verifies that the seal's signing pubkey matches the rumor's claimed author — the check that prevents sender spoofing.
What it protects, and what it cannot
Compared with the legacy scheme, NIP-17 hides the participant graph, message timing (timestamps are randomized into the recent past), message kind, and any group structure — there is no shared conversation identifier for a relay to correlate. What remains visible is unavoidable: the relays on your 10050 list know that someone sends wraps addressed to your pubkey, and rough traffic volume is observable to them. Endpoint security is still on you — encryption in transit does nothing for a compromised phone. Choose DM relays you have some trust in, or run your own.
Why it matters for sovereign users
For a Bitcoiner, NIP-17 is the practical answer to private messaging without a custodial platform: no phone number, no account to freeze, no company in the middle, and the same keypair that anchors your public identity. Coordination around nodes, trades, or hardware can happen over infrastructure you can self-host. The relay-discovery side of the design connects naturally to the Nostr Outbox Model, which generalizes the same publish-where-you-are-read pattern to public content.
In Simple Terms
NIP-17 specifies private direct messages on Nostr that hide not just message content but the surrounding metadata — who is talking to whom, when, and…
