Greetings!

*** Hadmut Danisch [2025-09-24 19:55]:
>So my question is: Why does A require posession of the secret keys? What
>does it need them for, if forwarding is possible without keys?

"A" must not require it, you are right. I really do not remember why
that check was left in Tx() function. Seems that it was initially added
and forgotten to be removed.

Thanks for noticing that!

I hope I will find time to make a release on that weekend and try to
make an updated port for FreeBSD, where net/nncp is pretty outdated. But
that patch (pushed to "develop" branch) will stop requiring you to have
area's private key for sending:

diff --git src/tx.go src/tx.go
index e0f4f08..2504135 100644
--- src/tx.go
+++ src/tx.go
@@ -59,9 +59,6 @@ func (ctx *Ctx) Tx(
 	var area *Area
 	if areaId != nil {
 		area = ctx.AreaId2Area[*areaId]
-		if area.Prv == nil {
-			return nil, 0, "", errors.New("area has no encryption keys")
-		}
 	}
 	hops := make([]*Node, 0, 1+len(node.Via))
 	hops = append(hops, node)

>I do consider it as insecure, if node A, which is solely a sender to the
>area and not a member, needs to have the secret keys. E.g. on an email relay
>in a cloud, an attacker who get's access to the machine, can immediately
>decrypt all messages in the spool directory.

I would not consider any cloud computer as safe at all. It is not under
your control, so if one creates any packets, then any cloud provider can
see the generated/passed plaintext, that definitely existed in
pipes/memory/tmpfiles before the encryption.

-- 
Sergey Matveev (http://www.stargrave.org/)
LibrePGP: 12AD 3268 9C66 0D42 6967  FD75 CB82 0563 2107 AD8A