From bcaad2957d0e9cec20e4265298d2788be87d3190 Mon Sep 17 00:00:00 2001
From: alltheseas <64376233+alltheseas@users.noreply.github.com>
Date: Mon, 27 Oct 2025 12:56:47 -0500
Subject: [PATCH] Enhance metadata/timestamp protection guidance in NIP-59
 (#2095)

---
 59.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/59.md b/59.md
index 9cb79f2f..6abf1cd4 100644
--- a/59.md
+++ b/59.md
@@ -97,6 +97,9 @@ To protect recipient metadata, relays SHOULD only serve `kind 1059` events inten
 When possible, clients should only send wrapped events to `read` relays for the recipient that implement
 AUTH, and refuse to serve wrapped events to non-recipients.
 
+When adding expiration tags to both `seal` and `gift wrap` layers, implementations SHOULD use independent random timestamps for each layer. Using different `created_at` values increases timing variance and helps protect against metadata correlation attacks.
+
+
 ## An Example
 
 Let's send a wrapped `kind 1` message between two parties asking "Are you going to the party tonight?"