I understand that disputes require conversations to be able to be read; however, it is a serious risk that localmonero could be compromised and leak seriously identifying information. If messages were encrypted unless one of the participants opt-in to decrypting the messages for a dispute then this situation would be massively improved. Even if users can’t verify for themselves that this is happening then it would be nice - I could be wrong, but I imagine it could be relatively simple to require the user’s passphrase upon a dispute and store a ciphertext form of messages in the database.
Welcome to the community!
If our database (heaven forbid) gets leaked, it won’t be a problem in terms of message content, since we store all messages encrypted in the database.
Do you retain those message logs forever?
Nope, we erase them after 180 days.