I have to repeat my most important concern about Nostr from ~3 months ago[1]: Nostr makes you forward data from strangers unencrypted. If anything unlawful which you forward for Nostr is ever found on your computer, or found transmitted from your computer, you'd have fun time to explain to the authorities how it even ended up on your machine, and why are you disseminating it.
Encryption is not trivially easy to introduce into this scheme, and it can't be too seamless. It's possible though, and I encourage the developers to work on that.
Then I guess I'll have to repeat my top reply to you then.
"Relays can be authenticated. If you don't want your relay to accept data from anyone, don't leave it open. Same with any other Internet protocol."
If you don't want people to host illegal stuff on your server, do not run an open relay, an open FTP server, a social network, or an image host.
If you do, be prepared to have to work hard to keep bad actors at bay.
It's not strictly a NOSTR fault, and there is no reason why YOU need to run a relay.
Your comment is misleading and a little disingenuous: Nostr doesn't make you forward stuff. A client doesn't have to forward anything. It just connects to relays and subscribes to topics. Relay != client.
Authorities are already working together with companies in lots of ways to filter out illegal things, and it doesn’t look like they are putting CEOs for prison as long as they try to filter these things out with the tools available.
What Nostr changes is the backdoor deals that are happening and Elon was showing: FBI, CIA and other governmental organizations censoring politically sensitive, but legal content, which incentivises governments to be more transparent (and of course CSAM will remain illegal, there’s no controversy around it).
I guess what I meant to say, for those who missed out on the good old scuttlebot days, is that encryption is trivial and also you should not be syncing strangers.
People have solved these problems before, and we will solve them again.
Certainly! But they need to be solved first, and key distribution / trust is a bit more involved than just message propagation.
Not synching strangers may sort of miss the point of "censorship resistance". A group of people that know each other can use e.g. Signal to share data, with very good guarantees of protection from outside snooping or pressure. I thought that one of the key parts of Nostr's idea is the ability to find forwarding nodes without being personally friends with node operators, much like Bittorrent or IPFS.
To me the entire protocol seems like a slightly shittier reinvention of the fedi approach; centralize what some people would consider hard to decentralize, assume there's enough willing souls to run the centralized technology and pray that you don't end up with one big default who can exclude all the others.
The problem is that you get the Tor exit node problem with this approach - being a relay means becoming the toxic sewage plant of the network in this way. Running a Tor exit node basically means arranging for the authorities to try and bust you down because someone tried to get unencrypted CP over your exit node. (Running between nodes over Tor is marginally safer since you'll only be handling partial requests but still not recommended for much of the same reasons.)
Now, Tor is perfectly functional since some countries have relaxed laws for that sorta thing, but Tors data transfer is also transient - an exit node does not store anything long-term. Nostr's relays on the other hand need to do long-term data retention. I wonder how long that will last outside of flagship/VC-backed instances.
Not that it is 1:1 equivalent (due to expense and difference in encoding), but blockchains such as bitcoin can be used to store arbitrary data (and have been). Thus far I believe no one has gone to jail for running a cryptocurrency node because of non-financial reasons.
>blockchains such as bitcoin can be used to store arbitrary data
You are right, 50k or so Bitcoin nodes around the world host blocks with cp which was placed there roughly a decade ago. It cannot be removed from the chain.
AFAIK nobody has been arrested for running a node.
The internet itself is a network of relays that store and forward traffic for other nodes, unencrypted.
With that modern perspective, the internet would be unthinkable.
And, yes, these days you might have to "explain", but even the law says you are clearly not liable for passing other people's traffic. At least until recently, that was the principle. In the US, that's e.g. DMCA §512.
> Resilience is provided by the protocol being simple enough to implement in a weekend, in your language of choice. Platform lock-in is impossible, since any client can republish any note to a different relay if one misbehaves or enacts a disagreeable policy.
That's a wonderful sentiment but we said the same thing about the web and email and both are effectively controlled by large companies.
Twitter is centralized due to being the creation of a single company, but that's not the fundamental problem.
The web and email got effectively centralized because distributed protocols create problems of search, filtering, abuse, identity, community continuity, etc. You can't easily solve them in a distributed way, and even if you _can_, you can't easily get everyone in the network to upgrade. Hence, providers arise that say "We're Nostr, only better!(tm)" or "We're the best way to find what you want on Nostr!" and they work on locking in their customers.
If you want to be resilient to monopolization you have to show how you're going to solve those other problems.
Woah there. I don't agree with this. The web is certainly not centralized (this is on Hacker News and not Facebook, right?) It follows a power law distribution where you have some players getting lots of traffic and then there are lots and lots of small traffic sites. But it's definitely decentralized.
_Google_ is something of a monopoly providing some of the features you list for the web at large, but there are others (Duck Duck Go, Bing) that are just a click away.
Gmail took a huge share of the email market by being a better product for the first several years of its existence (and being free also helped). That doesn't mean email is centralized: I've been using Fastmail for the last several years and it works _just fine_. I don't have the problems you list.
Anyhow, I agree with your point that a decentralized _social network_ needs to solve the problems you're listing. I just think the web and email are actually examples of technologies that remain decentralized.
As a web developer, I think we've figured out maybe 1% of what the web is good for & capable of. There's still so much possibility, so many options, that any given person can go off & explore & play around with & succeed on. The field has never been more open for, more ready for new exciting possibilities, better set to start changing if we can make a real authentic honest outreach to users, that is a fair shake from tech, & not leaving cloud-giants holding all the cards & us with a couple magic beans.
The doom & gloom look at the macro of what the web is is really sad. It's a constant pity party. The ability to control & shape our information spaces to our liking & pick our paths has never been higher, has only gotten better as more protocols & standards, focused at purer social networking levels than the web medium at large, have arisen.
As a developer, it's been a one way street with us crafting better and better means of web development and deployment every single year, and what we're excitingly starting to see is more genuine & personal involvement not just with creating sites, but with creating interconnection, creating interlink, creating intermedia, not just on one big property, but across many voices. Nostr highlighting the idea of a relay, that who we relay is a vote of amplification, is semi-covert social commentary on picking your traffic, on selecting what gets to get shared out. There's no headier better more promising time than today (and the web continues to be the premier delightful connectable blank slate from with which to experiment & iterate).
Email is centralized in the sense that you might run your own server/domain but if Google decides you are bad and stops federating with you you might as well not exist. Who are you going to exchange mail with if most people are on Gmail?
That’s very different than Google banning your account where you can just switch to Bing for search.
A big topic of conversation at nostrica (nostr's first conference) last month was how to maintain decentralization. One of the biggest concerns was having a client or relay provider build features outside of the protocol to gain market share and enable them to lock-in users.
You are correct that there is no easy solution to these problems. There are draft NIPs that attempt to solve many of the problems you've described. You're welcome to join us in the conversation and work with us to try and solve these hard problems!
PS- I don't think the web is effectively controlled by large companies. Email is a different story though. Hopefully we can build nostr to be more like the web than email.
Maybe nostr needs a Law of Jante/tall poppy lopper - any client or relay that gets too special gets blacklisted/punished by all the other clients/relays (to the extent possible through the protocol). Sorry if that is in a NIPS, there are 84 in that link and I can't read through them all.
I think your "effectively controlled" is mostly meaningless.
There's orders of magnitude of difference between "started off as scattered and big companies now do a majority of the maintenance" vs actually CENTRALIZED, like Twitter.
My website and my email, from my domain, both exist generally as equals without any meaningfully strong influence from google or whatnot, e.g. censoring my website would be a practically completely different thing from the ridiculous mess that Twitter is becoming (if it isn't already.)
Email is not "controlled" by large companies. People choose to use large companies and let them read their emails because they are stupid. Email has not evolved in any way BECAUSE its NOT controlled by some company. If Google could, they would do even more evil with email that "just" reading all your mails.
To compare Twitter with email makes absolutely no sense. Yes Twitter is a totally controlled thing by a single company, email is not. You could say it for the web when it comes to net neutrality and where it does not exist anymore ...
Rebuttal/response to/of your comment/thought/input. From the Wiki -
I ran across Nostr when I was looking for an excuse to do some network programming. I have a thing for small standards, and the Nostr spec was 75 lines of exactly what I was looking for.
> That's a wonderful sentiment but we said the same thing about the web and email
Really? Web browsers, web servers and mail servers are beasts. I don't see them being 'simple enough to implement in a weekend, in your language of choice'
Not now but in the beginning they were. The first version of HTML was basically just a hack that glued an SGML parser to the NeXTStep text view control. The web didn't support inline images because the NeXTStep control TBL used didn't support it. Then companies like Netscape came along and started adding features. The rest is history.
The identity is controlled by a cryptographic key on the client side so even if you get kicked of a server you and whoever is in contact with you can just grab your data from other relays.
As a crypto-skeptic (lol), I really like Nostr. Unfortunately, I don't think it will catch on until someone takes the time to shave off the sharp technical edges and figure out spam + identity verification. The current Nostr network is full of cult-like bitcoin cryptobros, racist Twitter/Fediverse refugees, and spam. Lots, and lots of spam. But the technology is cool af and could be made into something more.
I’ve switched over to only private and/or paid relays and don’t experience any spam whatsoever. Not that this is the best solution to spam, but it has been effective.
I host my own relay and it's stupid easy to set up. The problem then becomes relay discovery, which is an almost completely unsolved problem. I do think it will get there in though.
I see a problem. I'd say a majority of the posts on Nostr are media posts (mostly images) and the network relies on Imgur and other image hosting services for all content. Not very decentralized in practice.
Is it a problem? Right now it doesn't seem to be a practical problem.
I agree that where we're headed, it seems like services like this will only continually degrade, that a huge amount of the corporate-run internet is undergoing radical #enshittification at an alarming rate, & the nation-states have strapped afterburners onto this hellbound-sled by starting to make the terms of use for these already imperfect the feudal- oops i mean corporate- data-keeps.
New age-verification identity-verification to post stuff has scaled up with shock & awe speeds, with Imgur just burning down huge swarths of the internet. So I guess yeah it has become a practical problem alraedy.
Oh and there's other signs of horror/intensification all about. Specs like Mobile Document Request opening up the Jevon's paradox of making it easier to request government id online are going to make a very shitty 203X's that greatly piss over the internet legacy we have.
https://github.com/WICG/mobile-document-request-api/issues/6
But also... we have the saints of human history, https://archive.org, ticking along doing the good deeds. The more rag-tag ArchiveTeam folks. They keep saying it's not for archiving, but I really hope WebPackage / WebBundle specs take off, that we build a norm of take-away sites that we can retain. (Caveat: right now Chrome has zero interest in letting you use old snapshots, but I have zero faith this limited security totalitarianism will hold, given that Certificate Transparency lets us know that indeed this content did come from X site at Y time & had the right cert then.)
In general, it's all the web, so it only sort of matters that the thing goes away. We need to update the maxim, "Cool URIs Dont Change" (https://www.w3.org/Provider/Style/URI). Sometimes the resources go away. But the URI remains. And we can spread backups, share the content, even when the hosts vanish, because the web is so cool like that.
> Is it a problem? Right now it doesn't seem to be a practical problem.
It will be the day these image hosting services die (and they do, all the time). This setup separates the post content from the post itself. I hope that most of us remember what a giant mess hosting images for forums on free image hosting services (that were later shut down) caused.
Apparently there was a discussion just a few days ago about Imgur deleting images that are not associated with a user account[1]. Just imagine all the broken image embeds that will cause…
It's weird how "decentralized" means something different to every individual. Having the ability to choose where to host my images is what I'd call decentralized.
As I understand it, the raison d'être of nostr is to use relays to store your data, which is presented on clients. So if a front-end bans you, then you can grab your data off any relay. If imgur shuts down, you're out of luck!
Bluesky goes further with the AT protocol for more general data and algorithms iirc
Perhaps the greatest problem with this setup is that the post content is separate from the post itself. I hope that most of us remember what a giant mess hosting images for forums on free image hosting services (that were later shut down) caused.
> Software for chatting on the Internet should be small and fun.
Small and fun is the magic here. There's immense product insight in building a product experience that feels really small, intimate. It's the counterbalance to the unwieldy scale of Big Tech.
We're in the natural cycle of things, I'm just saying I seem to really get the feeling "the future is small", if that makes sense. It's quite stressful to navigate the entire planet's information and inventory.
I feel the same way. I don’t feel the need or desire to be connected to every single person on earth through some app. I left almost all social platforms a couple years ago (except HN).
I got into nostr and feel like it’s almost exactly what I want from social media. Just a reverse chronological feed of the people I follow.
i agree, it's fun because of the people. a product is "not fun" when it impedes on those personal connections. like the obvious thing of injecting ads everywhere, a product doing that, is not fun in my view. it's infuriating
Anything Jack is involved in is tainted for me until further notice. I wouldn't even dare to touch any of his new platforms, seeing his connections with Elon and how his judgement failed so spectacularly with the Twitter deal - it's not worth it, just to be sold out again when he gets bored of it or it doesn't end up being a business. At least he admitted to it.
I'm not saying Mastodon is the solution, but at least no one can take it away from me at a whim or has full control over the protocol and the app.
> how his judgement failed so spectacularly with the Twitter deal
A CEO doesn’t approve an acquisition in a publicly traded company. The Board of Directors decide.
> or has full control over the protocol and the app.
Jack does not have any control over the nostr protocol.
He may arguably have some control over one of the iOS client apps (due to him finding the dev), but that’s about it.
I was an organizer of nostrica (nostr’s first conference) last month. Yes, Jack paid for the venue, food & merch but he didn’t ask for anything in return.
He was very humble about the whole thing. More than I thought he would be.
> A CEO doesn’t approve an acquisition in a publicly traded company. The Board of Directors decide.
Don't put words in my mouth. It may not entirely have been his decision, but nobody forced him to go on Twitter to say that he "chose him" and that he "believes it with all his heart"[0]. You cannot possibly tell me that you think that he was uninvolved in setting up the deal. Him being friends with Elon for ages is public track record.
> Jack does not have any control over the nostr protocol.
Jack is bankrolling the founder of the protocol with more than $240k. If you think that a SV CEO is doing that because he wants to create a better world, good on you. If you have any evidence that that doesn't give him any control, I'd be happy to see it. I feel like it's valid to be a little sceptical.
I have played with this a bit lately and my conclusion thus far is: The idea of trying to bind everything to a single private key is such a bad idea for the average person. In order to truly secure a private key you have to go to pretty extraordinary lengths. It is not easy. It is not, "common sense."
Like most of crypto, the basic immutable nature of things is simply bad for humans. Here, your private key is eventually going to get stolen because you have to type in your private key for every login. It creates a phishing/key-logging jackpot. And once the attacker gets you private key there is no recourse. No password reset. No way to regain access. Your accounts are forever compromised. This is the problem with "decentralization" in general. All of the benefits it brings are completely washed away by the mundane daily activities of being human.
I've tinkered with nostr and there's plenty to agree with here, but it's not specific to nostr. Nostr is in its very early days where people who tinker now are also pretty good at protecting that private key (dorks like us). For mass adoption we're probably going to see WebAuthn develop and solve the problems you're mentioning for most non-technical people. The early dorks will flinch at Apple/Google syncing people's e2ee keys, but techies will always be able to just dial in their private key to the client of their choosing. So it will be a bit messy, but hopefully the best of both worlds. And a giant improvement from current paradigm.
I don't use it, but Minds is an example of an app that is using delegated keys to sign people's messages using nostr protocol, allowing a user's data a route out of Minds' infrastructure in the future. Again, seems a healthy improvement.
There are ways to fix this such as the ability to issue a key revocation and issue a new key via a secondary key stored elsewhere but few of these systems implement such measures.
Nice (blog author here); just heard this showed up on the frontpage from someone on Nostr.
If I was writing an update to this, I'd probably point out how much better the clients (especially mobile) have gotten, in such a short span of time. As well as how lightning integration (zaps) are letting us build new capabilities (instead of just cloning twitter) that don't exist anywhere else.
Glad its getting traction, it was a fun read and introduced me to something new (tm). One issue I had about 'Zaps' was the 'pay-to-play' aspect which seemed in discord/disharmony with the OG vision of Solving the Right Problems
There is no blockchain. No proprietary social sign-in. No “real-name policy” No distributed hash table, onion routing, raft consensus, or peer-to-peer protocol. There is just a method of providing simple digitally signed text, and a simple, scalable search service.
I mean I get it aaannnndd 54 lines of Spec etc and there is a need for something like you offer/describe and I'm glad to have stumbled across the link that lead to this blog that leads to the GH <phew!>
Lightning already exists; so it is nice that a simple protocol can integrate with it. I view them as complementary - it is good that Nostr does not need crypto, but it is still cool that they can harmonize
without changing the core protocol.
It does solve a fundamental incentive problem of "who runs big relays".
Readit News
Encryption is not trivially easy to introduce into this scheme, and it can't be too seamless. It's possible though, and I encourage the developers to work on that.
[1]: https://news.ycombinator.com/item?id=34529931
"Relays can be authenticated. If you don't want your relay to accept data from anyone, don't leave it open. Same with any other Internet protocol."
If you don't want people to host illegal stuff on your server, do not run an open relay, an open FTP server, a social network, or an image host.
If you do, be prepared to have to work hard to keep bad actors at bay.
It's not strictly a NOSTR fault, and there is no reason why YOU need to run a relay.
Your comment is misleading and a little disingenuous: Nostr doesn't make you forward stuff. A client doesn't have to forward anything. It just connects to relays and subscribes to topics. Relay != client.
What Nostr changes is the backdoor deals that are happening and Elon was showing: FBI, CIA and other governmental organizations censoring politically sensitive, but legal content, which incentivises governments to be more transparent (and of course CSAM will remain illegal, there’s no controversy around it).
People have solved these problems before, and we will solve them again.
Not synching strangers may sort of miss the point of "censorship resistance". A group of people that know each other can use e.g. Signal to share data, with very good guarantees of protection from outside snooping or pressure. I thought that one of the key parts of Nostr's idea is the ability to find forwarding nodes without being personally friends with node operators, much like Bittorrent or IPFS.
The problem is that you get the Tor exit node problem with this approach - being a relay means becoming the toxic sewage plant of the network in this way. Running a Tor exit node basically means arranging for the authorities to try and bust you down because someone tried to get unencrypted CP over your exit node. (Running between nodes over Tor is marginally safer since you'll only be handling partial requests but still not recommended for much of the same reasons.)
Now, Tor is perfectly functional since some countries have relaxed laws for that sorta thing, but Tors data transfer is also transient - an exit node does not store anything long-term. Nostr's relays on the other hand need to do long-term data retention. I wonder how long that will last outside of flagship/VC-backed instances.
You are right, 50k or so Bitcoin nodes around the world host blocks with cp which was placed there roughly a decade ago. It cannot be removed from the chain.
AFAIK nobody has been arrested for running a node.
That can only happen if you are running a Nostr relay. Nostr clients don't forward anything.
The internet itself is a network of relays that store and forward traffic for other nodes, unencrypted.
With that modern perspective, the internet would be unthinkable.
And, yes, these days you might have to "explain", but even the law says you are clearly not liable for passing other people's traffic. At least until recently, that was the principle. In the US, that's e.g. DMCA §512.
Why would you connect to people out of your friend of a friend zone?
An algorithm should decide who you are relaying.
Do you mean Secure Scuttlebutt? "Scuttlebot" seems to be the old name for the primary Secure Scuttlebutt server implementation (https://handbook.scuttlebutt.nz/glossary), though its website is still https://scuttlebot.io/.
That's a wonderful sentiment but we said the same thing about the web and email and both are effectively controlled by large companies.
Twitter is centralized due to being the creation of a single company, but that's not the fundamental problem.
The web and email got effectively centralized because distributed protocols create problems of search, filtering, abuse, identity, community continuity, etc. You can't easily solve them in a distributed way, and even if you _can_, you can't easily get everyone in the network to upgrade. Hence, providers arise that say "We're Nostr, only better!(tm)" or "We're the best way to find what you want on Nostr!" and they work on locking in their customers.
If you want to be resilient to monopolization you have to show how you're going to solve those other problems.
Woah there. I don't agree with this. The web is certainly not centralized (this is on Hacker News and not Facebook, right?) It follows a power law distribution where you have some players getting lots of traffic and then there are lots and lots of small traffic sites. But it's definitely decentralized.
_Google_ is something of a monopoly providing some of the features you list for the web at large, but there are others (Duck Duck Go, Bing) that are just a click away.
Gmail took a huge share of the email market by being a better product for the first several years of its existence (and being free also helped). That doesn't mean email is centralized: I've been using Fastmail for the last several years and it works _just fine_. I don't have the problems you list.
Anyhow, I agree with your point that a decentralized _social network_ needs to solve the problems you're listing. I just think the web and email are actually examples of technologies that remain decentralized.
As a web developer, I think we've figured out maybe 1% of what the web is good for & capable of. There's still so much possibility, so many options, that any given person can go off & explore & play around with & succeed on. The field has never been more open for, more ready for new exciting possibilities, better set to start changing if we can make a real authentic honest outreach to users, that is a fair shake from tech, & not leaving cloud-giants holding all the cards & us with a couple magic beans.
The doom & gloom look at the macro of what the web is is really sad. It's a constant pity party. The ability to control & shape our information spaces to our liking & pick our paths has never been higher, has only gotten better as more protocols & standards, focused at purer social networking levels than the web medium at large, have arisen.
As a developer, it's been a one way street with us crafting better and better means of web development and deployment every single year, and what we're excitingly starting to see is more genuine & personal involvement not just with creating sites, but with creating interconnection, creating interlink, creating intermedia, not just on one big property, but across many voices. Nostr highlighting the idea of a relay, that who we relay is a vote of amplification, is semi-covert social commentary on picking your traffic, on selecting what gets to get shared out. There's no headier better more promising time than today (and the web continues to be the premier delightful connectable blank slate from with which to experiment & iterate).
That’s very different than Google banning your account where you can just switch to Bing for search.
You are correct that there is no easy solution to these problems. There are draft NIPs that attempt to solve many of the problems you've described. You're welcome to join us in the conversation and work with us to try and solve these hard problems!
https://github.com/nostr-protocol/nips/pulls
PS- I don't think the web is effectively controlled by large companies. Email is a different story though. Hopefully we can build nostr to be more like the web than email.
There's orders of magnitude of difference between "started off as scattered and big companies now do a majority of the maintenance" vs actually CENTRALIZED, like Twitter.
My website and my email, from my domain, both exist generally as equals without any meaningfully strong influence from google or whatnot, e.g. censoring my website would be a practically completely different thing from the ridiculous mess that Twitter is becoming (if it isn't already.)
To compare Twitter with email makes absolutely no sense. Yes Twitter is a totally controlled thing by a single company, email is not. You could say it for the web when it comes to net neutrality and where it does not exist anymore ...
I ran across Nostr when I was looking for an excuse to do some network programming. I have a thing for small standards, and the Nostr spec was 75 lines of exactly what I was looking for.
Really? Web browsers, web servers and mail servers are beasts. I don't see them being 'simple enough to implement in a weekend, in your language of choice'
Though I’m biased and just generally like the urbit approach more.
I agree that where we're headed, it seems like services like this will only continually degrade, that a huge amount of the corporate-run internet is undergoing radical #enshittification at an alarming rate, & the nation-states have strapped afterburners onto this hellbound-sled by starting to make the terms of use for these already imperfect the feudal- oops i mean corporate- data-keeps.
New age-verification identity-verification to post stuff has scaled up with shock & awe speeds, with Imgur just burning down huge swarths of the internet. So I guess yeah it has become a practical problem alraedy.
Oh and there's other signs of horror/intensification all about. Specs like Mobile Document Request opening up the Jevon's paradox of making it easier to request government id online are going to make a very shitty 203X's that greatly piss over the internet legacy we have. https://github.com/WICG/mobile-document-request-api/issues/6
But also... we have the saints of human history, https://archive.org, ticking along doing the good deeds. The more rag-tag ArchiveTeam folks. They keep saying it's not for archiving, but I really hope WebPackage / WebBundle specs take off, that we build a norm of take-away sites that we can retain. (Caveat: right now Chrome has zero interest in letting you use old snapshots, but I have zero faith this limited security totalitarianism will hold, given that Certificate Transparency lets us know that indeed this content did come from X site at Y time & had the right cert then.)
In general, it's all the web, so it only sort of matters that the thing goes away. We need to update the maxim, "Cool URIs Dont Change" (https://www.w3.org/Provider/Style/URI). Sometimes the resources go away. But the URI remains. And we can spread backups, share the content, even when the hosts vanish, because the web is so cool like that.
It will be the day these image hosting services die (and they do, all the time). This setup separates the post content from the post itself. I hope that most of us remember what a giant mess hosting images for forums on free image hosting services (that were later shut down) caused.
Apparently there was a discussion just a few days ago about Imgur deleting images that are not associated with a user account[1]. Just imagine all the broken image embeds that will cause…
[1] https://news.ycombinator.com/item?id=35636190
https://github.com/nostr-protocol/nips/blob/master/94.md
Bluesky goes further with the AT protocol for more general data and algorithms iirc
Small and fun is the magic here. There's immense product insight in building a product experience that feels really small, intimate. It's the counterbalance to the unwieldy scale of Big Tech.
We're in the natural cycle of things, I'm just saying I seem to really get the feeling "the future is small", if that makes sense. It's quite stressful to navigate the entire planet's information and inventory.
I got into nostr and feel like it’s almost exactly what I want from social media. Just a reverse chronological feed of the people I follow.
you know what makes chatting fun? the people I'm chatting with.
you know what makes chatting not fun? being impeded from chatting with the fun people.
a chat program that has fun people and always works is the most fun to use!
I'm not saying Mastodon is the solution, but at least no one can take it away from me at a whim or has full control over the protocol and the app.
A CEO doesn’t approve an acquisition in a publicly traded company. The Board of Directors decide.
> or has full control over the protocol and the app.
Jack does not have any control over the nostr protocol.
He may arguably have some control over one of the iOS client apps (due to him finding the dev), but that’s about it.
I was an organizer of nostrica (nostr’s first conference) last month. Yes, Jack paid for the venue, food & merch but he didn’t ask for anything in return.
He was very humble about the whole thing. More than I thought he would be.
Don't put words in my mouth. It may not entirely have been his decision, but nobody forced him to go on Twitter to say that he "chose him" and that he "believes it with all his heart"[0]. You cannot possibly tell me that you think that he was uninvolved in setting up the deal. Him being friends with Elon for ages is public track record.
> Jack does not have any control over the nostr protocol.
Jack is bankrolling the founder of the protocol with more than $240k. If you think that a SV CEO is doing that because he wants to create a better world, good on you. If you have any evidence that that doesn't give him any control, I'd be happy to see it. I feel like it's valid to be a little sceptical.
[0] https://theprint.in/tech/jack-dorsey-says-elon-musk-is-singu...
Like most of crypto, the basic immutable nature of things is simply bad for humans. Here, your private key is eventually going to get stolen because you have to type in your private key for every login. It creates a phishing/key-logging jackpot. And once the attacker gets you private key there is no recourse. No password reset. No way to regain access. Your accounts are forever compromised. This is the problem with "decentralization" in general. All of the benefits it brings are completely washed away by the mundane daily activities of being human.
I don't use it, but Minds is an example of an app that is using delegated keys to sign people's messages using nostr protocol, allowing a user's data a route out of Minds' infrastructure in the future. Again, seems a healthy improvement.
The user experience is also hard.
If I was writing an update to this, I'd probably point out how much better the clients (especially mobile) have gotten, in such a short span of time. As well as how lightning integration (zaps) are letting us build new capabilities (instead of just cloning twitter) that don't exist anywhere else.
There is no blockchain. No proprietary social sign-in. No “real-name policy” No distributed hash table, onion routing, raft consensus, or peer-to-peer protocol. There is just a method of providing simple digitally signed text, and a simple, scalable search service.
I mean I get it aaannnndd 54 lines of Spec etc and there is a need for something like you offer/describe and I'm glad to have stumbled across the link that lead to this blog that leads to the GH <phew!>
It does solve a fundamental incentive problem of "who runs big relays".