57 comments

[ 3.0 ms ] story [ 93.1 ms ] thread
I like the idea of nostr but when I tried to use it it was a lot of CP which made me instantly stop using it. I guess the issue with this type of protocols is that there must be a way to prevent these very dark and illegal content.

As a user I don't want to see it and the submitter should be found and jailed for distributing it. Right now, it's hard to know where it even comes from since it can come from any of the relay you are connected to. Most apps do not show which relay the content originates from and honestly, what can you do?

I guess one solution is to only use paid relayes or heavily restricted ones that require invitation. But if that is the case, it kind of defeats the purpose of Nostr to begin with IMO.

It's a more censorship resistant platform, of course it'll see some spam. If this happens, you'll see lots of outrage, people see it as a way to test out and improve WoT.

The content (images, videos) itself is often quickly removed by blossom/media relay runners, especially if people report it and once they're cleared the spam notes are basically worthless to anyone because they're just dead links and spammy/abusive hashtags. Due to the hashtags is still quite easy to purge them.

I run my own relay and self reported it whenever one of these notes or uploads hit my systems. I built a quick shell script using AI to take care of almost all of that.

I find open protocols the most naive endeavour in tech nowadays. The reason why social media protocols work is because the incentive is to have them siloed, controlled, and artificially convincing people through algorithmic suggestions that posting what they had for lunch is somewhat interesting.

These protocols seem to think that people actually want an alternative to what Instagram, Facebook, X etc. give them. They don't, we all just want the comfort of our own little bubble and a constant feeling of perceived fame. The rest, and all the talk about the protocol that underlines this is just fluff for nerds that will have zero impact in a society dominated by tech capital.

Do you wanna change social media? Try and find and effective way to bring them down.

> Do you wanna change social media? Try and find and effective way to bring them down.

You don't change social media by building yet another closed protocol. You'd be building more of the same. The only option left is to build open protocols, and nostr is another attempt. Checkmate.

You change them with serious regulation. Leave the tech bubble for a minute, there’s a world outside.
Last time I tried navigating the Nostr ecosystem I found their Twitter-equivalent platform and it was full of people posting about cryptocurrencies and other topics that weren't of particular interest to me.

Are there any major figures of interest primarily participating on any Nostr platform? Or is there any kind of uniquely interesting content that is being primarily produced and shared on Nostr?

It's inherently a chicken and egg problem. If HackerNews didn't exist and the Nostr community created it - it'd be filled with the same content.

Network effects are everything. The tech can be good but the product may not be - solely because of the network effect. Still - pretty good tech!

Two months ago I visited Primal by accident (which appears to be some Nostr instance) and the first impression I've got it's a platform for promoting crypto because streams were just about bitcoins all around

Last year one of users on mastodon I was casually talking to decided to move to Nostr - he claimed in his last posts that some features like pools and voting are locked behind payments there. Can someone shed some light on that? I couldn't find any info if that platform does contain paid features.

Glad to see Nostr on top of HN. It is in its infancy, but Nostr allows for "zapps" (basically sending instant micropayments via bitcoin-lightning) - so instead of using ads and dubious algorithms, you can show your appreciation to content creators by small payments. This is a model for an ad-free, decentralized social media system.
I don't understand. Can someone explain it to me from a technical/IT perspective? Is it like HTTP or JSON, or like XMPP...?

"An open protocol with a chance of working" = ?huh? "Nostr doesn't subscribe to political ideals of "free speech"" = ???huh? "BEEP BOOP" ???wtf??

Please don't explain technical things as if you were talking to children. Explain them as if you were talking to a colleague sitting next to you. Talk to them as a person and as a professional.

It would be cool if you could somehow form chains of trust with this, maybe even with links to other social media, where you could "follow other people that this guy has vetted". I want my social media censored and curated, but I want to choose my own censors and curators.
Hope this doesn't come accross as rhetorical, it's a genuine question!

Nostr users, how does this differ in your experience from Mastodon? At first glance it seems like the same idea but with the extra ingredient of blockchain, I'm not sure what this adds though, anonymity?

I was on mastodon, but the instance that was hosting my account got shut down, so I don't have my account anymore. That can't happen on Nostr. You need to make sure that you store your "private key" (sort of like password) safe.
Something I don’t quite get about these new social networks that are clearly aimed at technical people: my model of a truly decentralized social network is more like a network of privately hosted personal websites, à la the original web. Not yet another platform I need to make an account to interact on separately.

Have there been any attempts to make more of a “network” that incentivizes operating personal websites but adds a mechanism for typical social media features like chat, a feed, etc. in a centralized way? The only thing I can think of is RSS, and that is only a way to follow content publication.

Even if you don't use Nostr as a microblogging social network, it can provide a useful layer. For example Trystero https://oxism.com/trystero (MIT licensed) can use it to establish P2P WebRTC connections without requiring a central server.
This is very interesting!

Can this forgo needing the STUN/TURN server? If this is the case then it is huge!

(comment deleted)
A big misconception I've seen is the assumption that Nostr relays are federated and share messages between one another. This is not how it works. So if you're building a "Twitter clone" the client app must search multiple relays and post to multiple relays. If clients are not using a relay in common they cannot see one another.

The end result is a bad experience for both user and developer. Using a single relay is centralised and defeats the point. Using multiple relays is slow and cumbersome and requires the user to know/care which relays they are connecting to.

When I played with Nostr a couple years ago the "NIPs" were already a complete mess. Later NIPs supersede earlier NIPs changing how clients are supposed to interpret messages. At least some are flagged as "unrecommended: deprecated" now.

(comment deleted)
Since relays don't own user generated content, there is no need to "federate" client's generally rely on user-selected relay sets. The user chooses where they want to read/write events to/from.

That said, many of the "larger" relays do store events from other relays (federation if you prefer). Primal does, TheForrest does, nostr.land and so on. Nostr.land specifically has a purpose of aggregating notes from many other public relays, with spam filtering. It's a paid relay built for that purpose. Don't want that, use someone else.

Most users get to see 99% of notes from the current relay federation now, but it's also impossible to check those metrics.

Certain clients and signers store notes privately so if a relay ever decides to censor your notes you just publish to a different relay if they don't have your notes already.

Chances are if you use ANY of the popular paid relay providers, your going to get warnings on 3/4 write events that the other relays _already_ have the note published to the first. It's usually that quick...

Finally, relays "federate" by acting as clients themselves. Most relay software available already offers this as an option, may use it as a local cache for when on mobile and network/wifi is slow. Their local relay slowly pulls notes from other relays (or outbox) and caches those notes for when they load their client up. It's cache and the client dev didn't even have to write that functionality, it was transparent.

Finally, other's mentioned outbox, which has it's own set of issues as well, but it doesn't matter because a client developer can choose to give the user the option if they want. Going from federated, to peer-to-peer which was the intention.

The Nostr protocol as such does not look like a huge revelation. JSON, hashes, signatures, and that’s about it. JSON is not a cryptographer’s best friend, by the way.

Effectively, everything else is left to be implemented.

That probably explains try-everything-see-what-works approach to client apps?

Could you elaborate on "JSON is not a cryptographer's best friend"? JSON is not a dog, for example, but that doesn't tell much.
I've tried to use it many times, through Damos on iOS, but it's littered with dead and abandoned projects and an alternative UI that worked one day, will just be gone later.

In the end the content I was seeing there was almost exclusively about Nostr and Crypto so it wasn't that interested to keep using it.

>apolitical communication commons

Some people say that labeling yourself apolitical is 1, a polticial statement 2, a privilege itself which puts you into a certain socio-political position

If everything is political, then nothing is political. I believe that author(s) just don't want to participate in non-technical discussions around his creation.
I think the point is that nostr supports left wing, right wing, totalitarians, tankies, communists, lawyers, nazis, anarchists, javascript developers, liberals... everyone, without regards to their politics.
> "An open protocol with a chance of working"

One of the most depressing things about the decentralised protocol space is the adversarial attitude to other projects - whether that's Nostr v. ActivityPub v. ATproto v Nostr, XMPP v. Matrix v. IRCv3 v. Deltachat, etc.

Imagine if the energy spent on positioning yourself relative to other open-source projects (who should be fellow travellers, if anything) was instead invested into competing with the centralised proprietary incumbents instead.

The same applies to open source as a whole, but it's depressing to see the same vibes leach into the literal tagline of the project.

There's also Stacker News which is centralized like Reddit or HN but uses BTC micropayments over Lightning in lieu of upvotes. It's a lot slower than HN but so far the SNR is a lot higher. It's also a bit dominated by Bitcoin content (much like some Nostr stuff.) Whether that's just a function of size or not is yet to be seen.
How does it differ from the Freenet[1] project?

AFIK Freenet is the only truly resilient anonymous network that lasted +20 years without literally a single successful attack by the state actor.

It's like RAID over the internet over encryption with global replication of data. Amazing project for PHD thesis lol

1: https://en.m.wikipedia.org/wiki/Hyphanet

Is there any concept of private key rotation or something else? In case a client with a nostr key on it got compromised or something similar? With a traditional password passed logins I would just set a new password from another machine. Regeneration of a new nostr key would mean it's a new account isn't it?
One potential positive of the recent censorship and deplatforming targeting the left is that it may accelerate the development of censorship-resistant platforms like Nostr, given the left has far more technologists than the right.
My back-burner idea: the equivalents of Nostr relays, Mastodon instances, Discord servers, etc. needs to be self-hostable in client apps for decentralized social media to work.

Not only classical P2P software did exactly this, it worked/works beautifully. The only reason classical P2P software did not work and did not replace WWW as application was because of piracy prosecutions that makes users responsible for hosting data with unknown content that would be later revealed to users to have been pirated content that the user would be criminally responsible a la illegal substances through airport checkpoints.

That's bad - both the fact that users' passive actions are incriminating, and substances too. So the next-gen P2P would have to have plausible logging content filters such as AI-based CP and Hollywood detectors that would stop relaying of such content so that users can defend themselves in criminal courts. Or the systems could also be in-circle specific so nothing of value is lost if everyone in a terrorist group would be prosecuted together, though I imagine that could hamper network growth.

But fundamentally, I think the model has to be that all clients are also servers. That's the best way to decentralize a social media.

Don't know much about Nostr, but wondered re the spam problem, if it would make sense to introduce the idea of proof-of-work for the identities? A quick search shows that the have optional PoW proposals for notes (i.e., individual posts), but I didn't see anything about PoW for identities.

People could spend $1, or $5, or $50 of compute for an identity, and others could use the cost of the identity as a filter. Having a $5 ID put on a blacklist would make poor behavior of any sort more costly.

I still don't understand how Nostr would behave in this hypothetical scenario - a bad actor creates 100k key pairs (via residential proxies) and posts 10 LLM-generated replies to each new post. Who would fight with that wave of spam exactly and how?