> I've sometimes dreamed of a web where every resource is tied to a hash, which can be rehosted by third parties, making archival transparent. This would also make it trivial to stand up a small website without worrying about it get hug-of-deathed, since others would rehost your content for you. Shame IPFS never went anywhere.
You've just described Nostr: Content that is tied to a hash (so its origin and authenticity can be verified) that is hosted by third parties (or yourself if you want)
What did you think was going to happen when you've got guaranteed payments and a growing customer base as people celebrate their "neurodiversity" whilst at the same time demanding subsidies and yelling "ableist" at anyone who criticises them or the system?
So politicians pretend to care by throwing more money at their cronies and get away with it because won't someone PLEASE think of the children. And then people pat them on back and vote for them in the next election, and blame "capitalism" while the people they've just voted back in make millions.
They even say "We're also dealing with children who are largely insured by Medicaid programs" and yet still people are failing to join the dots...
Yep. And you still de-anonymise yourself with Mastodon when you buy hosting and a domain. If you use an existing provider, then you're back at square one and living in hope that the provider doesn't keep logs etc, or just decide they don't like you.
Nostr fixes both of these. So whilst you're at the mercy of relays storing your data, you can at least be anonymous.
"Boom. Same as Nostr, but with existing platforms" - Except without the ability to give and receive real value via zaps, and at the risk of being censored, and losing your entire audience at the whim of the network operators.
Spam is basically a solved issue. There's both proof of work and paid relays, not to mention web or trust. It has been at absolute worst a minor annoyance.
There's plenty of ways to discover content on Nostr, from hashtags to channels to location based chats to just following some interesting people. It's perhaps not as frictionless as X, but imho that's a feature not a bug.
> It has been at absolute worst a minor annoyance.
This is easy to say when there is little adoption and attackers don’t care about the network. It doesn’t mean it’ll remain true if that changes. Proof of work is much less effective when people are willing to use botnets and paid relays complicate life for regular users so there’s a cap on how aggressively that can be used.
How much money have people spent on Bitcoin because of PoW? All those billions were spent because as a speculative vehicle they thought they’d see even greater returns but that doesn’t mean that any other service will see a correspondingly high willingness to spend large amounts of real money.
This is especially challenging in the social space where people are accustomed to not paying and you have significant network effects from anyone being able to sign up for free. Bitcoin’s transaction fees are one of the major reasons why it failed as a currency and that has orders of magnitude fewer messages.
You missed the point of what he is saying. The point is, proof of work used to post stuff to relays etc. is not solving the spam issue that Nostr is yet to face due to network effects. Your quip about people care about PoW because bitcoin uses it is just a very unrelated statement that is super off base.
Nostr relays are like Discord "servers" if they were actually servers you could deploy yourself and each client had a cryptographic identity and was used in DMs. You can have the same UI to interact with them all. But they are disjoint. You can interact with people in the channels as long as you subscribe to the same "relay" etc.
Also you keep bringing up Lightning as if it is successful but it is not. It failed in every way. Its model simply does not make sense unless you are a node that receives as much as it sends or sends as much as it receives. You know this yourself if you are a Lightning user. Bitcoin is cool, crypto is cool, even Nostr is cool but some of your statements are conflicting with each other and they aren't making great points.
I tried Nostr but like a lot of people here have been saying, it falls short in many ways due to the way it is structured. Relays are not really relays, they are more but also less. They are like community servers. Sure you can connect to many, have the same UI, but they are still disjoint and feels lonely.
You keep saying you can sign your messages and there is value there to people who are saying it is censorable in the ways they described.
This is not a personal thing, I want to like Nostr and I tried using it. I can and would probably get some use out of using it as a pubsub or message delivery infrastructure for two things I want to connect but what if the relay goes down? It is like a centralized pubsub messagebox thing. But can't even do that fully.
That other guy that said it is just like writing a message, signing it, posting it on X, Facebook, YouTube and BlueSky. People who follow those places can see it. There needs to be some sort of relay to relay communication (actual relaying) that needs to go on. And that wouldn't scale, even if it would work for now.
Protocol itself is simple and nice to have. Could be cool as a transport. The concept is uniquely situated too but using it the way it initially came out as feels like trying to shove a square into a circular hole.
I'm building a Nostr app (+- 2mio notes). There is a lot of spam and much worse content.
But it's kinda a solved problem (not through PoW) but through Web of Trust and not having algorithms. You see what the people/communities you follow post.
> I tried Nostr but like a lot of people here have been saying, it falls short in many ways due to the way it is structured. Relays are not really relays, they are more but also less. They are like community servers. Sure you can connect to many, have the same UI, but they are still disjoint and feels lonely.
I'd like to know more. Imho the fact that relays are dumb is a feature.
> You keep saying you can sign your messages and there is value there to people who are saying it is censorable in the ways they described.
All messages are signed. There is no way NOT to sign a message. This comes with the advantage that you don't need to trust the relays/pipes where messages go through which is an immense benefit
> This is not a personal thing, I want to like Nostr and I tried using it. I can and would probably get some use out of using it as a pubsub or message delivery infrastructure for two things I want to connect but what if the relay goes down? It is like a centralized pubsub messagebox thing. But can't even do that fully.
Relays go down all the time. There was an experiment where a major relay (Damus) just deleted the entire dataset. People barely noticed. And as any client (not just the author) and other relays can re-broadcast events the relay eventually recovers.
> There needs to be some sort of relay to relay communication (actual relaying) that needs to go on. And that wouldn't scale, even if it would work for now.
There are three mechanisms that do that:
- clients posts to multiple relays
- clients/followers can rebroadcast notes (to other relays)
- quite a few relays are syncing (negentropy sync)
> Except without the ability to give and receive real value via zaps, and at the risk of being censored, and losing your entire audience at the whim of the network operators
Please take a look at my other replies to other posts.
Read about the outbox model, or Bitchat.
The large relays are not required. They are a public service but not essential. There are plenty of community relays charging for access too, and the outbox model means you're not even depending on them. Nostr can and does successfully operate via even Bluetooth Mesh Networks. Search up Bitchat and see how it has been used in Nepal, Indonesia, and elsewhere.
if the solution to censorship is flooding the network posting the same message to multiple of their preferred relays in hopes that the recipient gets it, what happens if i get banned from all their preferred relays? i dont think i can message them directly so im effectively blocked
Your followers fetch the note from your relays. You tell the network where they can find your notes (self hosted relay) and their client will take the effort to find your content
Relays are not coordinated. For every relay A that bans you because you say X, there will be a relay B that welcomes with open arms if you say X.
If the recipients want to hear all the facets of discourse around X, they will subscribe to A and B. If they really hate X, they will subscribe to A but not to B. If they really love X, they will probably subscribe only to B.
Compare this with Mastodon, where your favourite server can decide to exclude other servers, so if A decides that X is toxic, you will never see X as long as you use A.
This is not true. Read up on the outbox model. I have linked it elsewhere in replies in this thread.
You post to your own preferred relays, as well as to the preferred relays of others who are involved in the conversation, as well as to a couple of global relays for easy discoverability.
These global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
That's exactly what I'm talking about with having pre-agreed relays. Those relays become preferred as a sticky default, especially with low-sophistication users that don't have organic onboarding paths away from the sticky defaults.
Read up on the outbox model and zaps. Also check out Bitchat for a real world example of Nostr being effectively used without even requiring Internet connectivity.
You cannot censor Nostr.
Also, check out how zaps work, and relay authentication. You can charge for relays if you want.
Can you summarize how those prevent the listed problems? Tossing around absolutes like “you cannot censor Nostr” sounds like a religious assertion rather than technical analysis.
I have posted very similar replies to other messages in this thread and don't want to repeat myself too much at the risk of being considered spam.
But... Outbox model prevents censorship because you push your (cryptographically signed and so impossible to impersonate) messages to multiple relays. To your own preferred relays, as well as to the preferred relays of others who are involved in the conversation, as well as to a couple of global relays for easy discoverability.
These global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
In this way Nostr has the benefits of centralised networks for discoverability, federated networks for communities, and private individual web site for p2p and archival purposes. As well as making it impossible to censor.
And if you take down THE ENTIRE INTERNET in order to censor Nostr? Well, Bitchat is Nostr via Bluetooth Mesh Networks. Do a quick search and find out where and when it has been used (Nepal, Indonesia, and elsewhere)
And as for zaps fixing the economic problem, I'm not sure what else to say other than you can give and receive value directly using the Lightning Network. It is seamless in most Nostr clients, and built into the Nostr protocol. If you don't believe in Value For Value (v4v) then you can just charge a fee, and the economics problem is solved.
NOSTR is a protocol that doesn't detail all implementation details so it wouldn't be fair to point HTML as culprit for flaws of web browsers.
That is a good paper, the leaks are mentioned the app Damus (notes browser) which wasn't really much worried about verifying the authenticity of the notes. The details: https://crypto-sec-n.github.io/
These are apps developed on free time and made available for free so these issues are bound to exist and be repaired.
A government could make it illegal to run or connect to nodes. It could DPI traffic in and out of the country, and block known nostr relays. Or it could just mandate that smartphone manufacturers block it, which would take out a large fraction of potential users.
(How does nostr avoid hosting known CSAM? Because that is the one thing that law enforcement will definitely come after)
Sure you can. A relay operator absolutely can censor what goes through their relay. More to the point, you cant even prove that such censorship has occurred.
Nostr is censorship resistant in that you can publish to multiple relays, but that is far from censorship-proof.
Nostr has the benefits of centralised networks for discoverability, federated networks for communities, and private individual web site for p2p and archival purposes.
As I have said in other replies to this post, read up on the outbox model. Global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
And there are incentives to running a global or community relay. Read up on Zaps. With Nostr, you can give real value via the lightning network, and it is built into the protocol. This allows you to charge for usage if you so desire. And then there's all the other reasons why people run community web sites or global services.
Why would "every relay getting pummeled by a load of clients simultaneously, all trying to push the same message"?
Relays get one client pushing one message. That one message is pushed to multiple relays. To your own preferred relays, as well as to the preferred relays of others who are involved in the conversation, as well as to a couple of global relays for easy discoverability.
These global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
In this way Nostr has the benefits of centralised networks for discoverability, federated networks for communities, and private individual web site for p2p and archival purposes.
> Why would "every relay getting pummeled by a load of clients simultaneously, all trying to push the same message"?
Because that is the obvious thing that would happen without further implementation details. A few large relays taking the brunt of the vast majority of the network. It isn't an inherently scalable architecture.
Of course you can do other stuff in addition and thereby achieve scalability. At least arguably. But then a relevant explanation needs carefully walk through those additional non-obvious details.
I'm still confused about why multiple clients would be pushing the same message, especially given that Nostr events are signed, but that's by the by.
I think "without further implementation details" is the key point here. Client developers usually have these. Sure, Nostr is still small, but there's several clever ways of dealing with scalability issues. Not least of which is the outbox model, linked in my first post.
Your criticisms of the article are valid tho. And I don't think it is unique in its failing. Perhaps Nostr's fatal flaw is in the way it is being sold by its fans, myself included.
But that's OK. It will take off as Bitchat, or Primal, or whatever the next iteration is that figures out a way of selling Nostr's benefits, without confusing people with its implementation.
> I'm still confused about why multiple clients would be pushing the same message
From the information given in the article, it states categorically that the relays do not ever connect to other relays (which makes you wonder why they even choose to misname them if they're not actually relaying anything).
It then continues saying that clients need to connect to multiple (but not more than a dozen) to be able to receive all content from anywhere. The only inference I can make from that is that a client is responsible to receiving a message from one "relay" and transmitting it to another.
The obvious question then is how does the client know if the other relays already have the message? There are two obvious options:
* The client informs the relay about every new message it receives from every other relay. That means each relay will be informed about each new message from the vast majority of the clients that connect to it, which is obviously going to be expensive. It would also put the burden on clients to remember which relays they've informed, and if they add a new relay, the client would presumably have to replay every message it knows just in case the relay is missing it.
* The other option is that the client has to query the relay for a list of every single message on the relay and only forward on new messages to the relay if the relay says it doesn't have it. This could potentially be even more expensive, and even if the client/relay maintain some kind of shared state, if the client tries another relay, it'd have to re-download the entire list of messages. Even if we're only talking about message IDs, that's a huge amount of data to download.
In any case, if relays will just accept any old message and rely on the clients to check they were signed correctly, then it stands to reason that any relay can be trivially DDoS by bombarding it with junk. The impression the article gives is that relays would never verify the authenticity of a message itself, because that would break their distributed model.
The article doesn't provide any detail about how its new "relay" solution works. It just stops abruptly after asserting that relays fix everything, with no explanation. This is exactly the reason why I said the article feels like it's cut short.
So, without any hints to its possible implementation, one can only speculate and I personally can't see any way in which this solution would be better than a peer-based solution where "relays" actually relay messages between themselves. It's possible that whatever the author has created is truly innovative and groundbreaking, but they haven't chosen to tell us why in the article.
Well, you are right. This article sort of sucks in explaining anything and it is also already outdated. Understandably your summary of how it could work is wrong and the article is indeed to blame.
My suggestion would be to skip it and learn about nostr from other sources. I'm on Nostr since almost the beginning and it's been very exciting to watch. For reference my android client app (Amethyst) is currently directly connected to 390 relays (using the new "outbox model") and it works well, no slow down, no battery drain.
You've just described Nostr: Content that is tied to a hash (so its origin and authenticity can be verified) that is hosted by third parties (or yourself if you want)
reply