Reading the comments below make me feel like I should maybe be expected to already know what nostr is. But anyway, I don't and reading this article, it felt like it just suddenly cut off at the end.
It explained all the traditional approaches, which are all able to help discoverability and shareability of data between servers, and then says "the solution is relays" and then describes something that doesn't seem to be relaying anything. It sounds like a single dumb, untrusted message store on a single server that doesn't relay anything anywhere. It even specifically says "Relays don’t talk to each other, and users only need to join a small number of relays to gain autonomy—at least two, and certainly less than a dozen".
Not sure where the less than a dozen relay bit comes from. Are they expecting clients to do all the relaying between the relays? If so, wouldn't you get every relay getting pummeled by a load of clients simultaneously, all trying to push the same message. It sounds like the complete opposite of what you actually want. The article seems to just stop short at exactly the point when it should say how what they're proposing actually works.
Why would "every relay getting pummeled by a load of clients simultaneously, all trying to push the same message"?
Relays get one client pushing one message. That one message is pushed to multiple relays. To your own preferred relays, as well as to the preferred relays of others who are involved in the conversation, as well as to a couple of global relays for easy discoverability.
These global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
In this way Nostr has the benefits of centralised networks for discoverability, federated networks for communities, and private individual web site for p2p and archival purposes.
> Why would "every relay getting pummeled by a load of clients simultaneously, all trying to push the same message"?
Because that is the obvious thing that would happen without further implementation details. A few large relays taking the brunt of the vast majority of the network. It isn't an inherently scalable architecture.
Of course you can do other stuff in addition and thereby achieve scalability. At least arguably. But then a relevant explanation needs carefully walk through those additional non-obvious details.
I'm still confused about why multiple clients would be pushing the same message, especially given that Nostr events are signed, but that's by the by.
I think "without further implementation details" is the key point here. Client developers usually have these. Sure, Nostr is still small, but there's several clever ways of dealing with scalability issues. Not least of which is the outbox model, linked in my first post.
Your criticisms of the article are valid tho. And I don't think it is unique in its failing. Perhaps Nostr's fatal flaw is in the way it is being sold by its fans, myself included.
But that's OK. It will take off as Bitchat, or Primal, or whatever the next iteration is that figures out a way of selling Nostr's benefits, without confusing people with its implementation.
P2P with end-to-end encryption over relays existed in 2001 (e.g. Groove, Mojo Nation) and wasn't invented by Nostr.
Nostr is so simple because it handwaves away the fact that everybody seems to use the same small set of relays and there's nothing stopping them from censoring the network. I'm also not aware of any incentives for the relay operators either.
This exactly. Worth mentioning that "censoring" can occur in any of a number of ways; blocking select traffic, slowing select traffic, "forgetting" specific nodes, redirecting other nodes at will, performing MITM attacks (if the protocol isn't secure), etc etc.
Also, beyond just no positive incentives, there are nontrivial negatives... they're hubs for an entire network, which can be a lot of traffic and bandwidth if peers are sharing anything other than text. That's a potentially significant cost for literally just being a dumb router. The idea of charging for this doesn't make sense... you don't choose a router, it's automatic based on location, so there's no incentive for quality. That ends up being a race to the bottom, which there's no room for arbitrage; prices are driven down to near-zero profit.
Abuse-wise, the model is fundamentally flawed. Economically, the idea kinda works so long as hub traffic is low enough to be swallowed in background noise for whoever manages the hub. Beyond that the model breaks pretty quickly.
Read up on the outbox model and zaps. Also check out Bitchat for a real world example of Nostr being effectively used without even requiring Internet connectivity.
You cannot censor Nostr.
Also, check out how zaps work, and relay authentication. You can charge for relays if you want.
Can you summarize how those prevent the listed problems? Tossing around absolutes like “you cannot censor Nostr” sounds like a religious assertion rather than technical analysis.
I have posted very similar replies to other messages in this thread and don't want to repeat myself too much at the risk of being considered spam.
But... Outbox model prevents censorship because you push your (cryptographically signed and so impossible to impersonate) messages to multiple relays. To your own preferred relays, as well as to the preferred relays of others who are involved in the conversation, as well as to a couple of global relays for easy discoverability.
These global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
In this way Nostr has the benefits of centralised networks for discoverability, federated networks for communities, and private individual web site for p2p and archival purposes. As well as making it impossible to censor.
And if you take down THE ENTIRE INTERNET in order to censor Nostr? Well, Bitchat is Nostr via Bluetooth Mesh Networks. Do a quick search and find out where and when it has been used (Nepal, Indonesia, and elsewhere)
And as for zaps fixing the economic problem, I'm not sure what else to say other than you can give and receive value directly using the Lightning Network. It is seamless in most Nostr clients, and built into the Nostr protocol. If you don't believe in Value For Value (v4v) then you can just charge a fee, and the economics problem is solved.
You are correct that it existed well before, the difference is that it was always complicated to use. Heck, we have been able to send PGP emails since almost 30 years ago.
The innovative concept is that npub/nsec along with sending notes is trivially simple. The content does not need to encrypted, there is a huge value on publishing clear text messages that are crypto-verifiable. You also didn't had this feature on groove and others. I'd argue that NOSTR has indeed pioneered them into mainstream.
Nostr has the benefits of centralised networks for discoverability, federated networks for communities, and private individual web site for p2p and archival purposes.
As I have said in other replies to this post, read up on the outbox model. Global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
And there are incentives to running a global or community relay. Read up on Zaps. With Nostr, you can give real value via the lightning network, and it is built into the protocol. This allows you to charge for usage if you so desire. And then there's all the other reasons why people run community web sites or global services.
Nowadays a NOSTR "relay" isn't exactly a relay any longer, is it?
Should likely be called a "database server" since it's main purpose is to host user data and perform queries over it. A relay is something connecting two devices and makes a best effort to get out of their way.
Nevertheless: NOSTR is the most exciting social network that I've seen in the past 20 years. The concept of owning the keys without a blockchain associated enables not just decentralization, it also permits a complete offline functioning to login, view private messages and so much more that isn't possible from any other popular social network predecessor.
I've been looking at that for quite some time, even met teams members developing the product. Sorry to say: both are fundamentally different technologies and philosophies.
NOSTR "accounts" are meant to trivially generated and used outside the context of micro-blogging. That is the reason for being popular, the npub becomes a signature that validates texts and there is value in that.
AT always feels like mastodon meets RSS with US-centric political moderation on top.
I wouldn't write ATProto off as just microblogging, there are a bunch of interesting (and exciting depending on your POV) apps out there that _aren't_ microblogging apps. To name a few:
This is something you opt-in to. Two concepts, labels and moderation policy.
You subscribe to "labelers" which will apply labels to posts. You can subscribe to many labelers. Some labelers will be generic or some will be focused on a certain idea/niche. You might have a labeler focusing on nsfw content or another for human vs ai content. Or one who just tags spiders. Labels can be anything, and are stand alone data objects in the atproto ecosystem.
Your moderation policy is up to you, on how to handle those above labels. You can decide to allow, warn, or block for each label applied by your labelers. Warn shows a content warning you must click through first to see.
Bsky does have a default labeler and moderation settings when you sign up, which you might be experiencing.
Every social media platform needs to a solution to:
1. Content discovery
2. Spam
3. Content moderation
I can see relays offering unique solutions to each one. But now they are more than just dumb servers.
You get to the point where you might as well just write posts locally then submit them to X, Facebook, etc. You get the same result. And if you include a cryptographic signature with each post, you can prove you are the same person across the different platforms.
"Boom. Same as Nostr, but with existing platforms" - Except without the ability to give and receive real value via zaps, and at the risk of being censored, and losing your entire audience at the whim of the network operators.
Spam is basically a solved issue. There's both proof of work and paid relays, not to mention web or trust. It has been at absolute worst a minor annoyance.
There's plenty of ways to discover content on Nostr, from hashtags to channels to location based chats to just following some interesting people. It's perhaps not as frictionless as X, but imho that's a feature not a bug.
> It has been at absolute worst a minor annoyance.
This is easy to say when there is little adoption and attackers don’t care about the network. It doesn’t mean it’ll remain true if that changes. Proof of work is much less effective when people are willing to use botnets and paid relays complicate life for regular users so there’s a cap on how aggressively that can be used.
You missed the point of what he is saying. The point is, proof of work used to post stuff to relays etc. is not solving the spam issue that Nostr is yet to face due to network effects. Your quip about people care about PoW because bitcoin uses it is just a very unrelated statement that is super off base.
Also you keep bringing up Lightning as if it is successful but it is not. It failed in every way. Its model simply does not make sense unless you are a node that receives as much as it sends or sends as much as it receives. You know this yourself if you are a Lightning user. Bitcoin is cool, crypto is cool, even Nostr is cool but some of your statements are conflicting with each other and they aren't making great points.
I tried Nostr but like a lot of people here have been saying, it falls short in many ways due to the way it is structured. Relays are not really relays, they are more but also less. They are like community servers. Sure you can connect to many, have the same UI, but they are still disjoint and feels lonely.
You keep saying you can sign your messages and there is value there to people who are saying it is censorable in the ways they described.
This is not a personal thing, I want to like Nostr and I tried using it. I can and would probably get some use out of using it as a pubsub or message delivery infrastructure for two things I want to connect but what if the relay goes down? It is like a centralized pubsub messagebox thing. But can't even do that fully.
That other guy that said it is just like writing a message, signing it, posting it on X, Facebook, YouTube and BlueSky. People who follow those places can see it. There needs to be some sort of relay to relay communication (actual relaying) that needs to go on. And that wouldn't scale, even if it would work for now.
> Except without the ability to give and receive real value via zaps, and at the risk of being censored, and losing your entire audience at the whim of the network operators
Please take a look at my other replies to other posts.
Read about the outbox model, or Bitchat.
The large relays are not required. They are a public service but not essential. There are plenty of community relays charging for access too, and the outbox model means you're not even depending on them. Nostr can and does successfully operate via even Bluetooth Mesh Networks. Search up Bitchat and see how it has been used in Nepal, Indonesia, and elsewhere.
For all the faults of current Fediverse software implementations, it at least gives more options than nostr. If you don't care about controlling your own identity, you can use someone else's server. Nostr doesn't give you that, it's all or nothing.
Normies manage their house keys just fine. Obviously crypto keys come with different challenges but that's a UX problem. People losing their house keys is not generally an Earth shattering event. Losing a crypto key doesn't have to be either.
A wallet is easier to lose than a bank vault, but it also holds less money for the same reason. Crypto keys can be designed the same way, with high importance keys managed by safer means like m of n schemes mixed with traditional "hard" storage in geographically distributed safe deposit boxes or whatever, while less important keys can be treated in a more relaxed fashion.
This analogy misses the entire system keeping house keys manageable. If you lose your keys, a locksmith can help you regain access cheaply and quickly because there’s an entire legal system allowing you to prove that you are the legitimate owner. The system you describe for crypto keys is not only significantly harder to use but also lacks that cushioned landing if any part of that fails. Any teenager with poor impulse control can toss a brick through the window and gain access to my house, maybe even grab the spare keys, but they couldn’t occupy it for very long or transfer it to a new owner, which is a significant risk mitigation compared to those crypto keys even before you consider how many more attackers you have to worry about online – there’s no real-world analog to some guy phishing someone on the other side of the planet to post ads or make fake reviews, secure in the knowledge that their local police don’t care.
>People losing their house keys is not generally an Earth shattering event.
yes because if you lose your house keys you don't lose your property, precisely because there is an entire legal and governmental apparatus securing it, the exact thing the crypto people first try get rid off and then reinvent (shoddily) when they inevitably discover that nobody wants to live in the jungle
It is not about the difficulty, it's the potential consequences.
People also take care of their house keys and their wallets, but If I lose the keys to my house, it isn't automatically taken over by squatters and if I lose my ID card I can issue a new one quickly.
What happens if you lose the cryptographic key to your nostr account? Who do you call for help?
What happens when the key is lost, and the consequences like "lose all your money" or "lose your account access" are non-starters, as someone who owns a hardware key for my email account
Multi-sig wallets are even more complicated and not for normies
what happens if you lose your password? You click a link to reset it, and it gets sent to your email. What happens if you lose access to your email password?
For who might be pulled in by the vague title, not knowing what a nostr is, thinking this article has anything to do with evolution - it has nothing to do with evolution or nature. Not one example of nature trying to evolve a nostr is descibed.
Maybe like... the author thought a nostr is similar to, I dunno, a pack or tribe or something?
It's clearly a tongue in cheek joke about the progression of projects with similar goals that reach imperfect outcomes, with the implicit assumption that Nostr represents the ideal solution.
There was a “nature keeps evolving crabs” meme that was floating around a while back, I think it is a reference to that. I was also disappointed by the lack of nature, evolution, and crabs in the article.
I feel projects like nostr ignore inherent human requirements for social networks. This is a striking quote from their landing page:
"Nostr doesn't subscribe to political ideals of "free speech" — it simply recognizes that different people have different morals and preferences and each server, being privately owned, can follow their own criteria for rejecting content as they please and users are free to choose what to read and from where."
Their statement underlines the fact that nostr is a stream of dirty sewage and they want users to submit their valuable user-created content into this sewage. Then they turn around and say that the sewage is not a problem because you can filter it and even use it as drinking water later on!
I don't see how a person with real-life social rank and social capital will sign up to something like this, or be willing to maintain a technical interface to the "stream of different morals".
You'd need to put immense trust into the "filtering" process so that you are not involuntarily exposed to rubbish. And on the other hand your valuable user-generated content could be showing up in another context with your name attached, directly next to some extremely degenerate trash created by "people with different morals" as nostr calls it. Advertisers have big problems when their brands are advertised next to problematic topics, it is the same with people.
How can you rationalize this as a good value proposition? People want to impress an audience with their user-generated content. And you only want to impress someone you look up to.
If I could sign up to a social network of people who can put a nail into the wall, take a daily shower, brush their teeth, and live in a democratic country I would immediately do so. If I want to get exposed to "different morals" I just open any of the other existing social networks. Until then I'm stuck here :P
> You'd need to put immense trust into the "filtering" process
I think their audience for that page is people who want to implement those filters. It's not like you can log into nostr and start browsing any more than you can log into https and start browsing.
I don't appreciate the content either but a protocol that doesn't create high value targets for corruption (e.g. certificate authorities) is useful independent of the regrettable vibes that its fan club has. You're not going to catch their cooties by interacting with content that was in adjacent database row.
"Each server, being privately owned, can follow their own criteria for rejecting content as they please and users are free to choose what to read and from where."
Doesn't this same line of thinking apply to the Internet as a whole? Couldn't your question of "Why would anyone use Nostr?" equally be asked for "Why would anyone use a web browser?"
It depends on if you frame it as a service versus as infrastructure that a service uses. The public roadways are similar streams of unfiltered sewage yet we see billboards along them and large businesses that care about appearances connect to them. Meanwhile gated communities also exist but are far from the norm.
> showing up in another context with your name attached, directly next to some extremely degenerate trash
Check out police bodycam footage on youtube for real world examples of exactly this.
One could easily test the author's conviction on "rejecting content as they please" by spamming them with horrible stuff for a few months and the author would learn why 100% of content moderation should not be pushed on the individual user.
I think that moderation should be pushed to the individual user to avoid censorship, but not in the form it's currently implemented by all these platforms.
To give an example on how I think moderation should work. If I follow you and you follow me on some nonexistent platform Y. You see the content I upvote, and I can see the content you upvote. So we'd start with block all by default, with transparency of why something is in one's list.
I pitched a P2P platform like this years ago to NLNet (taking heavy inspiration from I2P's Syndie app, minus the funky UX), though I didn't manage to get any funding due to missing clout as a public developer; to lead such an effort.
By the “sewage” analogy you are expressing the assumption that the vast majority of what people write is outright toxic and that being exposed to it is actively hurtful.
My experience on the internet does not reflect this, this is a very pessimistic view of people, bordering on perl-clutching.
Most raw user generated feeds are not great sure, but it’s mostly mediocre jokes and mildly provocative takes from bored trolls, and that’s usually a loud minority. Most people either lurk or make a modest effort now and then, particularly in niche communities like this where most people aware of it will already be fairly deeply immersed in tech. People have better things to do than to constantly be aggressively offensive, I imagine it gets old fast, and you really need to go out of your way to write something that legitimately hurts an adult.
Sure of course there are corners that are cesspits of hate, but they tend to band together and it is quite hard to bump into them accidentally. And when you do, you just feel slightly disgusted for a second, turn back and forget about it.
Some moderation is critical, but it usually needs to only be enforced for a few bad apples, most people act with decency and common sense, even when anonymous. And yes including people with lesser means and/or from shitty countries. People from different cultures are mostly the same when you peal away superficial customs, and I find much more in common with someone of my age with similar interests from the other side of the world, than with a grumpy old neighbor frankly. At least that’s my experience.
My experience is that most forum style social media has been devoured into the reddit world, and furthermore that any attempt at making an offsite version of reddit or similar forum-like functionality is either locked down with rules that would make the Stasi blush or quickly converges on a new Stormfront forum.
The problem with reddit's panopticon moderation, with its ill defined, nebulously (and now AI) enforcement of sitewide policies, ends up repressing a negative behavior rather than refuting it, and, when people move to a similar off-reddit site, they are itching to start taking part in discourse they weren't allowed to before.
The end result is that people who are used to policing their own speech to avoid the panopticon rather than because it's the right thing to do eventually lose that moral code that was previously shaped by discourse and pushback from their peers rather than anonymous opaque moderation.
Repressing rather than refuting pretty closely models real life though.
Usually if you violate social norms people just push you out of the group and not bother explaining it to you. Not always, but usually. Yes if it is so bad it gets violent or something you will find out for sure why, but if you just show up to a friend function and start spouting off about gassing the jews or something most likely people just won't invite you back and never explain why.
Actually finding out why you were violating social norms I've found is mainly found either on the internet or from your parents when young. Hardly anyone in real life is going to bother telling you why, especially when some people are liable to act violently and there is no upside to them for bothering to explain it to you.
With millions of daily users Mainline DHT is the most successful truly decentralized social network.
Successful decentralization is about incentives, and Mainline DHT's incentive is downloading digital media for free.
I asked this in another comment, but why aren't we using DHTs for peer discovery for social apps? The ratio mechanic provides incentives in the file sharing realm, but you need different incentives for the threaded chat realm.
We already see "paid relays" and relays that filter certain content, even as small as nostr is today. I think the end state, if it manages to really catch on, is going to be as "oligarchical" as mastodon or other federated networks today - just via relays instead of via homeservers.
A step in the right direction for sure! But I don't feel like Nostr is the final target that nature is shooting for here.
The solution to bad relays is to just use different relays. Changing your relays is just a matter of publishing a new 10002 relay list, and optionally copying over your old notes (or reseeding them from local backups).
It has been long predicted that federated models (like Nostr) just degrade into a few providers that monetize in the same way they would if the network was centralized. It's the worst of both worlds between centralization and real decentralization — which (unfortunately to the haters) almost certain requires Byzantine fault tolerant consensus (blockchains).
Nostr doesn't even have the decoupling afforded by what we typically think of when we think of federated networks (email, activitypub, matrix). If you and another party aren't using the same relay, there is 0 way for you to interact. It assumes either you pre-agree on a relay (sticky defaults encouraging centralization) or shotgun messages to many relays (economies of scale encourgaing centralization). The protocol explicitly forbids relays from forwarding to each other.
Nostr is a very simple protocol that could have been invented in essence in 1995. There's a reason it wasn't invented until recently, because it's difficult to build robust protocols with good guarantees about discoverability and reliability with a foundation that is as limited as it is.
This is not true. Read up on the outbox model. I have linked it elsewhere in replies in this thread.
You post to your own preferred relays, as well as to the preferred relays of others who are involved in the conversation, as well as to a couple of global relays for easy discoverability.
These global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
That's exactly what I'm talking about with having pre-agreed relays. Those relays become preferred as a sticky default, especially with low-sophistication users that don't have organic onboarding paths away from the sticky defaults.
It's a little different to federated networks like GNU Social/Mastadon since the data and the relay are separate. You can post the same data to multiple relays and read from many relays simultaneously. Meaning you aren't tied to picking a single relay with network effects, and although a big relay going offline might cause temporary chaos, it's fairly easy for new ones to be set up and added to clients, without having to explicitly move things like accounts and so on.
It is all wishful thinking and beside the point. Pubkey auth and normies do not mix. They lose their keys, their identity, their history, then back to zuck or elon’s plantation where things can be administratively resolved.
The presentation of blockchains as some kind of historical imperative would be downright Marx-like if it weren't for the primary difference that Marx put some thought into justifying his position. It's eminently possible to cryptographically secure software without lugging around an immutable distributed database because you're emotionally invested in the idea.
the blockchain is useful in solving double-spending problems in purely p2p applications. Aside from cryptocurrency, take for example name systems like namecoin or ENS: these systems need a way of reconciling who owns what, which involves synchronizing some data across the whole network.
It is inefficient, but the inefficiency seems to lie at some fundamental problem with p2p. Centralized systems need to do the same synchronization, but between fewer actors, and may outsource some of the verification for an exponential increase in speed.
blockchain isn't inefficient because it's p2p. it's inefficient because it assumes peers are untrustworthy and solves for that by imposing a proof of work, requiring cooperative peers to waste more electricity than bad actors.
> The combination of layered system and uniform interface constraints induces architectural properties similar to those of the uniform pipe-and-filter style.
See also Figure 5-8.
The dissertation is all about deriving that network style.
The key thing is that all messages are signed and have a few standard fields, making them easy to replicate across many relays while maintaining the ability to verify their origin. And the second thing being that it is based on websockets, allowing the client to maintain an open connection and have new data be pushed instantly rather than relying on polling.
I think the people with the soundest minds are the ones who are willing to accept that the idea of social networks as they used to be are going the way of the TRL countdown.
And what they’re about to become is going to be something more like political yard signs.
Reading the comments below make me feel like I should maybe be expected to already know what nostr is. But anyway, I don't and reading this article, it felt like it just suddenly cut off at the end.
It explained all the traditional approaches, which are all able to help discoverability and shareability of data between servers, and then says "the solution is relays" and then describes something that doesn't seem to be relaying anything. It sounds like a single dumb, untrusted message store on a single server that doesn't relay anything anywhere. It even specifically says "Relays don’t talk to each other, and users only need to join a small number of relays to gain autonomy—at least two, and certainly less than a dozen".
Not sure where the less than a dozen relay bit comes from. Are they expecting clients to do all the relaying between the relays? If so, wouldn't you get every relay getting pummeled by a load of clients simultaneously, all trying to push the same message. It sounds like the complete opposite of what you actually want. The article seems to just stop short at exactly the point when it should say how what they're proposing actually works.
Check the outbox model: https://nostrify.dev/relay/outbox
Why would "every relay getting pummeled by a load of clients simultaneously, all trying to push the same message"?
Relays get one client pushing one message. That one message is pushed to multiple relays. To your own preferred relays, as well as to the preferred relays of others who are involved in the conversation, as well as to a couple of global relays for easy discoverability.
These global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
In this way Nostr has the benefits of centralised networks for discoverability, federated networks for communities, and private individual web site for p2p and archival purposes.
> Why would "every relay getting pummeled by a load of clients simultaneously, all trying to push the same message"?
Because that is the obvious thing that would happen without further implementation details. A few large relays taking the brunt of the vast majority of the network. It isn't an inherently scalable architecture.
Of course you can do other stuff in addition and thereby achieve scalability. At least arguably. But then a relevant explanation needs carefully walk through those additional non-obvious details.
I'm still confused about why multiple clients would be pushing the same message, especially given that Nostr events are signed, but that's by the by.
I think "without further implementation details" is the key point here. Client developers usually have these. Sure, Nostr is still small, but there's several clever ways of dealing with scalability issues. Not least of which is the outbox model, linked in my first post.
Your criticisms of the article are valid tho. And I don't think it is unique in its failing. Perhaps Nostr's fatal flaw is in the way it is being sold by its fans, myself included.
But that's OK. It will take off as Bitchat, or Primal, or whatever the next iteration is that figures out a way of selling Nostr's benefits, without confusing people with its implementation.
P2P with end-to-end encryption over relays existed in 2001 (e.g. Groove, Mojo Nation) and wasn't invented by Nostr.
Nostr is so simple because it handwaves away the fact that everybody seems to use the same small set of relays and there's nothing stopping them from censoring the network. I'm also not aware of any incentives for the relay operators either.
This exactly. Worth mentioning that "censoring" can occur in any of a number of ways; blocking select traffic, slowing select traffic, "forgetting" specific nodes, redirecting other nodes at will, performing MITM attacks (if the protocol isn't secure), etc etc.
Also, beyond just no positive incentives, there are nontrivial negatives... they're hubs for an entire network, which can be a lot of traffic and bandwidth if peers are sharing anything other than text. That's a potentially significant cost for literally just being a dumb router. The idea of charging for this doesn't make sense... you don't choose a router, it's automatic based on location, so there's no incentive for quality. That ends up being a race to the bottom, which there's no room for arbitrage; prices are driven down to near-zero profit.
Abuse-wise, the model is fundamentally flawed. Economically, the idea kinda works so long as hub traffic is low enough to be swallowed in background noise for whoever manages the hub. Beyond that the model breaks pretty quickly.
Read up on the outbox model and zaps. Also check out Bitchat for a real world example of Nostr being effectively used without even requiring Internet connectivity.
You cannot censor Nostr.
Also, check out how zaps work, and relay authentication. You can charge for relays if you want.
Can you summarize how those prevent the listed problems? Tossing around absolutes like “you cannot censor Nostr” sounds like a religious assertion rather than technical analysis.
I have posted very similar replies to other messages in this thread and don't want to repeat myself too much at the risk of being considered spam.
But... Outbox model prevents censorship because you push your (cryptographically signed and so impossible to impersonate) messages to multiple relays. To your own preferred relays, as well as to the preferred relays of others who are involved in the conversation, as well as to a couple of global relays for easy discoverability.
These global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
In this way Nostr has the benefits of centralised networks for discoverability, federated networks for communities, and private individual web site for p2p and archival purposes. As well as making it impossible to censor.
And if you take down THE ENTIRE INTERNET in order to censor Nostr? Well, Bitchat is Nostr via Bluetooth Mesh Networks. Do a quick search and find out where and when it has been used (Nepal, Indonesia, and elsewhere)
And as for zaps fixing the economic problem, I'm not sure what else to say other than you can give and receive value directly using the Lightning Network. It is seamless in most Nostr clients, and built into the Nostr protocol. If you don't believe in Value For Value (v4v) then you can just charge a fee, and the economics problem is solved.
Could this be run by, say, a public library or are there concerns about liability?
It also seems like this is sort of reinventing email.
You are correct that it existed well before, the difference is that it was always complicated to use. Heck, we have been able to send PGP emails since almost 30 years ago.
The innovative concept is that npub/nsec along with sending notes is trivially simple. The content does not need to encrypted, there is a huge value on publishing clear text messages that are crypto-verifiable. You also didn't had this feature on groove and others. I'd argue that NOSTR has indeed pioneered them into mainstream.
there is a huge value on...
You could say that if Nostr was successful but it isn't. Nostr has <1% the DAU of Bluesky.
And yet here we are talking about NOSTR, again. :-)
Nostr has the benefits of centralised networks for discoverability, federated networks for communities, and private individual web site for p2p and archival purposes.
As I have said in other replies to this post, read up on the outbox model. Global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
And there are incentives to running a global or community relay. Read up on Zaps. With Nostr, you can give real value via the lightning network, and it is built into the protocol. This allows you to charge for usage if you so desire. And then there's all the other reasons why people run community web sites or global services.
Email is currently more decentralized than Nostr is in practice.
Nowadays a NOSTR "relay" isn't exactly a relay any longer, is it?
Should likely be called a "database server" since it's main purpose is to host user data and perform queries over it. A relay is something connecting two devices and makes a best effort to get out of their way.
Nevertheless: NOSTR is the most exciting social network that I've seen in the past 20 years. The concept of owning the keys without a blockchain associated enables not just decentralization, it also permits a complete offline functioning to login, view private messages and so much more that isn't possible from any other popular social network predecessor.
One of nature's many attempts to evolve an atproto. (We are of course all evolving, and the destination is yet to be discovered)
I've been looking at that for quite some time, even met teams members developing the product. Sorry to say: both are fundamentally different technologies and philosophies.
NOSTR "accounts" are meant to trivially generated and used outside the context of micro-blogging. That is the reason for being popular, the npub becomes a signature that validates texts and there is value in that.
AT always feels like mastodon meets RSS with US-centric political moderation on top.
I wouldn't write ATProto off as just microblogging, there are a bunch of interesting (and exciting depending on your POV) apps out there that _aren't_ microblogging apps. To name a few:
* https://stream.place
* https://tangled.org
* https://www.germnetwork.com/
* https://slices.network/
* https://smokesignal.events/
* https://www.graze.social/
I'll check them later. Thank you for the list.
> US-centric political moderation on top.
This is something you opt-in to. Two concepts, labels and moderation policy.
You subscribe to "labelers" which will apply labels to posts. You can subscribe to many labelers. Some labelers will be generic or some will be focused on a certain idea/niche. You might have a labeler focusing on nsfw content or another for human vs ai content. Or one who just tags spiders. Labels can be anything, and are stand alone data objects in the atproto ecosystem.
Your moderation policy is up to you, on how to handle those above labels. You can decide to allow, warn, or block for each label applied by your labelers. Warn shows a content warning you must click through first to see.
Bsky does have a default labeler and moderation settings when you sign up, which you might be experiencing.
Every social media platform needs to a solution to:
1. Content discovery
2. Spam
3. Content moderation
I can see relays offering unique solutions to each one. But now they are more than just dumb servers.
You get to the point where you might as well just write posts locally then submit them to X, Facebook, etc. You get the same result. And if you include a cryptographic signature with each post, you can prove you are the same person across the different platforms.
Boom. Same as Nostr, but with existing platforms
"Boom. Same as Nostr, but with existing platforms" - Except without the ability to give and receive real value via zaps, and at the risk of being censored, and losing your entire audience at the whim of the network operators.
Spam is basically a solved issue. There's both proof of work and paid relays, not to mention web or trust. It has been at absolute worst a minor annoyance.
There's plenty of ways to discover content on Nostr, from hashtags to channels to location based chats to just following some interesting people. It's perhaps not as frictionless as X, but imho that's a feature not a bug.
> It has been at absolute worst a minor annoyance.
This is easy to say when there is little adoption and attackers don’t care about the network. It doesn’t mean it’ll remain true if that changes. Proof of work is much less effective when people are willing to use botnets and paid relays complicate life for regular users so there’s a cap on how aggressively that can be used.
Proof of Work secures Bitcoin, and people definitely care about that.
You missed the point of what he is saying. The point is, proof of work used to post stuff to relays etc. is not solving the spam issue that Nostr is yet to face due to network effects. Your quip about people care about PoW because bitcoin uses it is just a very unrelated statement that is super off base.
Also you keep bringing up Lightning as if it is successful but it is not. It failed in every way. Its model simply does not make sense unless you are a node that receives as much as it sends or sends as much as it receives. You know this yourself if you are a Lightning user. Bitcoin is cool, crypto is cool, even Nostr is cool but some of your statements are conflicting with each other and they aren't making great points.
I tried Nostr but like a lot of people here have been saying, it falls short in many ways due to the way it is structured. Relays are not really relays, they are more but also less. They are like community servers. Sure you can connect to many, have the same UI, but they are still disjoint and feels lonely.
You keep saying you can sign your messages and there is value there to people who are saying it is censorable in the ways they described.
This is not a personal thing, I want to like Nostr and I tried using it. I can and would probably get some use out of using it as a pubsub or message delivery infrastructure for two things I want to connect but what if the relay goes down? It is like a centralized pubsub messagebox thing. But can't even do that fully.
That other guy that said it is just like writing a message, signing it, posting it on X, Facebook, YouTube and BlueSky. People who follow those places can see it. There needs to be some sort of relay to relay communication (actual relaying) that needs to go on. And that wouldn't scale, even if it would work for now.
> Except without the ability to give and receive real value via zaps, and at the risk of being censored, and losing your entire audience at the whim of the network operators
Every large relay has the same problem
Please take a look at my other replies to other posts.
Read about the outbox model, or Bitchat.
The large relays are not required. They are a public service but not essential. There are plenty of community relays charging for access too, and the outbox model means you're not even depending on them. Nostr can and does successfully operate via even Bluetooth Mesh Networks. Search up Bitchat and see how it has been used in Nepal, Indonesia, and elsewhere.
Pet peeve:
> N^2 scaling: if every fed has to talk to every other fed to exchange messages, the number of connections will scale exponentially
No. That's quadratic growth, which is a fairly mild form of polynomial growth, which is much much much slower than exponential growth.
Sounds like everyone is reinventing usenet but shittier.
Or if you really care about the crypto piece, then freenet.
Nostr will always be a fringe network. The normies do not want to manage their own keys.
Hopefully some day we will get state-managed PKI, and citizens will get used to handling their keys appropriately.
It's crazy that some functionality on e.g. the IRS website requires me to verify my identity using a private company (ID.me).
That also goes to the other extreme.
For all the faults of current Fediverse software implementations, it at least gives more options than nostr. If you don't care about controlling your own identity, you can use someone else's server. Nostr doesn't give you that, it's all or nothing.
Normies manage their house keys just fine. Obviously crypto keys come with different challenges but that's a UX problem. People losing their house keys is not generally an Earth shattering event. Losing a crypto key doesn't have to be either.
A wallet is easier to lose than a bank vault, but it also holds less money for the same reason. Crypto keys can be designed the same way, with high importance keys managed by safer means like m of n schemes mixed with traditional "hard" storage in geographically distributed safe deposit boxes or whatever, while less important keys can be treated in a more relaxed fashion.
This analogy misses the entire system keeping house keys manageable. If you lose your keys, a locksmith can help you regain access cheaply and quickly because there’s an entire legal system allowing you to prove that you are the legitimate owner. The system you describe for crypto keys is not only significantly harder to use but also lacks that cushioned landing if any part of that fails. Any teenager with poor impulse control can toss a brick through the window and gain access to my house, maybe even grab the spare keys, but they couldn’t occupy it for very long or transfer it to a new owner, which is a significant risk mitigation compared to those crypto keys even before you consider how many more attackers you have to worry about online – there’s no real-world analog to some guy phishing someone on the other side of the planet to post ads or make fake reviews, secure in the knowledge that their local police don’t care.
>People losing their house keys is not generally an Earth shattering event.
yes because if you lose your house keys you don't lose your property, precisely because there is an entire legal and governmental apparatus securing it, the exact thing the crypto people first try get rid off and then reinvent (shoddily) when they inevitably discover that nobody wants to live in the jungle
they already manage passwords and passkeys. It isn't that complicated.
https://xkcd.com/2501/
how is it any more difficult than taking care of a password?
It is not about the difficulty, it's the potential consequences.
People also take care of their house keys and their wallets, but If I lose the keys to my house, it isn't automatically taken over by squatters and if I lose my ID card I can issue a new one quickly.
What happens if you lose the cryptographic key to your nostr account? Who do you call for help?
Can I click a link to reset my keys?
What happens when the key is lost, and the consequences like "lose all your money" or "lose your account access" are non-starters, as someone who owns a hardware key for my email account
Multi-sig wallets are even more complicated and not for normies
what happens if you lose your password? You click a link to reset it, and it gets sent to your email. What happens if you lose access to your email password?
It is the same problem.
My email has multiple recovery methods
It's not the same problem
For who might be pulled in by the vague title, not knowing what a nostr is, thinking this article has anything to do with evolution - it has nothing to do with evolution or nature. Not one example of nature trying to evolve a nostr is descibed.
Maybe like... the author thought a nostr is similar to, I dunno, a pack or tribe or something?
It's clearly a tongue in cheek joke about the progression of projects with similar goals that reach imperfect outcomes, with the implicit assumption that Nostr represents the ideal solution.
There was a “nature keeps evolving crabs” meme that was floating around a while back, I think it is a reference to that. I was also disappointed by the lack of nature, evolution, and crabs in the article.
I thought the journal Nature was doing some decentrailized publishing thing.
I mean, i thought it was pretty clear - its a using convergent evolution as a metaphor for recenr developments in distributed apps.
(Whether the author is convincing on the other hand...)
Why don't people use DHTs for peer discovery for social media?
I was hoping this was going to be about horizontal gene transfer.
I feel projects like nostr ignore inherent human requirements for social networks. This is a striking quote from their landing page:
"Nostr doesn't subscribe to political ideals of "free speech" — it simply recognizes that different people have different morals and preferences and each server, being privately owned, can follow their own criteria for rejecting content as they please and users are free to choose what to read and from where."
Their statement underlines the fact that nostr is a stream of dirty sewage and they want users to submit their valuable user-created content into this sewage. Then they turn around and say that the sewage is not a problem because you can filter it and even use it as drinking water later on!
I don't see how a person with real-life social rank and social capital will sign up to something like this, or be willing to maintain a technical interface to the "stream of different morals".
You'd need to put immense trust into the "filtering" process so that you are not involuntarily exposed to rubbish. And on the other hand your valuable user-generated content could be showing up in another context with your name attached, directly next to some extremely degenerate trash created by "people with different morals" as nostr calls it. Advertisers have big problems when their brands are advertised next to problematic topics, it is the same with people.
How can you rationalize this as a good value proposition? People want to impress an audience with their user-generated content. And you only want to impress someone you look up to.
If I could sign up to a social network of people who can put a nail into the wall, take a daily shower, brush their teeth, and live in a democratic country I would immediately do so. If I want to get exposed to "different morals" I just open any of the other existing social networks. Until then I'm stuck here :P
> You'd need to put immense trust into the "filtering" process
I think their audience for that page is people who want to implement those filters. It's not like you can log into nostr and start browsing any more than you can log into https and start browsing.
I don't appreciate the content either but a protocol that doesn't create high value targets for corruption (e.g. certificate authorities) is useful independent of the regrettable vibes that its fan club has. You're not going to catch their cooties by interacting with content that was in adjacent database row.
"Each server, being privately owned, can follow their own criteria for rejecting content as they please and users are free to choose what to read and from where."
Doesn't this same line of thinking apply to the Internet as a whole? Couldn't your question of "Why would anyone use Nostr?" equally be asked for "Why would anyone use a web browser?"
A web browser is a viewing portal to a specific page, accessed upon request
A relay is a stream of stuff you then have to filter
It's really like apples and oranges, web pages or blog sites is probably a better thing to ask about than web browsers
a specific page is also stream of stuff you then have to filter
if I bend over backwards far enough, sure, I can see how it can look like that
A relay is more like page updates across all of the internet being event streamed
It depends on if you frame it as a service versus as infrastructure that a service uses. The public roadways are similar streams of unfiltered sewage yet we see billboards along them and large businesses that care about appearances connect to them. Meanwhile gated communities also exist but are far from the norm.
> showing up in another context with your name attached, directly next to some extremely degenerate trash
Check out police bodycam footage on youtube for real world examples of exactly this.
One could easily test the author's conviction on "rejecting content as they please" by spamming them with horrible stuff for a few months and the author would learn why 100% of content moderation should not be pushed on the individual user.
I think that moderation should be pushed to the individual user to avoid censorship, but not in the form it's currently implemented by all these platforms.
To give an example on how I think moderation should work. If I follow you and you follow me on some nonexistent platform Y. You see the content I upvote, and I can see the content you upvote. So we'd start with block all by default, with transparency of why something is in one's list.
I pitched a P2P platform like this years ago to NLNet (taking heavy inspiration from I2P's Syndie app, minus the funky UX), though I didn't manage to get any funding due to missing clout as a public developer; to lead such an effort.
By the “sewage” analogy you are expressing the assumption that the vast majority of what people write is outright toxic and that being exposed to it is actively hurtful.
My experience on the internet does not reflect this, this is a very pessimistic view of people, bordering on perl-clutching.
Most raw user generated feeds are not great sure, but it’s mostly mediocre jokes and mildly provocative takes from bored trolls, and that’s usually a loud minority. Most people either lurk or make a modest effort now and then, particularly in niche communities like this where most people aware of it will already be fairly deeply immersed in tech. People have better things to do than to constantly be aggressively offensive, I imagine it gets old fast, and you really need to go out of your way to write something that legitimately hurts an adult.
Sure of course there are corners that are cesspits of hate, but they tend to band together and it is quite hard to bump into them accidentally. And when you do, you just feel slightly disgusted for a second, turn back and forget about it.
Some moderation is critical, but it usually needs to only be enforced for a few bad apples, most people act with decency and common sense, even when anonymous. And yes including people with lesser means and/or from shitty countries. People from different cultures are mostly the same when you peal away superficial customs, and I find much more in common with someone of my age with similar interests from the other side of the world, than with a grumpy old neighbor frankly. At least that’s my experience.
My experience is that most forum style social media has been devoured into the reddit world, and furthermore that any attempt at making an offsite version of reddit or similar forum-like functionality is either locked down with rules that would make the Stasi blush or quickly converges on a new Stormfront forum.
The problem with reddit's panopticon moderation, with its ill defined, nebulously (and now AI) enforcement of sitewide policies, ends up repressing a negative behavior rather than refuting it, and, when people move to a similar off-reddit site, they are itching to start taking part in discourse they weren't allowed to before.
The end result is that people who are used to policing their own speech to avoid the panopticon rather than because it's the right thing to do eventually lose that moral code that was previously shaped by discourse and pushback from their peers rather than anonymous opaque moderation.
Repressing rather than refuting pretty closely models real life though.
Usually if you violate social norms people just push you out of the group and not bother explaining it to you. Not always, but usually. Yes if it is so bad it gets violent or something you will find out for sure why, but if you just show up to a friend function and start spouting off about gassing the jews or something most likely people just won't invite you back and never explain why.
Actually finding out why you were violating social norms I've found is mainly found either on the internet or from your parents when young. Hardly anyone in real life is going to bother telling you why, especially when some people are liable to act violently and there is no upside to them for bothering to explain it to you.
With millions of daily users Mainline DHT is the most successful truly decentralized social network. Successful decentralization is about incentives, and Mainline DHT's incentive is downloading digital media for free.
Yeah, but is it a social network?
I think the blogosphere is the most succesful distributed social network. People just dont like viewing it that way.
I asked this in another comment, but why aren't we using DHTs for peer discovery for social apps? The ratio mechanic provides incentives in the file sharing realm, but you need different incentives for the threaded chat realm.
Yeah I think this nostr stuff is a dead end. Social media should be bittorrent-like
We already see "paid relays" and relays that filter certain content, even as small as nostr is today. I think the end state, if it manages to really catch on, is going to be as "oligarchical" as mastodon or other federated networks today - just via relays instead of via homeservers.
A step in the right direction for sure! But I don't feel like Nostr is the final target that nature is shooting for here.
The solution to bad relays is to just use different relays. Changing your relays is just a matter of publishing a new 10002 relay list, and optionally copying over your old notes (or reseeding them from local backups).
It has been long predicted that federated models (like Nostr) just degrade into a few providers that monetize in the same way they would if the network was centralized. It's the worst of both worlds between centralization and real decentralization — which (unfortunately to the haters) almost certain requires Byzantine fault tolerant consensus (blockchains).
Same thing over and over again.
Nostr doesn't even have the decoupling afforded by what we typically think of when we think of federated networks (email, activitypub, matrix). If you and another party aren't using the same relay, there is 0 way for you to interact. It assumes either you pre-agree on a relay (sticky defaults encouraging centralization) or shotgun messages to many relays (economies of scale encourgaing centralization). The protocol explicitly forbids relays from forwarding to each other.
Nostr is a very simple protocol that could have been invented in essence in 1995. There's a reason it wasn't invented until recently, because it's difficult to build robust protocols with good guarantees about discoverability and reliability with a foundation that is as limited as it is.
This is not true. Read up on the outbox model. I have linked it elsewhere in replies in this thread.
You post to your own preferred relays, as well as to the preferred relays of others who are involved in the conversation, as well as to a couple of global relays for easy discoverability.
These global relays are useful, but are interchangeable and totally replaceable. As soon as you've connected with someone you can retrieve their updates, because you know their preferred relays, and can query them directly.
That's exactly what I'm talking about with having pre-agreed relays. Those relays become preferred as a sticky default, especially with low-sophistication users that don't have organic onboarding paths away from the sticky defaults.
It's a little different to federated networks like GNU Social/Mastadon since the data and the relay are separate. You can post the same data to multiple relays and read from many relays simultaneously. Meaning you aren't tied to picking a single relay with network effects, and although a big relay going offline might cause temporary chaos, it's fairly easy for new ones to be set up and added to clients, without having to explicitly move things like accounts and so on.
It is all wishful thinking and beside the point. Pubkey auth and normies do not mix. They lose their keys, their identity, their history, then back to zuck or elon’s plantation where things can be administratively resolved.
The presentation of blockchains as some kind of historical imperative would be downright Marx-like if it weren't for the primary difference that Marx put some thought into justifying his position. It's eminently possible to cryptographically secure software without lugging around an immutable distributed database because you're emotionally invested in the idea.
the blockchain is useful in solving double-spending problems in purely p2p applications. Aside from cryptocurrency, take for example name systems like namecoin or ENS: these systems need a way of reconciling who owns what, which involves synchronizing some data across the whole network.
It is inefficient, but the inefficiency seems to lie at some fundamental problem with p2p. Centralized systems need to do the same synchronization, but between fewer actors, and may outsource some of the verification for an exponential increase in speed.
blockchain isn't inefficient because it's p2p. it's inefficient because it assumes peers are untrustworthy and solves for that by imposing a proof of work, requiring cooperative peers to waste more electricity than bad actors.
> because it [acknowledges the plain fact that unknown] peers are untrustworthy
FTFY
> Take some ordinary, off-the-shelf servers. Treat them as dumb, untrusted pipes.
Sounds like REST. The original REST, not the botched CRUD that companies pushed for.
https://roy.gbiv.com/pubs/dissertation/fielding_dissertation...
> The combination of layered system and uniform interface constraints induces architectural properties similar to those of the uniform pipe-and-filter style.
See also Figure 5-8.
The dissertation is all about deriving that network style.
The key thing is that all messages are signed and have a few standard fields, making them easy to replicate across many relays while maintaining the ability to verify their origin. And the second thing being that it is based on websockets, allowing the client to maintain an open connection and have new data be pushed instantly rather than relying on polling.
“my emails are just not delivered anymore. I might as well not have an email server.”
FUD. I and many others on HN run our own email servers with essentially no delivery problems.
I think the people with the soundest minds are the ones who are willing to accept that the idea of social networks as they used to be are going the way of the TRL countdown.
And what they’re about to become is going to be something more like political yard signs.