Signer extensions are dead to me. Absolute dead-end for storing keys. They are the worst security nightmare. They don't exist on mobile. Browsers can't even agree on a spec. Time to rebuild the web3 promise with NIP-46 and PWA. It's so obvious. It just works. The age of nostr-RPC interfaces will be glorious.

What would a dating app on nostr look like? Some ideas: * use range proofs to obfuscate certain attributes like height/weight/age while still allowing for filtering and search * photos and personal info can be encrypted/decrypted using gift-wrapping techniques to obscure the original npubs that are behind each profile. * maybe something interesting can be done with lists and hash collisions? Similar interests would cause higher colission rates while obfuscating the list from brute-force searches. Also what would be the down-sides? Privacy concerns?

they are putting AI generator models on the internet that are turning the freaking memes ghibli

what is the rate limit on the damus relay? "you are noting too much" how much is too much? 😭

I put all this work into asynchronous batch handling of NIP-07 requests, and nostr clients just `await window.nostr.doSomething()` one request at a time. It's actually pretty crazy that clients behave like this. This old and busted synchronous request paradigm needs to change, especially for: * Primal, which requires signing of multiple events with each page refresh, all of them blocking. * Nostrudel, which has a "decrypt all" button, but then decrypts events one at a time. Does nos2x support asynchronous handling of requests? I didn't notice anything blocking, so I want to say yes (assuming you have permissions set). If a client makes requests to a signing device, and those requests have a) permissions and b) no dependencies, then they shouldn't block other requests. Let the requests flow freely!

me going through the jira backlog

gm nostr today is a great day to build a wallet

Big juicy update to Bifrost. More config options, more events to subscribe, and more features. Check out the README. Also including middleware, which should let you hook into the signing process and add your own validation layer. This will become more powerful once the signing session interface is upgraded to include other types of payloads, such as PSBTs. 😎

GitHub

GitHub - FROSTR-ORG/bifrost: Core library for implementing the FROSTR signing protocol.

Core library for implementing the FROSTR signing protocol. - FROSTR-ORG/bifrost

gm nostr What are the top priorities for improving Bitcoin today? My naive list is: * Increased adoption of lightning (more wallets). * More compelling lightning-enabled services. * More nodes, lottery miners, and heater miners in homes. * Migration of important financial products onto bitcoin as a standard, for greater bitcoin adoption and increased transaction fee revenue. * Better developer education, on-boarding and tooling (to build more interesting startups). What am I missing?

Can someone sell me on why running an ecash mint is better than a vanilla custodial lightning service? - Each ecash transaction must go through the mint to change hands, so the server can see everything and strongly correlate your payments anyway. - You have to backup and store your coins or they are forever lost. The mint can backup your state, but that further strengthens the above. - You have to use an ecash wallet instead of just a vanilla lightning wallet. A custodial wallet can have zero state, while an ecash wallet has to manage a lot of state. An ecash mint also has to bridge lightning payments if other users want to pay in lightning. The plus side I guess is that the mint doesn't have to worry about strict accounting, while a custodial lightning server does. And there is some privacy benefits, but it's a complex subject and far from anonymous. Please help me understand the use-case for ecash. I don't care about politics or the regulatory bogeyman, I just want to throw up a custodial wallet service that does its job with minimal friction. I want to have great user experience and ease of deployment (for others to fork my service).

Had to finish a side-quest along the road to completing Frostr.

GitHub

GitHub - cmdruid/nostr-p2p: Build your own peer-to-peer messaging protocol, transmitted by relays.

Build your own peer-to-peer messaging protocol, transmitted by relays. - cmdruid/nostr-p2p

This will be used to link the signing devices together, and have them coordinate via p2p. Next step: Finish bifrost. Roadmap: Re-launch Igloo and frost2x apps with updated bifrost library.

step 1: build a multiplatform FROST library for the web:

GitHub

GitHub - cmdruid/frost: Flexible, round-optimized threshold signature library for BIP340 taproot.

Flexible, round-optimized threshold signature library for BIP340 taproot. - cmdruid/frost

step 2: hack together a remote signer and nos2x fork as proof of concept (and win a hackathon):

X (formerly Twitter)

PlebLab (@PlebLab) on X

⚡Congrats to the Frostr team for winning the @tabconf hackathon✌️ 🥇 Best Hack Overall: Frostr

step 3: create a stupid simple multi-device signing protocol with key rotation that supports existing npubs (WIP): https://github.com/FROSTR-ORG/docs step 4: make self-custody of your identity great again

Had the pleasure of being a "whale" this year at BTC24. The wine and dine experience was nice, and there was a bunch of celebrities plus high net worth folks walking around. We had a live feed of the main stage, so you could watch speakers from the comfort of the deep. The room was packed when RFK was speaking on the main stage, with clapping and cheering at certain points in his speech. When RFK made the point that Bitcoin is about more than just "number go up", the room was dead silent. Just thought that was interesting.

I appreciate Elon reversing the globo-homo trend to censor everything on twitter. But the content feeds are no longer the same. I don't feel in control of my own feed. I think AI is dead-end for curating content. I *want* a dumb algorithm that I can wrap my head around. I don't want a black-box neural network that I can only make polite suggestions to. Humans like game loops, you don't have to hide them. Just give us the controls and let us run the loops the way that we want. Game companies know this. They give users what they want. Yet social media companies are taking these controls away? Maybe because on social media, you are a product, not a user. Nostr is in a great place where the users have control over their own loops. And developers are free to design new loops for us to try out and better control our content feeds. Legacy social media is for the bots and the birds.

I have mastered FROST with taproot. AMA.

In a few days, I'll be making the case that the nostr relay network is a distributed consensus system for the delivery and receipt of cryptographic messages. I believe this consensus system may be far more valuable than the social-media use case. It solves a few important problems in cryptography protocols, and is far more efficient than publishing data to the blockchain.