Private Information Retrieval can't solve Nostr's query privacy problem. The compound predicates, range queries, and federated trust model break it. But there's another approach: run the relay inside a secure enclave where even the operator can't see your queries. This post examines what TEEs actually offer, what they don't, and whether the trust trade is worth making. View article →

The state claims to represent you, protect you, serve you. It does none of these things. It is simply the organization of predation, dressed in the language of public service. This post dissects the state: what it is not, what it is, how it survives, how it grows, and what it fears. View article →

Could Private Information Retrieval let Nostr clients query relays without revealing who they follow? In theory, yes. In practice, Nostr's filter syntax raises hard cryptographic questions that don't have answers yet. This post asks those questions. View article →

The West is not "stagnating." It is being destroyed. Decades of taxation, inflation, and regulatory plunder have consumed the capital that took generations to accumulate. Europe now runs on fumes, its industrial base gutted, its currency debased, its people impoverished by design. The path back to prosperity requires exactly one rule: **do not steal**. This principle, applied to governments as strictly as to criminals, would reverse the collapse almost overnight. The question is whether anyone has the courage to admit the obvious before there is nothing left to save. View article →

Around 800 million people worldwide make less than $10 a month. I earn about 10k sats a day through zaps. Just wait till the world catches on, Nostr could lift so many out of poverty and oppression, keep building.

In December 2023, a U.S. Senate investigation revealed that governments worldwide have been demanding push notification records from Apple and Google to surveil smartphone users, including tying anonymous messaging accounts to real identities. For years, privacy engineers dismissed this attack vector as unsolvable, since mobile operating systems require routing through platform servers. MIP-05, a new specification for the Marmot Protocol, proves them wrong: by encrypting device tokens with probabilistic encryption and delivering notifications through gift-wrapped Nostr events, it makes push notifications functionally anonymous. If you care about private communication, this is the specification you need to understand. The specification is currently in draft and open for review:

GitHub

MIP-05 Notifications by erskingardner · Pull Request #18 · marmot-protocol/marmot

Summary by CodeRabbit Documentation Added privacy-preserving push notification specification with architecture details, token generation mechanis...

View article →

Security is not a binary state. It is a relationship between what you protect, who you protect it from, and what resources they command. The Marmot Protocol's threat model does what every security document should: it names specific adversaries, details how the protocol defeats each one, and admits where cryptography alone cannot save you. This matters because matching a protocol's actual defenses to your actual situation is the difference between security and security theater. View article →

In February 2014, Apple removed the last Bitcoin wallet from its App Store without explanation. A decade later, the freedom technology community has built an answer: a complete mobile stack where no corporation can decide what you install, who you talk to, or how you manage your identity. This post examines how @Zapstore @Amber @@Citrine @Amethyst @White Noise on @GrapheneOS deliver that promise, and why this matters far beyond the Bitcoin crowd. View article →