Matt Lorentz's avatar
Matt Lorentz
matt@nos.social
npub16zsl...92l7
Technologist, solarpunk, gamer, backpacker, passionate about using the internet to push more power to more people.
Matt Lorentz's avatar
mplorentz 4 months ago
Keydex is going to be the first Nostr app I'm aware of that uses relays exclusively to relay data from one peer's device to another, not for long-term data storage. I'm going to use NIP-40 expiration tags on all events so that they only live on the relay for a few days, which makes Keydex closer to a peer-to-peer application that uses Nostr as the transport (and identity) layer.
Matt Lorentz's avatar
mplorentz 4 months ago
Day 2 using Github's spec-kit for development did not go as well. The AI and I got lost trying to write reams of overly generic TDD test stubs. It felt like the AI couldn't really get a clear picture from just the spec requirements what it should be testing before the actual implementation code was written. So today I changed course and changed my constitution (the like underlying spec doc for the repo) to use an outside-in development approach instead of TDD and we made a lot of progress. I also got a new playwright MCP set up for browser automation and it's working a lot better than the last one I had. After some considerable setup the LLM was generally able to run the app in the web browser and click around to test its own changes.
Matt Lorentz's avatar
mplorentz 4 months ago
"any kind of decentralized, democratic or liberal political structure thrives best when defense is easy, and suffers the most challenge when defense is hard - in those cases, the far more likely outcome is some period of war of all against all, and eventually an equilibrium of rule by the strongest." A good (but long) blog post on focusing our collective efforts on developing defensive technologies to slant the future away from dystopia.
d/acc: one year later
 Thanks @Josh Brown for the link!
Matt Lorentz's avatar
mplorentz 4 months ago
@Danie what tool are you using to cross post across Nostr, scuttlebutt, Mastodon, etc.? I have been using OpenVibe but it has been really buggy lately.
Matt Lorentz's avatar
mplorentz 4 months ago
@npub1u928...hr58 @NoGood ✌️ @Kieran not sure where to report this but I am getting this error at
zap.stream
NoGood ✌️
Illustrator inspired by retro-tech and fuelled by the greater open-source movement. → Running NoGood Radio on zap.stream → Currently working o...
 :( Unexpected Application Error! error loading dynamically imported module:
zap.stream
zap.stream - Nostr Live Streaming
Nostr live streaming powered by Bitcoin lightning. Stream freely with Bitcoin payments, no censorship, open source.
Matt Lorentz's avatar
mplorentz 4 months ago
I’ve been noodling on my OpenSats projects and one thing I wanted to hear people’s thoughts on is the idea of lightly encrypted groups vs. relay-based groups. And by lightly encrypted I mean that all group data is encrypted with a shared key that gets rotated, but without end-to-end encryption, forward secrecy, post-compromise security, and all the fancy stuff you get with MLS. Basically the unmerged NIP-87 (
GitHub
Add closed communities by staab · Pull Request #875 · nostr-protocol/nips
This is an attempt at superseding #706 and incorporating existing NIPs for community definitions and member lists. The design is worse in many ways...
 I know this idea has been discussed a lot, and I have been pretty convinced that NIP-29 made the most sense for the most groups. I also know MLS groups are in the works, but they have a lot of downsides. So a few things over the past month are making me reconsider. The main one was talking to @nigini from @Socialroots who makes a good argument that groups should be a first class citizen on Nostr. This would enable groups of groups and potentially other innovations like putting the group master key in a FROSTR cluster. It also helps enable forkable groups and groups migrating between relays / sets of governing rules. (Great article from SocialRoots about their full vision https://www.socialroots.io/intimacy-gradients-the-key-to-fixing-our-broken-social-media-landscape/) Another factor is that people keep asking me if groups are going to be encrypted in my new client and I don’t like saying no to that 😅. Even though I think the confidentiality guarantees of NIP-29 are good enough for most groups - that’s not what people want to hear. I used to think that getting a bunch of Nostr clients to all implement key rotation the same way was too much to ask, and I still think MLS is overkill for medium to large groups. But if you allow some privileged software to run with some kind of group admin key to do the rotation (an allowance that NIP-29 already makes) then it hugely simplifies the complexity for client developers and now you can say the magic word ✨encryption✨. I also feel like I missed out a bit on the debate between these when it happened. What do you think?
Matt Lorentz's avatar
mplorentz 4 months ago
Today I discovered
Frame0 ― A sleek Balsamiq alternative for wireframing
Frame0 ― A sleek Balsamiq alternative for wireframing
Frame0 is a sleek Balsamiq alternative wireframing tool for modern applications.
 for making quick wireframes. I used to love Balsamiq but the desktop app has been discontinued. If you've never worked with this type of barebones wireframe before they are so valuable for getting feedback on high level UX without digressing into discussions about the size and colors and exact placement of things. When people see the handwritten font their brain switches into a different mode.
Matt Lorentz's avatar
mplorentz 4 months ago
I've finished my first round of interviews for Keydex and they were so enlightening. I'm so addicted to user interviews now, I don't understand how I made so much software without them. The top insight from this round was clarifying the different use cases for Shamir's Secret Sharing. Here's what I came up with: - inheritance planning - corporate secret management for ultra-sensitive values i.e. root passwords - border crossings - web3/crypto/Nostr key backup The most interest by far was in the inheritance planning use case. People have some digital stuff they want to pass on, but don't want it sitting in plaintext in the hands of (generally very normie) friends and family. Keydex will work for all cases listed above but I'm going to keep the inheritance use-case top of mind while developing. Which already invalidates some of the design work I did last week. I was going to make a fun retro/gamey UI, but now I'm going to shift towards something more calm and reliable.
Matt Lorentz's avatar
mplorentz 4 months ago
I'm looking for folks to interview for the new app I'm working on. If you've ever needed to back up some sensitive data (passwords, crypto wallet key, "legacy planning" docs) but didn't just want to print it out and hide it then I'd love to talk to you. Just let me know here and I'll be in touch:
Keydex Product Interview Signup
Hey I would love to ask you some questions to help inform my work on a new project. Fill in this form and I will contact you to set up a 30 minute ...
Matt Lorentz's avatar
mplorentz 5 months ago
Today I'm workshopping a name for my social key backup tool. (It will allow you to encrypt some data, passwords, nostr key, crypto wallet, last will and testament, etc. to a specific list of people. Each person gets an unreadable piece and they must agree to reassemble the data in case you lose it or die.) I had the idea to use the Pokedex from Pokemon as UI design inspiration for the retro/nerdy vibes. I'm thinking of the name Keydex to go with it. Thoughts, reactions? image
Matt Lorentz's avatar
mplorentz 5 months ago
I am still loving Kagi.com. I don’t even use any of the advanced features, just search. Also @Kagi just straight up has a Nostr account? Rad. View quoted note →
Matt Lorentz's avatar
mplorentz 5 months ago
I'm thrilled to share that I'm receiving an OpenSats grant to work on social key backup and a new Nostr groups/communities app. I'll be building both in the open and this account will probably get filled up again with posts about that work. I think one of the primary things the world needs right now is to move our social sense-making out of big social media platforms and back into community spaces that reflect our values. I'm so blessed to have the opportunity to chip away at these social/digital problems for a while longer. My intention is always to build in solidarity with folks who need these tools most. If you're interested in using these sorts of tools and want to help - I'd love to do an interview with you! Send me a DM or reply to this note and I'll be in touch.
Matt Lorentz's avatar
mplorentz 5 months ago
Good thread on some of the pain experienced by new Nostr devs, and also a good response of why things are the way they are. TLDR; Loose governance is not very meritocratic, and stronger governance is generally not either 🙃 Personally I’d love to see (maybe found?) a NIP consortium/collective/co-op some day, but I don’t think it’s time yet. View quoted note →
Matt Lorentz's avatar
mplorentz 5 months ago
I had a great time at DWeb camp last week as always. I sat on an "Open Social Web" panel as the Nostr representative and I think what I had to say about Nostr was generally well-received alongside Bluesky and Mastodon. People were mostly drawn to the loose governance and the scrappy "good enough" approach to protocol design. But, like last year, it still feels like the energy folks have for "social media" as we typically think of it has been completely sucked out of the room. Few people are interested in putting more energy into some public virtue-signaling town square. I think Nostr has an advantage over Mastodon in Bluesky in this area because it really does have the most non-microblogging experiments going on, and the protocol is the friendliest to encrypted private spaces.