What's happening with Gossip?:
Implementing NIP-46 support in gossip has been far more difficult than I expected, at every step of the way, to the point that I've become dejected. I'm primarily motivated by progress and currently I am demotivated by my lack of completing anything useful for the end users, and have become too easily distracted to the point that I think it would be fair to send some bitcoin back to OpenSats as a refund.
For a long time there was a rust compiler bug around lifetime erasure ('_ vs '0) of data sent across async points. But I noticed that wasn't happening about a month ago.
Then all the signing/encrypting/decrypting functions needed to be made async, which bubbled up to more and more code needing to be async.
Then I went ahead and defined a Signer trait implemented by anything that could sign things... but that had too many functions (NIP-46 only does some) so it had to be broken up into 3 or 4 traits over time.
Then I built an Identity which could be any of (None, PublicKey, PrivateKey, RemoteSigner), and also a gossip client identity that wrapped this. And it had to be Serialize/Deserialize to save it.
Then I needed a network-level Client that a nip46 signing client could utilize to communicate with it's remote signer, without being tangled up in the "minions" I currently have.
Then I needed the nip46 signer itself that uses this Client and implements Signer, plugged into Identity and Serialize/Deserialize.
Then I needed to migrate how your identity loads and saves to this new serialized Identity (instead of just keys as it used to be).
Then there were lots of bugs around where detection of whether you could sign things or whether things were unlocked was being done wrong.
It starts to work... you can connect to the signer and you can learn your public key, and you can then get a feed. But it quickly gets jammed up and gossip freezes.
So now I think I should use tokio_console to debug it, which requires me to instrument lots of code.
And I'm just so tired of this.
Who wants to experiment with something right now? I want to test audio calling over Iroh using this repo:
GitHub
GitHub - n0-computer/callme: peer to peer audio calls with iroh
peer to peer audio calls with iroh. Contribute to n0-computer/callme development by creating an account on GitHub.
If you are keen, clone it, build it, and run it (callme-egui) and then dial me at: b0ec00ba45a636ec0c8d5e22753a5d72ca7f4f41345e648fa3df44f44f720565
I'll leave it running for 30 minutes and then if nobody called me I'll kill it. It's a very sketchy barebones thing, I'm not even sure if it "rings" when you call.
DVMs are not a useful concept.
on Future-proofed Cryptographic Identity:
The Koblitz curve selected for bitcoin and also used by nostr is OK. If coded properly to avoid timing attacks (using constant-time algorithms) and if people don't make incorrect assumptions like "every random set of bits is a valid private key". Nonetheless, it provides 128-bits of security (even as the keys are 256-bits long, the security level is half of that).
The popular and "safe" ed25519 curve also provides 128-bits of security.
But quantum computing is rapidly progressing, and in about 10 years I find it likely that the ECDLP (elliptic curve discrete log problem) will be broken on one of these new quantum computers using Shor's algorithm.
I shudder to think what would happen to Bitcoin. I hope those core devs are thinking about how to 'upgrade'.
I'm thinking about how to design a long-term sovereign distributed bootstrappable identity that doesn't rely on DNS. In terms of cryptography, the most promising algorithm IMHO is SPHINCS+. NIST chose CRYSTALS-dilithium based on lattice cryptography. But lattice cryptography is rather new and hard to reason about, and paper after paper has slightly weakened various lattice-based cryptographic algorithsm. OTOH SPHINCS+ is based on hashes. Hash-based cryptography is easy to reason about, it has been around longer, and it is much less likely to offer up suprises. [There is a perhaps even more secure algorithm called McEliece designed in the 1970s which is post-quantum safe, but unfortunately the key sizes are about 512 kb!].
So to preserve the same 128-bit security in the post-quantum world, SPHINCS+-128s is IMHO the best bet. The 's' means 'size', in that it tries to use less memory (the alternative being 'f' which means 'fast'). This offers actually 133-bit security, has 32-byte public keys (same as what we are used to), but the private keys are twice that size (64 bytes) and the signatures are a whopping 7,856 bytes long. That's not really whopping when you compare to the 256-bit security variant with 29,792 byte signatures.
In any case, I imagine using such a keypair as a "master" keypair to sign your "bootstrap" record stored in a DHT. Not to sign every event with.
But that brings up a problem. Mainline DHT only works with ed25519. A new DHT would need to be stood up that handles (let's say) 16kb bootstrap records digitally signed by SPHINCS+-128s. Let's say we started out with 8 nodes, each holding 4 GB of data. 8 notes is not very distributed but you have to start somewhere. 4 GB (which is rather small) would hold a whopping 268,435,456 bootstrap records. And all 8 notes could have all records, no real DHT sharding needed yet. My point here being that storage space for all these records would not be a problem... the problems would be attacks on the DHT, of which I am less familiar so I won't talk about it here.
What are bootstrap records? This is where you declare what services you use, at which endpoints, and with what keypairs -- e.g. [nostr, npub, relays] or [mastodon, @user@host] or [x, @username]. These kind of tie together multiple identities similar to keybase... if you want them tied... of course you can (and probably should) run multiple SPHINCS+-128s identities. Software that understands these bootstraps can follow you as you move to different platforms, roll over nostr keypairs, or even (ideally) change what servers you use (if nostr didn't have it's own way of doing that).
So anyhow... these are my thoughts. Just thoughts, not plans.
15-20% of people in the Western world suffer from IBS.
The good news is, just like hot chilli peppers don't actually cause any damage in your mouth, IBS doesn't actually cause any damage in your gut. It has been studied for hundreds of years and there is zero association with increasing the risk of any other disease.
Your gut is not roughed-up or damaged and does not need to "heal", nor is it leaking. Leaky gut is 100% hypothesis and not recognized by healthcare professionals.
It is primarily a gut-brain miscommunication. The pain is unreasonable for the situation (a tennis-ball sized balloon inflated in the gut of normal people causes only a mild sensation of pressure, but in IBS sufferers inflating that same balloon causes intolerable pain.. and BTW your gut can stretch quite a lot without rupturing) and they understand some of the mechanisms causing it (histamine and tryptase produced by mast cells adjacent to nerves sending an exaggerated pain signal when your gut stretches). The brain then reacts to the distress causing, for example, rapid transit and diarrhea which isn't actually useful but doesn't hurt anything either, as long as you are not suffering from malabsorbtion. And IBS is not associated with weight loss, so you aren't.
But there are multiple causes meaning the solution isn't the same for everybody. Perhaps your bile acids are not being reabsorbed before they hit the colon. Perhaps you have a food sensitivity. Perhaps the microbiome is out of whack from antibiotics. Perhaps your stomach is producing too much acid.
Lowering stress and eliminating FODMAP foods can lessen the symptoms (without FODMAPs you get less gas, therefore less stretching), but those are not the primary causes, which are complex and still not well understood.
Also, interestingly, while SIBO is an actual medical condition, it is not associated with IBS, there has been no evidence establishing this. The health supplement industry has jumped on this and come up with products to sell you for a problem you don't have. This is according to Dr Steve Manor, director of gastrointestinal disease research unit and professor of medicine at Queen's University.
I KNOW many of you subscribe to the functional medicine / alternative medicine stuff. You can shout at me now if you want, I don't care. As long as my signal is getting through to the few people who still trust the science and want to know what the researchers say, it doesn't matter that you personally don't believe any of it anymore. But let me say that I think many of you are over-reacting to the COVID deceptions. That COVID shit (which I admit was bad) does not IMHO implicate the entire medical field.