fiatjaf's avatar
fiatjaf _@fiatjaf.com 5 months ago
First of all this isn't backwards compatible (because indexes, relay message validation and other things have to be changed), so if you're going to break Nostr entirely then it's better to make a new protocol that also tries to address other suboptimal parts of Nostr, like @Mike Dilger ☑️ is doing with Mosaic. But then at the same time you lose all the (small, but significant) network effect we have here, which to me isn't worth doing. Second, you create the need for these "disavowing" events to be reliably published (which cannot ever be guaranteed in Nostr) and they become the central part of Nostr, and you can't have that work reliably without a centralized sequencer (i.e. either a blockchain or a trusted operator), see for just a brief example of one of the many half-broken issues that can happen (I'm not sure this specifically applies to your idea, but I'm sure we can think of many variants). Now even if by miracle these disavowing events become reliably distributed then there is still the problem that now all clients and all relays have to store them and then check all incoming events that come with a locally valid attestation to see if their pubkey has been previously disavowed, forever. (I just came up with these issues now, later I can revise my opinion to either add more or retract these.) The other solution is to go the NIP-26 way and treat each key as independent, soft-linking them with attestations. That is more elegant in my opinion, but in practice it breaks too, because of issues like those described in this comment by @Vitor Pamplona:
GitHub
Linked Keys for Multi-Device Nostr · Issue #1810 · nostr-protocol/nips
Right now, using Nostr across multiple devices is a challenge. Either you: Share your master key (risky, especially on a phone). Use separate keys ...
 Maybe you'll want to see also View article → although I don't remember what I wrote there.
View quoted note →
↑ Parent

Replies (1)

ynniv's avatar
ynniv ynniv@ynniv.com 5 months ago
> First of all this isn't backwards compatible Sure it is. In some future where there is a crazy mix of support, people using this functionality have multiple npubs that are seen as the same to supporting clients, and just similar to non-supporting ones. People probably wouldn't want to constantly post from different keys during this period, but c'est la vie. They can put "subkey of @Identity" in one profile and "has subkeys" in their main one. Relays can do the same, but there are fewer relay implementations and adding support would be easier than with clients. > Second, you create the need for these "disavowing" events to be reliably published I mean, sure... same as "deletion" (better described as retraction) events. Put them in profiles if we're that concerned... before you fetch the profile they don't even have an identity anyway. > those signature checks also rely on server signing keys which can be expired and replaced I don't know what this means. Perhaps it isn't applicable to my proposal? My attestations are validated in the same manner as event signatures. > Now even if by miracle these disavowing events become reliably distributed then there is still the problem that now all clients and all relays have to store them and then check all incoming events that come with a locally valid attestation to see if their pubkey has been previously disavowed, forever. Which again is the same as NIP-09. If anyone in the world has a copy of an event "deleted" using NIP-09, then they can republish it as soon as the retraction event falls out of circulation. This is worse than my proposal because you're probably not going going to lose your nsec as frequently as you would delete a post. It's said that you should fix nostr by building things, and that works great when your fix looks like a new app, but I don't have the time right now to build my own improved nostr ecosystem just to fix this important but uncommon edge case. But are we really going to keep slamming our nsec into random new apps, or limiting ourselves to browser extension or remote signing? Assuming you haven't already lost it, your current key can continue to be your identity, and random new apps (that might only barely need continuity) can get subkeys. The best time to plant a tree was 20 years ago, but the second best is to plant it today