Replies (101)
Very good question
Although, history repeats and rhymes... and apparently does it often... therefore...
Bitcoin is becoming a good example, most development around bitcoin is about monetization, utility, but not security, nor making it censorship resistance.
Being in the know since 2010, not using it to transact since it is not built with sufficient privacy by default to achieve that, devs around fighting each other and not inspiring trust doesn't help neither.
Sometimes I wonder WTF Satoshi was thinking making such a wonderful mathematical marvel with no privacy to transact ...
As a store of value is the kind of the land, unbeaten, as a currency to transact, to pay for good and services, nah, pass, much better privacy options out there.
Lyn Alden
Simple Mail Transfer Protocol "SMTP" ended up being rather captured/centralized toward an oligopoly over time in an effort to manage spam.
Here's another #asknostr for today:
What aspects of Nostr's design will make it more resistant to that fate? The social graph web of trust element?
View quoted note →
what happened to smtp is nothing compared to how centralization has killed xmpp and activitypub... For nostr to end like smtp could be considered a neutral-good ending
Nostr’s “super power” is the ability to move to a different client. Success leads to centralization and capture; a great client or relay (or email app) is going to attract more users. In the case of SMTP, if I’m understanding your point, users are mostly locked into a specific set of providers because those same providers filter out “bad actors”. If that sort of dynamic appears in nostr, user have an opportunity to thwart that by changing clients and/or relays. Will they? Uncertain, but the ability exists in nostr unlike other protocols and platforms.
'Web of Trust' IMO is more crucial for adoption that many people recognize (or admit). Very few of us stumble on Bitcoin or Nostr in a vacuum - we're all connected.
Finding like minded cypherpunks in the web of trust is invaluable.
1. NOstr is heavily centralized to a few big instances
2. Uploads are even more centralized
3. Spammers ruined SMTP and spammers are ruining nostr
Multiple "servers" and bitcoin payments for spam mitigation.
but to ask the question... the key elements that can make nostr to succed and still remain permissionless and decentralized are:
- owning of identity, sign-based interaction that cant be exploited easily for a "service provider"
- nostr is a client first-protocol. What makes email so centealized is that it is a server-centric protocol, and servers need static ip, manutention and dont scale well. On nostr, is the client that does all the work, relays are intended to be replicable, sobstitute and simple.
You can have your own domain on Gmail.
Gmail supports any IMAP client and I think most other major providers do, too.
Early on in conversations about the design of email, anti spam techniques such as having each send incur a cost was, suggested.
This was rebuffed and lead to the surveilance capitalist distopia we see today.
Nostr is resistant to this by virtue of its early integration of V4V. Zaps. I
It's an "easy" horizontal leap to paid or subsidized relays (that offer non-abusive advertising schemes).
It's another "easy" horizontal leap to I tegrate non-btc zaps (such as Monero)
Another interesting Question to ask is: is NOSTR more resistant to the type of protocol attack suffered on XMPP.
SMTP kind of blew up with the popularity of the internet and was only one of many competing standards.
Nostr's, like XMPP is more "elemental".Its simplicity taps into "fundamental particle" level of design.
You can launch your own relay on your phone.
This is in 1990, where server costs and computation costs are huge.
You can launch a relay on your phone but not really useful in the bigger picture here.
Nostr relay software is too io intensive and shitty
SMTP is NOT captured / centealized. It can be installed where ever you want like a Nostr relay.
The shitpost element
Except your client does not live in a bubble. It needs to communicate and send emails to other clients.
In order to combat spam, many popular email providers rank messages using an array of criteria, coming from a known and well publicised email provider is one such criteria and not coming from a well known provider is one such criteria that redirects your email to many people's spam folders.
So the question remains, how do we ensure that nostr relays don't start to use exclusionary metrics to avoid spam and abuse?
XMPP was also killed by big tech. But your other point about zaps seems sound, but I've the feeling it isn't enough.
Spam is the central problem that forces centralization, especially without an easy way to pay for services (which would solve spam).
Adding a way to add subscriptions in lightning invoices would be good.
Owning your identity might be the real decentralising factor. This is similar to how gold could be confiscated but much more difficult to do that with Bitcoin.
Nostr has many issues with the decentealizatuon concept. And if we are honest Nostr is already some kind of centralized as we have not thousands of relays. You can solve the issue with spam with paid relays but then the whole concept is senseless
Yeah, I think relays need an incentive model to share data with one-another. That way if you want to switch to another relay, you can without worrying about data loss.
Assuming you are paying for spam filtering and content quality and not for "hosting".
You can install it but it's a mission to maintain and ensure other large centralised providers accept your email (gmail and outlook).
I know this article but still you can install your own SMTP and use it
And here comes the big problem with privacy into the game
It's all about spam management.
Nostr has a leg up given the lightning support. Next steps will be to require micro payments for actions that could be abused by spammers.
Decentralized curation by one’s web of trust. Not only of content, facts, and information, but even more importantly: of the semantics, ontologies, schemas, and protocols that we use to communicate about those things.
#WoTFixesThis ™️
you mean ecash support ;)
I think it's too early to say as Nostr evolves fast so it's hard to say where it'll be years from now...
That's also what's exciting – what aspect will make it resistent?!?
Maybe its mere ability to evolve, and do so rapidly, is the answer!
Nothing. The Protocol is already quite closed, to the extent that no one knows who controls it. Which is crazy, if you think about it. In a lot of ways its already there. And it could develop in the direction of more open, or more closed. Nostr protocol becoming more cenralized is probably the biggest threat.
So, HTTP was actually based on SMTP, but with a few more features. And nostr itself is part of HTTP.
There are some tools to route round centralization, but it just slows things down. Not good for nostr, but good for nostr's competitors. It is what it is. I fight for an open nostr, you can too!
This is spam
This is spam
This is spam
This is spam
This is spam
This is spam
This is spam
This is spam
This is spam
This is spam
This is spam
The issue with that is that not enough people pay. And that people dont know the right size to pay. Often people pay 21 sats thinking it's a good tip. But it's actually 1 cent. Could you imagine tipping someone 1 cent in the physical world?
But doesn’t scales to increase that average amount substantially? When you’re encountering tens to hundreds of posts/notes a day?
Nostr is nowhere near that scale. Nostr has about 10,000 DAU. If 1% of them paid $10 a month. That would be $1000 a month to cover all the relays, all the developers, all the apps and so on.
The cost of managing a paid service is many times more than the cost of the storage or the compute.
So nostr would have to grow at least 10x for that to reach break even. Which at current run rate, would not be for a few years.
proof of work is almost built-in. clients, relays may ask for proof of work when they decide something smells spammy.
I went to see if the word "spam" was rather an acronym for a phrase rather more telling and...
"... a luncheon meat, by way of a Monty Python sketch about a restaurant that has Spam in almost every dish in which Vikings annoyingly sing "Spam" repeatedly."
If its annoying for Vikings God praise Nostriches a better fate
Well…we need stronger incentives for running small relays and improve the UX how to manage them from clients.
My opinion. 🤓
The simplicity and flexibility of the protocol and low requirements to run a relay.
This seems relevant.
View quoted note →This centralization sucks. I host my own email and it almost always goes to people spam. Its like a tax for trying to be sovereign.
Nostr is kinda the same lol
🎯
I think SMTP submission is a bit more strict at least in my experience with AWS SES
We tend to defer too much to corporations and influencers (which are icons of centralization) smtp didn’t fail. People are short sighted. If nostr fails in that direction, it won’t have been the protocol, it will have been the people.
Either private relays that would penalize users introducing spam
Or some proof of work/ cost introduction. Cost itself will not prevent it but rather reduce volume.
It's very simple
For example
The government provides security but we all have to take security precautions to help ourselves
So everyone should learn how to protect themselves, identify spam account report them to the protocole and everyone can block them individually
Like there should be like an hashtag #nostrspam or #spamid #spamsupport
With ecash, even email can be fixed.
💜🧡 🚀 🧡💜I wish we can utilize it
Well put.
Address Portability & Data Portability
One does not exist without the other.
Unfortunately it will likely face the same challenges as other federated protocols. Moxie had a great talk about this in 2021:
Definitely the close association with payments (zaps and Cashu tokens). Must easier to impose a cost and/or generate revenue.
Also, keeping the relays as dumb as possible, similar to dumb internet routers that can’t inspect packets.
Similar to other comments, some sort of payment required to use. Via Cashu could be pretty cheap and easy.
yeah, is probably the key point
just realized I made an amount of grammar and conceptual mistakes so high😅
@gmail.com is not portable as npub does.
You don't have to use @gmail.com when using Gmail.
There is no way to use @gmail.com without using Google’s email service is the point I was making
Bitcoin existing makes PoW as an arbitrary anti-spam measure (like for emails) completely defunct. You could pay a miner $100 to make enough work to send 10,000 spam emails - and that's being generous, it'd probably be far more affordable.
Web of Trust is old. Nothing about Nostr indicates Web of Trust will work today if it didn't work before - and by work, I mean scale to meaningful adoption. There are both UX and incentive problems, and both lead to a Web of Trust naturally deteriorating into a centralized model where users trust few monolithic authorities.
Which is exactly what we already have. It's exactly what YOU USED to log onto Nostr,
@Lyn Alden, you relied on that certificate, which is completely centralized in its distribution and authentication, to get onto Nostr.
I'm happy you are pushing decentralized tech, and that you haven't been led astray by 'shitcoinery,' but people running Bitcoin and Nostr nodes as a hobby is not going to get us far past this.
Use ecash sat as a stamp for notes.
👍
Use ecash sat as a stamp for notes.
Use ecash sat as a stamp for notes.
💯
Use ecash sat as a stamp for notes.
But owning a domain means you can change your backend while maintaining your identity.
We know who controls the protocol. They literally put it in GitHub and made themselves the owners. 😂
All we can do is build things that utilize the same NIPs or new NIPs and provide some counterweight. And document NIPs on the wiki, not GitHub.
Like some P2P kind of "Web of trust". Because it's more important to me what my immediate online environment considers trustworthy than anyone on the other side of the globe or people who I'd never follow to begin with.
There used to be a good approach called FOAF (Friend of a friend), which was pretty decentralized at the time, hosted on your own web server. Technically it was XML-based, but today it could be represented in a NIP or in JSON.
View quoted note →It doesn't.
Everyday people will not run a relay. Just like many people don't run a node. The market for NOSTR is very niche and based on idealism, not practicality.
If NOSTR is going to stay a sub-sub-sub-sub-culture within a sub-sub-culture, then it needs more users:
- Running relays
- Improving UX/UI for NOSTR as a whole
- Avoid VC funding
- And not relying on AWS for storage and backup
Exactly. There's no such thing as totally "trustless". Unless you build your own co.putrr from your own parts you manufactured etc etc.
99% of plebs will have to trust in different degrees as different times. Who, what, and how much, you trust is the variables.
People complain that "not everybody will run a relay", well, why is that? Because the architecture of the network and the UX of the software doesn't automatically do it for them. Why is running a relay not automatic when running a client? It could be. Every client could be a relay.
Is it like Arweave?
Yes, but what does it mean to have a relay? If you mean a full relay, where users can connect to you, great, but I imagine it would have to be through Tor. Also, keep in mind the size, hundreds of thousands of daily events take up a lot of space. However, if you mean a personal relay, where you are only connected to your relay and it bridges the rest of the relays, wouldn't the result be the same?
If we assume x number of events per day on the network, the more relays, the fewer events each relay needs to store. Text events are tiny, you can fit all of wikipedia's text on a DVD. If we integrate with other P2P networks like #IPFS, #Freenet, #Hyphanet, etc for storage of media, then space isn't much of a concern. Tor isn't needed, NAT punching protocols exist and are mature, plus IPv6.
Think of it this way: Can your phone store all the text from all your social media posts? What about all of your 10 closest friends? Yes? Then this can scale.
But you don't need to take my word for it, look at existing P2P technologies which have been doing this kind of routing for years. There's no need to centralize around relays.
This way it seems very feasible to me. I am not familiar with NAT punching protocols. Also, if we think about it we could save a lot of requests to other relays and thus make them smaller. It makes sense as you put it.
If as a developer I can help in some project like this it would be great. Since having your own relay would make custom filtering of information much more feasible. I'm not talking about a filtering based on likes like traditional social networks, but a fully customized and configurable filtering.
Yes but you don't have to use @gmail.com at all. You can partake in the oligopoly that this is about with any domain.
Nostr is pretty far along and already well committed to the whole "every user is not a relay" paradigm. Which is fine, it's probably "decentralized enough". One of the key pressure points coming up is going to be the cost of hosting media for relays and the tendency for relays to centralize a bit as the average relay hosting cost increases due to increased users and particularly increased media. If we integrate a P2P way to store and to distribute media now, we can avoid much of that.
For example, we have a NIP for associating a pubkey with a LNURL (lightning address). We can also have a NIP for defining a link to an "external media" which is downloaded via Freenet, Hyphanet, IPFS, etc. Let the client do the work of downloading and re-sharing media content while the relays are responsible for text and links to media. At least for Freenet, you talk to it via your web browser via a localhost port. So a nostr client can easily make links to, upload, and download through it without ever needing to leave the browser. The only thing that needs to be true for that to work is for the user to run the freenet client in the background. Unfortunately, they don't have a client for Android or iPhone, but proxy services (like currently used for media) can help with that. IPFS may be another route, I am less familiar with it.
If you're doing nostr dev, this could be something that I think would be on the easier side to implement. I'd gladly contribute to a bounties for it, this is something I'm passionate about.
Is the list of people you follow also a list of people you trust?
Mine isn’t…
Ring 0 is me.
Ring 1 is people I trust enough to help me recover my life savings.
Ring 2 is friends and family that didn’t make it to ring 1.
Ring 3 is people whose opinions/memes/shitposts I’m interested in reading.
Right now, none of my ring 1 people are on nostr.
we'll need pow here, soon
it's just a SPF record in your DNS...
If you are trying to say “you can use your own domain with gmail then take your own domain with you later away from gmail” the answer is yes, but you are still issued that domain from a centralized registration service and it can be seized from you and the process of pointing a domain to a new server is complicated enough that normies don’t do it
Versus taking your npub somewhere new? Extremely easy
Shifting the goalposts?
Nah, only a fraction of a percent will run relays. It requires an economic incentive to. “Economic nodes” of Nostr have an incentive to.
I'm more interested in taking that control back. It centralized due to cost, not spam. Spamassassin is a very effective open source tool. The problem now is everyone blocks port 25 (cloud providers) so we're forced to "relay" through sendgrid/mailchimp. These days 1GB of storage costs $1/mo. Anyone should be able to run their own mailserver and block spam.
If I ever start such a project, I will not hesitate to discuss it with you.
Bitcoin. It’s the part that can’t be faked
The fact setting a mail server is a pain in the ass, but a nostr relay is basically "plug & play" meaning almost everyone can deploy a personal relay.
No, literally returning to my original point which you seem to have misunderstood
The “ability to move to a different client” should be marketed as “own your own data” by everybody in the space trying to monetize a client.
Then the whole ecosystem gains. Rising tide lifts all boats.
