Parker really doesn’t like Nostr lol 
Login to reply
Replies (129)
We do need some better dummy proofing key management, coming from a dummy
He also doesn't understand it. You can generate your own key. That was one of the first questions I asked on Twitter and someone told me how to do it.
True. But he's completely discounting that the WAY you would be hacked on nostr is completely different. So much easier to take over an account on a centralized platform with support and account access lmao
Exactly
Of course... If a plugin can extract your nsec.
Then the attacker and you have equal access to post.
It would be good to have a standart what to do in this case. Maybe a prepared backup key or so.
It takes a special kind of privilege and ego to argue that self sovereignty over your identity is less important than that over your money. I feel bad for Mr. Parker. Hope he can find his way.
Like saying..
"Just be honest about possibility of losing all your wealth if someone steals your private key and move your bitcoin. You should use a service like..."
Oh wait.. they say that also.
The incentives, it's all about incentives..
Okay but if someone gets your BTC keys, it's over. They send 1 transaction to a new wallet that they control and you don't, and you never get your money back, ever.
If someone gets your Nostr nsec, sure they can post under than npub, but you can also still post as that npub. So just post saying "hey y'all this nsec is compromised, follow me at this new npub." and many of your followers will move.
Indeed. You might wind up having to become a Derek Ross clone trying to prove your identity in a battle royal.
I wish I understood why he was so bearish on decentralized social communication when he clearly understands decentralized money.
Did he post this on MySpace?
Why do so many content creators restrict the reach of their content?
I don't care if your note is the same crap you posted to X. If it's quality stuff, I will zap you little bits of GodMoney for the whole ten seconds it took you to Highlight > Copy > Paste > Post
Does X punish content creators who use Nostr?
As someone who grew up listening to bands who would dress like chicks to get a record deal, I'm genuinely puzzled as to why someone whose livelihood depends on exposure to their content won't take a few extra seconds to post it to every place willing to host it.
View quoted note →
Prove me wrong.
His opinion is irevelant when you can literally always make a new nostr public private key pair
Am I thinking about this correctly?
You can't "hack" a nostr key the same way you can't "hack" a Bitcoin key. His argument is fundamentally flawed. He's showing his ignorance.
You can't hack a nostr key the same way you can't hack a Bitcoin key.
Not really a proof but the only way of getting my nsec is to specifically target me on my devices. No way of social engineering third parties to get my identity.
Indeed if I lose it my nsec is toast but I trust my setup a lot more than I trust X. Look into what happened just recently to @Lawrence Lepard
Another VC cuck
Bitcoiner milking service needs a reboot
Rhymes with the monero bros
It’s honestly weird to see die-hard bitcoiners take such an antagonistic view toward something so aligned to the mission of open source software, decentralization, identity ownership, and digital property rights. I don’t get it. Maybe my IQ is too low or something. 
Lepard
Lawrence lepard
What makes this guy a die hard? He's milking the scene & Nostr is not going to aid in this greedy journey.
Sorry, too busy proving trump is wrong when he say, "We subsidize cana-duh 200 billion a year" :)
Low T is the real pandemic
He milks decentralized money industry, he's having a hard time milking decentralized social app because the key pairs can't be custodied by his services.
I'm not reading all that. Happy for you or sorry it happened.
Do tell
Thanks, Good reminder to personally role play different opsec scenarios anyway
He's dedicated his life to grifting and only in the last few years has changed his dynamic due to Bitcoin.
He's a rent seeker who's working his shit out maybe but don't let the book change your perception of who someone really is.
Pow = pow.
Thank you. That all makes sense and is helpful. The last one is particularly difficult to deal with.
Would it be possible to create a recovery key scheme... Like when you create your keypair you create a second keypair (offline, cold storage, etc) that signs a single "distress signal" linked to the original keypair, and all of the clients incorporate a flag of some sort when you are seeing a note from an npub that had it's distress signal broadcasted?
He’s actually not wrong though, key generation and usage sucked! (Past tense).
You had to create your private key in app, enter the private key into the app to sign in with write functionality, or enter it into a browser extension.
Nsec bunker is the right direction, but it costs and runs on a singular relay which is a poor dependency.
BUT - FROSTR (NOSTR using FROST crypto) will fix this, by being able to (eventually) create keys outside the app, have sub keys with various mod functionality, so the admin key is never entered and can revoke the previous sub-keys at a moments notice.
So, Parker was, and largely is - because FROSTR still has a long way to go - right in the short - medium term.
But medium - long term, he couldn’t be more wrong.
Uhhh there's been many people who lost their nsecs and rebooted - people followed them again.
C'mon now, judging how keys are handled right now is insane.
It will be figured out, but either way the tradeoff is totally reasonable:
Freedom for the appearance of "security".
Yo. Get out of the matrix
I don't expect corporates to move to Nostr & we don't want you guys here.
Your biz models rely on people who are allergic to self custody.
We are the intolerant minority.
The ungovernables.
The self custody cult.
🤙🏻
Is he wrong though? Genuinely don’t know.
FROSTR is the solution.
Link me?
I'm not sure I agree. I don't feel the need to talk to thousands of people with Elon's permission. I'm happy with a small group no one controls.
See here:
Still has a long way to go, but you can create an account and post for the time being, see my GitHub issue raised here:
GitHub
GitHub - nickfarrow/frostr: the word's first multisignature social media account
the word's first multisignature social media account - nickfarrow/frostr
GitHub
Key Generation and sharing - formatting confusion · Issue #5 · nickfarrow/frostr
I may be being regarded here, but when creating New FROST Keygen, the instructions are: "During keygen, copy and paste the things in brackets or qu...
Things like that are strong ideas but are difficult for various reasons. The closest NIP is the newly-merged nuke your account NIP (tell client to tell relays to delete everything and ignore your pubkey) but even that will be hard to coordinate, have a read of the link below for all the chatter on that NIP, good stuff.
Another thing to consider is that most times your key is compromised you'll never know. The hacker is waiting, reading all your DMs, keeping a close eye on your zaps, your cashu balance, for months, maybe even years—all the while you have no idea your key is compromised. There is no "see all devices where I'm signed in" UI in Nostr, nor can there be.
It could be that the future of Nostr is simply not for the kind of social history building that we're doing now, but for something else more transient in nature.
GitHub
Right to Vanish by vitorpamplona · Pull Request #1256 · nostr-protocol/nips
Adds a special event kinds for relays to allow for
Full deletion of an account to specific relays
Full deletion of an account to ALL relays
Read ...
See here how Parker is / was right, but won’t be for much longer:
kiwi
He’s actually not wrong though, key generation and usage sucked! (Past tense). You had to create your private key in app, enter the priv...
He doesn't want to give up his followers.
How is graduating from a top school and then working your way up to a leadership position at a respected bitcoin company and then becoming an entrepreneur considered “grifting”? Come on, dude.
i think you missed the point. nsec is always hot.
he’s not wrong. but solutions will be created by those smarter than me.
Those jobs in finance are grifting, they provide no value to society & are the opposite of PoW.
You don't have to believe me though.
If you reread what I wrote I said nothing bad about unchained but they are targeting the opposite of Nostr users.
Now, Joe?, do the Venn overlap of reach with truth and lies
Parker lewis is definitely not promoting radical self custody with his product.
They have zero privacy guarantee or ZK proof system to shield user funds' privacy from their eyes last time I checked.
These are implementable things that would make his service awesome vs a KYC honeypot.
Hating on Nostr is wasting valuable time he claims is already being wasted.
Go work on preserving user privacy at unchained instead of counter marketing freedom Tech and radical self custody/responsibility.
Why is parker so salty about nostr. Always had been.
Wonder if it's cause he can't VC it.
That's fair, though I'd argue that asking someone who *already has* a lot of reach to trade in that reach for censorship resistance would rightfully lead that someone to ask "what's the point?". It's essentially asking them to retire and then spend their days shooting the breeze with their pals in a bar.
That resume is outdated anyway. He’s at @Zaprite now. Agreed on the wasting valuable time argument. He should be here.
He likes the attention. He’s the Peter Schiff of nostr
i think he just doesnt see how he can make money on it or use his existing businesses tp make money with it. i dont see a reason to look into it further 🤷♂️
Theee is little incentive to control an identity since there is NIP5 as soon as an account is compromised they can notify followers and make the NIP5 invalid on the old account. Followers will know almost immediately the user isn't authentic if it were a big name account where there was an incentive to control it.
I guess the question is then why is he into bitcoin? is it just a great asset in fiat terms? Looking for a consistent position, here.
If you want to character assassinate someone, there are much better candidates, I assure you.
it goes beyond public posting. for example, don’t all your private conversations get compromised? which could be more devastating depending on the content on those messages.
Have you used this service?
Yes. Nostr is not a secure coms protocol. It's an open coms protocol. If conversations are meant to be private, they're best done with another protocol.
Yes. It’s fantastic. I use it all the time.
I've no idea. I'm new to bitcoin. Though I do observe that bitcoin people view bitcoin as very different than other coins/crypto. There is only one bitcoin, as it were. But there are very many decentralised social networking protocols, and I could see someone asking on what basis Nostr gets to be the "bitcoin of them all" (and not the "eth of them all" or the "ripple of them all" or whatever). Architecturally they're all quite similar, just different sets of trade-offs.
you put your keys on a password encripted database, 2fa with cellphone or google or yubikey or whatever and save it everywhere.
what is the problem, am I not seeing danger or what?
Thanks. Will have a look. Personally, I treat nostr as a permanent internet public square (everything is open for all to see, including eventually DMs). And what I carry in my wallet in this square could get stolen. So I don't care about deleting stuff already on relays; I care about making sure that I and only I can broadcast to the network that my key should be considered forked to a new key. That seems like it ought to be doable.
i just dont buy that hes 'missing it', it feels like he's lying, to me personally, when he talks about nostr. feels inauthentic ( which is in contrast to when i have heard and read his takes on other topics) and since i cant read his mind, all i can do is not trust his sincerity ( which unfortunately makes me question his sincerity in general ).
He's not right, it's a pseudo truth to divert attention.
What does it help you accomplish vs just providing a BTC address?
Lots. You can even check out their website instead of asking me!
Bitcoin payments made easy - Zaprite
Helping businesses migrate to a bitcoin standard. Accept bitcoin and fiat in one unified Checkout.
we definately view bitcoin as different. and I don't see it as a twitter vs nostr thing but a centralized vs decentralized thing.
You shilled the product, I was just asking for a real life use case that helps you...
I did check out their website and it's just vague with no videos - so I asked.
You are not very genuine it seems.
hahah
No, I just don’t have the patience to deal with your shitty attitude.
Lol what 🤣
What is a Larry?
Nsec is always hot just like Satoshi's and every early adopter's Bitcoin wallet.
Further, nsec isn't nearly as valuable as your monies.
Spoken like someone with “social media privilege” haha
Fuck corporate
I think with AI impersonation becoming worse everhday, having a cryptographically secure identity seems necessary.. Very surprised parker is against this
I’m not shilling a product. I don’t care if you ever use it or not. It doesn’t make a difference to me. You asked me if I used it and I answered, and then you folllwed up with a question you could easily find the answer to on your own and then called me “not genuine.”
We use it at our business every day. It’s a point of sale system. It does invoicing. It has itemized receipts. It integrates with dozens of platforms. It does non-custodial on-chain and Lightning payments, and you don’t have to install anything to use it. In short, it’s brilliant.
I hope I have answered your questions to your satisfaction. Please be sure to rate my service.
I give that a 
You seem to have a lot of built up angst, thanks for answering my question.
Touch more grass fren, you need it.
I was just wondering what problem the product solved for YOU.
It's okay if you don't want to answer, but you're having a meltdown over absolutely nothing.
You did not need to resort to a character attack. I use it to invoice clients, and take payments from customers. It makes the whole process easier, and the team is very responsive to feedback. Did I answer your questions?
Bruh c'mon now you're shitting on me, no one attacked you.
Thanks 👍
Few.
weird
He probably doesn’t even say GM back.
I suppose but then I'd expect passionate bitcoin folks to prefer a social networking protocol that is far more decentralised than Nostr.
like what?
Damn… that’s cold.
Surprisingly, I don't recall a single instance where anyone's Nostr account was hacked. Entering your private key into an insecure app would be the most obvious way how that could happen.
Compromise of a popular app would be bad. Maybe we'll need app and device specific keys signed by other keys of yours at some point.
However, Nostr doesn't have the traditional attack vectors associated with passwords, email, SMS and third party account recovery, which is already very good.
bitcoin evolved to its current state. nostr will have to evolve as well to make it. you can appreciate bitcoin and simultaneously be pretty surprised it worked and that something like nostr can replicate its success.
this is the best take
IMO he is wrong. X, TG and other centralized platforms require email/phone number for preventing spam accounts and recovering your password. And these recovery mechanisms get hacked. Nostr doesn't have those. You will lose your key, if your phone is stolen. Period. It's solely up to you to backup it.
He's the Peter Schiff of NOSTR
Wright
Spoken like someone with “social media privilege” haha
my question as well and I think only time will tell. I think it's a solid point to make, but there's no way of knowing the truth unless/until an alternative better option comes along
Parker - stopped listening to him a while ago, noise >>> signal.
he's increasingly sounds too far away from the raw tech.
probly referring to stacks larry 2023
this is the response I was looking for
I still don't think he's definitively wrong...yet
he def seems to be mid curving it
and by definitely I mean that I have no idea
possibly sour bitkit isn't winning?
💯.
isn't Zaprite closed source?
run LNBITS. its open source and does basically the same.
Use Lnbits, its open source.
Not zaprite, closed source, afaik, which parker shills.
have fun staying non-interoperable
He said that in some interview I saw
OG-nostr for one. That is to say nostr as first envisioned, with outbox across the board and users spread evenly across 1k or more relays (no relay clumping), and anything requiring a global view either not part of client architecture or (when tech matures) achieved through decentralised means, such as decentralised indexing. Plus relays being financially viable.
You can also make a technical argument that a hacked-together AT-proto network consisting of self-hosted PDSs, custom scaled-down app-views and an alternate DID/PLC directory (i.e. all of it totally detached from any company) would actually be more 'bitcoin like' than nostr. With that you wouldn't have the "not your relay, not your notes" and "not your storage, not your media" stuff to deal with (it's all on the PDS and, critically, content addressed) and you would also have general scalability closer to that of bitcoin, especially with how ATproto handles lexicons. Of course the cultures of bluesky and bitcoin don't align well, but such an ATproto network can be implemented entirely outside of bluesky's purview, and some have been already by enthusiasts.
I myself am not interested in Nostr for max decentralisation or censorship resistance. I’m interested in Nostr for commerce, interop and the integration of e-cash, so the way nostr is developing is totally fine for me. But I can understand how a bitcoin purist would see it as anathema.
The few weaknesses of any tech can be used as arguments against them.
And the list of arguments against traditional centralized social media would be a far longer imo, therefore I’d happily accept the tradeoffs.
Also, paradigm shifts are hard 🙂
Try bruteforcing an nsec and see where that gets you.
NIP-05 could be implemented better at the client level to make it obvious what's going on at the NIP-05 level. Like, what domain someone is verified through, and perhaps more importantly, if it has changed. For someone like myself, it's whatever, but for a more public personality, where you have your website people know you through, it'd be a pretty solid warrant canary style assurance that you are still in control of your nsec. If you're not, delete the file on your webserver, and bam, it should be obvious in clients that your npub is no longer you. Now, getting your followers back could be a pain at that point, but surely you can get creative with clarification back on your website for which new npub people can point to for your content.
Multisig could help too, but is probably honestly overkill in most cases. Long term thinking though, it's worth having built out and tested, and iirc, there are a few projects seeking to do just this, including Frostr.
If I got this right, he is saying that we should keep our corn on centralized exchanges because if you leak your own key, you are done, while centralized entity can give you your corn back in case of an accident. If they wan't to, are able to. Makes sense. 🤡
I think that's probably the right way to look at it, a sort of glass box but one that you own.
The key forking thing is hard. The best way may be to start off from scratch with the combo of both a virgin (secure) nsec and FROST bunker URL, created at the same time. You can get such a combo at njump.me via the join nostr thing.
Write that nsec down somewhere, store it in a few places, and never paste that nsec into anything. Nothing. Nowhere. Ever. Only use the FROST bunker URL with clients. And only come back to the nsec to create a new or revoke an old FROST URLs (those are disposable).
That way you'll never lose your account, some hacks your FROST URL, just revoke it, nothing about your npub needs to change.
Problem is FROST is in early stages, not a lot of clients support it. But it is the solution you're looking for by the sounds of it. This guy below gets it:
nevent1qvzqqqqqqypzpx8xhrzg2fzrs2kr89sz4x8c8svrsg8ptwy4z4unzdv9lfwy0kuyqqsdc20kcqqcns2c5cd6t5jvvgcg7slrqtkc6xv7k7vtyu9vhvkv06cjc04mr
People should use nostr because they dont want to be brainwashed consumers anymore taking full control of what they want to see. This is the whole use case.
Influencers or social conditioners are the first victim here as people will trend to be more original not a herd guided to support the new thing or be angry about the most irrelevant issues.
#Nostr is an ego test.
GM QW 🌞
Lots of work to do to eliminate fragility.
Yes on #nostr, and especially when running a #Lightning #node to name the 2 lowest hanging fruits.
Sounds like what I had in mind!
Lewis O Lewis
haha! GM, QW
Someone really should let him know that if it's the clients generating the key he's worried about, that can absolutely be done locally, even on an airgapped system if you really want to go full blown paranoid about it. 
has the library and a use case for generating the keys. Clients just generate keys as a convenience, much like how signers will generate bitcoin keys for you -- you can always generate them yourself.
GitHub
GitHub - jeffthibault/python-nostr: A Python library for Nostr
A Python library for Nostr. Contribute to jeffthibault/python-nostr development by creating an account on GitHub.
It doesn't sound like he dislikes it, he's just pointing out that if you get hacked (someone gets a hold of your private key) you now permanently share your account with the hacker and there's no mommy and daddy to call up to kick the hacker out and "change your password" (private key) And it's true. But also: the hacker can't lock you out of your account either unless you also lose your private key. So you can always tell your followers where to find you if you change accounts. Of course, you have to prove that it's you posting because a hacker can also post accusing you of being a hacker and re-directing your followers to a different account...
With more sovereignty comes more responsibility and less help. But I think it's worth it. We just need to NORMALIZE NOSTR CLIENTS NOT REQUIRING YOUR PRIVATE KEYS!!!! Because every client is a new way to get hacked and if your private key ain't in there, the damage a hacker can do is limited.
I’m doing my part 🤝
Cool. Give it a few months, I'm guessing. Driving force here:
nevent1qvzqqqqqqypzq77777lz9hvwt86xqrsyf2jn588ewk5aclf8mavr80rhmduy5kq9qqsqqqqv6w6jgsef6cfw8k8djv9yw36pdthjf0qa890vvzysgk964zqqsregp
You also trust some software to generate your bitcoin key. And that software can also be hacked. Where is the difference?
Maybe he should learn about Nostr Signing Devices more!