Anthony Accioly's avatar
Anthony Accioly anthony@accioly.social 1 week ago
We unfortunately have 200 other problems to solve besides NIP-47, starting with Nostr content and the attitude towards non-bitcoiners, but this is a big one for sure. I don’t think most folks are ready to move to totally ephemeral pubkeys, and reusing nsecs across experimental, increasingly vibecoded clients is just... dangerous... Nostr really needs to get the basics done right. As a community, we have wasted so many opportunities to scale Nostr already. I joined about a year and a half ago, during one of the many huge waves of people quitting Twitter. Since then we have lost at least three other opportunities to grow. The last one was the hype around @npub1wmr3...g240’s deVine stuff. Every time one of the non-BTC Twitter experiments shows some promise, Nostr seems to crap its pants. We really, really need to get the basics right for Nostr to have any chance. I don’t think lightning will keep striking the same place over and over again, and we may not get many more opportunities to make Nostr scale.
↑ Parent

Replies (6)

Globe99's avatar
Globe99 globe99@nostrcheck.me 1 week ago
I mean... I guess... People use passwords anyway so I don't see this as a huge ask? And maybe I'm out of the loop, but what exactly is the "pants crapping" that's happening about deVine?
1 replies ↓
Anthony Accioly's avatar
Anthony Accioly anthony@accioly.social 1 week ago
Nah, nsec is like the password for your Bitwarden or 1password, it is much more than just a password for an individual social media website. And if you have a lightining address it is like throwing your credit cards in the mix as well, you simply shouldn't use it on experimental clients (which is most of Nostr). Yes, reusing your Gmail password on vibecoded sites is bad, and this exactly why people shouldn't do it. The problem is the path not to do it in Nostr is broken. TL;DR on deVine is that press and some big timer YouTube channels like Linus Tdch ztips got wind of it and a gazillion folks tried to join at once. Basically too many users / too heavy of a worjload for existing relay software and available relays. There was a room with the usual folks trying to provision relays for it (Gleason et all) but if you don't have the infrastructure for the normies to flock in all of the hype is wasted.
1 replies ↓
GLACA's avatar
GLACA glaca@nostrplebs.com 1 week ago
As long as it stays decentralized and censorship resistant we will be good. No need to push it too hard, everyone getd NOSTR when they're ready. The glitches will be sorted out.
1 replies ↓
Cykros's avatar
Cykros psyche_eros@iris.to 1 week ago
If you have a lightning address...with NWC. An nsec that you use with separate lightning wallet to pay invoices just controls your online identity, not your money. And NIP-05 is supposed to address that possibility, but admittedly it doesn't seem to do it the best.
1 replies ↓
Anthony Accioly's avatar
Anthony Accioly anthony@accioly.social 1 week ago
The main problem is that a lot of Lightning, ecash, etc. wallets allow you to associate an nsec to unlock the wallet. Not many people pasting their nsecs into random vibecoded apps are security-conscious enough to use a separate Nostr key, so if one of those vibecoded apps leaks nsecs, you can pretty much scan the respective lud16 for half a dozen popular wallet domains and, more likely than not, hit the BTC jackpot.
1 replies ↓
JOE2o's avatar
JOE2o 1 week ago
Also 'disposable nostr' (ephemeral nsec/npub keypairs) is directly at odds with web-of-trust nostr. It's one or the other. You can't base filtering systems on web-of-trust when you can't trust normal users to keep safe the very thing on which that web is ultimately trusting.