Replies (134)
Can you elaborate for us non-developers what a backend is for Primal? I have no idea, but am interested in learning about it. 🙂
Most clients have a front end application, a UI, that interfaces directly with relays as their data source.
#Primal has a UI and also a backend server that, together, interface with relays, enhancing the experience in a way that just a UI couldn't.
The result is a better experience.
This is literally no different than twitter then. Just use twitter if you want a single server. The entire point of nostr is the ability to connect to different relays so you don’t have a view of the network that is controlled by a single entity.
Are you regarded?
Twitter's source of truth is the Twitter database.
#Primal's source of truth is the user's own relays.
Twitter owns the user handles.
#Primal doesn't.
The source of truth only matters if you can verify it. You are trusting their relay to do that for you. They can forge posts or even swap out zap addresses this way if they wanted to. if they didn’t want to it could still happen if their relay is hacked. Don’t trust, verify.
Everything you just mentioned is possible with a front end client.
Having client code execute in the user interface and a server does not undermine #Nostr, nor does #Primal have an incentive to do so.
Do you let other people run your bitcoin node? Verify your bitcoin? Would you run a “backend” bitcoin client and let a third party verify your transactions? You sound like someone who would store their coins in coinbase, since you seem like a fan of backend clients.
Waiting for you to provide a technical argument.
Can Damus "forge posts or swap zap addresses" using client code?
You can’t verify what backend code is running, you can compile and verify what code is running on damus ios and damus notedeck. No backend to trust. This is 101 stuff man.
Even if you looked at backend source code it could still get hacked and swapped out. This is a real concern. If the caching relay started serving zap addresses that didn’t match profiles… you could be sending sats to hackers on all profiles. This can’t really happen on iOS due to how code signing works, ios verifies binary signature chains from apple and the developer.
1. Client code *can* forge posts and swap zap addresses.
2. Server code can augment the #Nostr experience in ways UI-only clients can't. This is why #Primal is winning.
3. Attestation for live server code is a real issue, but with primitives like runc/containerization, something like this is getting closer to being possible.
4. #Primal could rug their users using a rogue build on the server just like Damus could on the client. The reason these things don't happen is that the risk is destroying the project's reputation and the return is a paltry sum.
This is 101 stuff man.
Immutable container runtimes are becoming more and more prevalent.
It should be possible to build a cryptographically verifyable container for every commit on Github, then automtically deploy that container to an immutabl container runtime engine in such a way that the entire live production backend could be verified by users.
@miljan can you have the devs chew on this? I think its in Primal's best interst to put this type of concern trolling to rest.
note156x0nyw5wlthztyne4uaekvffu9hhmh7lhl5u3yskkvksvkavhxsmvp48h
Theres nothing primal is doing right now that can’t be done with a no-backend client.
The hack risk of your client trusting zap addresses from a trusted backend is too high, money could be sent to the wrong place, this would tank nostr’s credibility.
A centralized server has complete control over what you view, they have censored users on the past on trending.
They have complete control to manipulate follow counts to make people look more popular and others not, the counts don’t match up at all with other indexers.
The server can go down leading to the app not working, leading to people viewing nostr as unreliable.
The wallet is heavily kyc’d and doesn’t work in many places including where i live.
The system is very brittle, and is set to implode the second they run out of money, and can easily lead to a very easy to censor experience without much effort from governments and ISPs…
but hey, what do i know, im just a “butthurt dev”
Look, I'm trying not to embarrass you, but it's clear you don't know what you're talking about.
It's not 2000 anymore; servers have immutable, verifyable runtimes that can't be hacked the way you are talking about.
It is possible, just not common practice, to provide full attestation of server code so that users can verify (byte by byte) that build A is running in immutable container B.
note156x0nyw5wlthztyne4uaekvffu9hhmh7lhl5u3yskkvksvkavhxsmvp48h
Primal doesn't need your permission to make a full stack client.
They can and should provide end to end attestation, from source to live production instance, of their server code.
Users aren't locked in in any meaningful way. Easy on, easy off.
sorry, you have no clue. There is no such thing, even if there was, noone is running that tech. There is a 99.9999% chance most code is running on mutable architecture. Do you just make stuff up to sound like you know what you’re talking about?
At damus we run the closest thing to immutable architecture (nixos), but its always mutable, you can always run whatever you want once your’re in the machine, unless you have some custom crazy os and hardware like apple private ai.
It is completely possible and the fact that you can't be honest about that says a lot.
1. Containers are sealed and verifiable, cryptographically, down to the last byte.
2. Immutable container runtime engines exist. I haven't been in the scene for a few years, but both AWS and Google Cloud were experimenting with such things before I retired.
You're flailing.
Cool i will wait for this magical system to be in place where a client verifies attestations from a container, i dont see what this gains over certs and how the client would know what attestations are valid without trusting the server anyway.
Clearly you don't.
I'm not the one campaigning against a competing project using dishonest claims.
we need gossip to scale and decentralize nostr too, plebs running nodes is the path forward. I really don’t even see how a single proprietary relay even works at scale, unless it’s just bluesky and twitter all over again.
We’ll get there
I was, but I simply disagree with that characterization.
It's true that the purity group think has imagined #Primal to be some threat, but actual engineers can think through it and see: it's just a full stack client.
Codebase is actively hostile to user funds. I use #Primal every day; in what way am I being exploited or trapped?
Its a good bootstrap yes
🫡💜
If the primal client isnt ALSO writing to the caching relays this will continually lead to people's replaceables (follows, lists, etc) inadvertently wiping out what the user wants it to be. Your caching service is NOT UPDATING at an appropriate pace for this flow model
But they are not honest, in the beggining they blocked and shadowbaned people here, the ones that are here from the beggining know what they've done.
Will and Damus weren't booted from the stage. In fact, from the very beginning talks, when we were working on the program, we had Will on the panel.
Will decided he did not want to participate on his own. He felt that people were buying main stage talks. He didn't like how the packaging of booth and stage content were merged together.
I was actually saddened by this. I had been speaking to Vanessa and trying to get him to come and have him participate in all of it.
On a side note, I specifically remember one video call where
@miljan said "c'mon, it's Will, if course we have to have him in stage for this panel."
Sadly, I just couldn't make everyone happy. I tried my hardest.
As for comments about Damus or Will at dinner, that wasn't a dinner I was at or heard.
Will is my dude and will always be my dude. 🫂🫂🫂
Still waiting for you to reveal those tools for being done with Gleason's bridge bullshit that you said "we" already had as of last night. Were you lying and gaslighting and wasting time because your bullshit was being called out aggressively, or did "we" really have those tools all along?
“Are you regarded?”
Yes actually he is.
If it makes you feel any better i would levy the same criticism against any other client that has a centralized relay that it reads from. Maybe just make this more obvious to your users so I don’t have to continually troubleshoot their issues every day.
Will knows I love him. We shared an Airbnb two months later after Prague. He knows the level of my sincerity and friendship.
Same echo chamber as the people who've told me this. You know, the circle of Bitcoin whales and/or OGs is very small. So you're not on the board, fair enough. Step down from your horse, you're not flying as high as you might think.
I heard different from people as close to Will as yourself. In fact, you know them just as well as I do.
Anyone complaining hasn’t been around long enough to see the tides of change … tech changes … new experiences become normal.
Every platform can be disrupted by a new interface. Seem it from client server to dailup modems. From desktop web to mobile first.
Laser has lost his fastball a little.
Seems more easily agitated & takes a feminine tone in arguing. I sometimes question if it’s the same laser of old.
Yes, we need better docs. We try to make it easy to stand these things up from our repo, but definitely hit us up if you need help. We've helped other teams stand them up in the past.
Absolutely, I'd like Damus and Primal to work closely together to achieve our common goal of satisfying Nostr users. Thanks for sharing your experience!
I know. I'm just telling you what actually happened since I was involved in the conversations on both sides playing middle man trying to get everyone to play together.
Do you know what an nsec is?
Your passion is showing. You're critical because you want what's best for Nostr.
👆this is how you respond.
The last sentence is perfection.
🍿🍿🍿🍿🍿🍿🍿🍿🍿🍿
You could have just said your autism is showing but ill take it
Can primal please show reactions. It must be frustrating for users to only see + and 🤙 while they receive many more.
Still waiting for you to stop doubling down on gaslighting and time-wasting. Admit those are what you were doing here, not merely being "confused" - and if you want to apologize, offer substantial help with the same power you've abused here, or a relinquishing of that power, instead of empty words.
View quoted note →Dude, it has taken me years to figure this out. 😂 I am overly anal about some things and I used to just think I'm just an asshole sometimes, but now I understand. And it's thanks to me being a father and witnessing this with my son first hand. Sometimes we just get hyper focused on minute details.
A login criteria Primal has previously stolen from my clipboard when I wasn't trying to share it with the app?
I disagree with you, jb55 is totally right if you have a backend you are centralised, you control the data that you fetch from relays and you choose to let users see what's on the relay, but you could easily censor that data if you wanted (or nicely asked by gov)
it means primals server is aggregating the data for the users.
Post proof of FUD.
After reading up on this, all Will has done is list facts. Your reaction is alarming.
Same
Primal is good. Next?
not sure if this will reach your relay.
R2R relay-to-relay 😆
You know what else stores the whole network's data multiple times? Bitcoin.
The worst case scenario for Primal is that it becomes like the Bluesky BGS. But that is a hypothetical fear. And it's also a best case scenario? Because we would have a ton of users? But importantly, apps like Damus already exist, and a foundation is laid for a "free" side of Nostr that will never work perfectly but will serve a community who truly needs it, which will continue to grow. Both are inherently needed, and that is the true power of Nostr.
> The hack risk of your client trusting zap addresses from a trusted backend is too high, money could be sent to the wrong place, this would tank nostr’s credibility.
This is an argument against zaps. They add nothing but unnecessary risk.
I've been here since then. What have they ever hidden? The code is open source.
@miljan has already detailed this better than I can already. You can take advantage of Primal's search feature and find it for yourself.
💪🏻🔥🫡
So if you are here from the beggining did you remember when Onyx and Ralf were manually shadowbanned?
No.
Ask them, many people saw in real time that happening.
@TheGrinder
Can you confirm what im saying about Ralf and Onyx being shadowbanned on primal on the beggining, or i am telling a lie?
There may be a "nostr community" today because nostr is small. But nostr is not designed to be, nor will it stay a small cohesive community. Any number of communities that are at total odds with each will exist on nostr as it grows.
You can ask miljan too, i doubt he will say that doesn't happen..
Maybe he will say it was because bla bla bla, like he allways do, but it is what it is
I think you either replied in the wrong place or misunderstood something, this doesn't seem to connect
I don't give a fuck to what they have on there repo, i was here when censorship on Primal happened, i saw that with my fucking eyes, and i wasnt the only one that saw that..
@miljan see, eventually people start to see the details adding up. Misleading… that’s what you are. So was your marketing, so are your investors, so are the other projects they fund. Misleading
ill think of it how i want to think of it. based on its actions, bot on its many words.
I'd trust
@jb55 over most devs any day
Laser
The fact that
@primal has a backend in no way threatens #Nostr as a protocol and open network.
Think of it as a full stack client. Backend client code + front end client code. The source of truth remains the relays, and users maintain complete control over their keys and handle.
Don't get gaslight by butthurt devs. #Primal is taking the #Nostr experience where users want without lockin, censorship, or moats.
Dumbest take I’ve ever seen. You need to learn computer science/CAP theorem. All the readable data is centralized on one server. That isn’t a feature — it’s shitcoiner level centralization.
This honestly is my biggest desire right now for Primal and the single thing that keeps me using Damus and Nostrudel if I'm on mobile or desktop.
It stinks because people are engaging (even if it is negligible) and I'd like to be able to return volley.
I worked in software for nearly 2 decades, ding dong.
How does the persistence tradeoffs
@miljan and friends made have anything to do with the debate at hand : whether or not a full stack client undermines #Nostr.
Please explain to the audience how throwing out CAP theorem, a term for navigating data persistence constraints, as it relates to Primal's cache implementation, supports your presumed argument that the presence of a backend in a client somehow degrades user sovereignty.
It's more of a question of client architecture than it is an election of personalities, IMHO.
I’m sorry miljan, but for non-tech people it’s not obvious from the network settings.
I may not be a developer, but I wish I had known this before subscribing to the premium
“Software” isn’t distributed systems. This isn’t Silicon Valley. You clearly don’t understand the CAP theorem.
Here’s a crash course:
It's a cache, you moron.
You can’t change which relays you read from. It’s not rocket science.
Clearly, there are trade-offs between scalability and UX versus decentralization. No one has found the golden rule to have everything at the same time, and I think it will be a good experience to better understand the dynamics as a social media over a decentralized protocol.
In the end, we cannot find a new path by doing the same thing everyone else is doing, and we can always choose another client if we dislike one or another.
Clearly Laser is going to keep his head in the sand. 🙄
I hope you all get a chance to see what
@jb55 said in this tweet below, and if you don’t understand what he meant then listen to the video.
@ODELL @miljan
And
@jack, I know you’re probably watching this drama unfold… just get in the arena already. Work with Will or Martti. Work with the purists. Make a client yourself, like you alluded to 3 months ago. Don’t compromise on the CAP theorem; who makes the client isn’t as important as decentralizing the data itself — the client code can live on beyond you.
View quoted note →Exactly my thought except there is no ads like on twitter .
Damus and Nostr by far my prefer to decentralize social media .
Especially Damus very clean and simple interface with only to reshare and reply .
No amount follower show up or everything . No crowd.
Calling it a cache is just a way to distract from the fact that it’s used as a crunch to deliver all the data to all the users. Users can’t read data from any other server.
Achieving quick speeds with a centralized server is just a sloppy shortcut that compromises on our values.
crutch*
Primal can censor anyone they want anytime they want. it will happen soon and people will blame it on nstr the protocol
Hmm
@jb55 said the primal server was proprietary but after looking further I found it here:
GitHub
GitHub - PrimalHQ/primal-server: Primal Server includes membership, discovery and media caching services for Nostr
Primal Server includes membership, discovery and media caching services for Nostr - PrimalHQ/primal-server
I don’t see anyone else running one, but technically relay operators could run this alongside their relay to service Primal users.
Although, it feels like a fork of nostr. Users can’t connect to normal nostr relays — therefore it isn’t backwards-compatible. The way we built Nestr was:
1) You can pull notes from normal relays
2) You can only pull the Merkle trees and blossom blobs from blossom servers and HORNET Storage servers
We preserved backwards-compatibility. Primal compromised on backwards-compatibility.
And there’s literally no documentation on how to change which relays the cache pulls from. 🤦♂️ It wasn’t built with other people easily running it in mind.
Immutable container runtimes sounds powerful, however I don't see how it can be proved/enforced. Do you have any pointers to how they work?
@aljaz do you know anything about this?
Any of the clients, which users trust to serve them relay content, an censor anytime they want.
Aside from my previous statement still standing then, it was you who said "don't get gaslit by butthurt devs"
Even if I had documentation to point the primal cache to a relay I host, it would just duplicate a ton of the data.. so inefficient. The goal is to have many relay operators to choose from. Otherwise, we’re all just playing pretend here. LARPing…
It's true.
It’s just dumb that a technical tradeoff discussion between me and laser launched into a full blown campaign from odell and miljan to call it fud and odell to call me a liar. Apparently you can’t criticize them.
Where are the developers saying i’m wrong? So far it has only been investors and influencers.
Most people *dont* understand that its only reading from a off-protocol server, the relay list is super deceptive, i’m also tired of explaining this to people and people saying im making it up.
I’m talking about *facts about how things actually work*. its important for people to know this so that they can make informed decisions.
Its not really fair to compare a real nostr clients to a client-single-server model, they are completely different systems with different properties and security models. Can we not talk about this? Noone cares? Ok great, im talking to people who do.
people care.
and you’re not wrong about Primal. Or that it IS misrepresented.
But if you actually want to know why they are responding this way, it has to do with who you are, and the weight your voice carries. IMO, you spoke like you would to a friend about something that bothers you. Buy there is an unspoken expectation that you become much more measured and diplomacy in how you speak about these kinds of things, to preserve others reputations.
It isn’t fair, or even right, but it is what it is.
I'm not a developer and I'm not very technical with how all the moving parts work. What I know is mostly from my own experience. I was here from the beginning, and I remember how it was. Things barely worked at all. Censorship is, to a large extent, part of the fuel that feeds all of our passion for building on and using Nostr. Not only do I disagree that
@miljan was shadow-banning anyone, I doubt there was tech available to do that in a Nostr environment (if it can even be done at all), and he certainly wouldn't have wasted his time singling people out with so many far more important things to work on. Sorry, that bucket doesn't hold water on any level. These kinds of accusations being thrown around makes Nostr weaker, not stronger; makes you less credible and the developers you support less likeable. Something was obviously broken - like a relay that was hosting their content, or one of many other things - than from anything
@miljan would have done on his own. Please be thoughtful and cautious with accusations. I don't see any devils running around in this space. Let's not create any. Okay? 🤝
Tech > Politics
ironically, this comment is political. and so are you 😏
Engineering trust-minimized, distributed systems is guided by principles beyond mere social consensus/politics.
Just like how the properties of money aren’t arbitrary (despite what fiat institutions say) — if you studied the history of money you’d see that principle applies to both in the same way here.
Would it be possible for Primal to integrate a fallback where the client can directly read from relays if the caching service goes down?
There is always a wild reaction whenever engineering discussions come up. “Nostr wars”. i don’t think people realize this is how engineers naturally are.
It’s the only thing that matters 🤷♂️
Anyone can build UX.
#freeralf
The cyber hornets are supposed to defend these principles, but they are dwindling… we have to do it else no one will.
Hopefully it will attract more of them. 🐝
very true. always thinking about how someone might feel, or interpret something takes all the brain power needed to solve the actual engineering problem.🤷
You can change the caching server I’m pretty sure
💜
if hornets are symbolic of principal conviction in this analogy,
sugar catches more hornets than fire. diplomacy has a more efficient outcome. it has always been thus. especially for a generation prone to conflict.
Still seeing you on Primal. May this never ever change even though it technically could?
With respect
Anyone who works with engineers at arms length knows this is exactly how they naturally are.
High precision high compulsion unwilling to budge a micrometer if doing so could lead to error or harm or embarrassment. In short high signal and noise intolerant. But sometimes stubborn for lack of a better word.
Then of course there are physicists….
cyber ostriches?
Haha now that’s a brand 😆
Burn the bridges to charlatans or be burned by their false principles. I’ve tried to be diplomatic in the past. I’m done wasting my breath.
I said it 6 months ago… specifying the risk of their giant cache layer. It’s clear what their philosophy is. Shortcuts are quick to ship, but ultimately fragile
“I should be able to go to your profile, open your list of relays, and tap on the new relays I want to connect to. The relays in the list I’m already connected to can be present too, but with a different icon beside them, just like on Damus.
Preventing users from being able to discover the relays of people they follow is antithetical to nostr’s philosophy of data portability. We should make moving relays as easy as possible rather than relying on Primal’s giant cache layer.”
View quoted note →Cyber Ostriches Unite
Doesn’t have the same ring..
Well container images are by definition immutable since you know what hash you are running on, if you pair that with remote attestation you get crypographically provable environment which is also the fundamental part of confidential computing
Primal including other reactions would also make nostr's network effect less biased in favor of centralization-minded people.
Right now, Primal's trending feeds are basically nostr's biggest content discovery system, and the trending system is biased to favor the opinions of people who use Primal instead of apps that support emoji reactions, since Primal doesn't count those reactions.
This meme I posted a little while ago is a good example. It currently has no engagement according to Primal, but nostrudel shows 2 reactions from 2 different npubs, which would generally be enough to get into the 1h Trending feed these days, possibly attracting more engagement. It's a subtle bias with a strong effect.
Yes, that's the plan.
Important caveat: it's possible that if these reactions were counted, then 2 wouldn't be enough to get into Primal's trending feed anymore. But it often only takes 1 reaction, so it couldn't be too far off.
That’s awesome, thanks!
My DVMs still count them. They are available in primal. At least those who are not personalized.
Reasonable not to include personalized ones since some aren't actually meant to be positive
what's up with physicists?? 😤
No disrespect meant. Two observations:
In my experience physicists interactions with one another can be easily mis interpreted by outsiders (and I am one).
Eg hyper aggressive attempts to root out errors can appear as mean infighting and egomania or toxicity.
And there is meanness and egomania present in physics of course, it’s just been my experience that outsiders looking in often just don’t have the training / exposure / mathematical chops to discern which is which. To make a terrible analogy- if I am not actually on the team, and I was never actually in the game, then I am not in a position to judge the locker room talk afterwards.
I also find physicists get so sharpened by the empiriometric precision required by (and successful in) their field they can get frustrated when that tool does not work well in other areas. They sometimes default to assuming sloppiness in applying the tool rather than realizing it just does not work well everywhere. And if they cannot shake that assumption you get a physicist thinking “find and root out the error” and a non physicist thinking “you are totally using the wrong tool” and they talk past one another- sometimes unpleasantly.
Primal still does t have amber login when the feature was requested a year ago and many smaller clients have that feature.... It's improper when key rotation doesn't exist to have users pasting their nsec all over town #nsex
How can you be tryi g for the best UX when you don't have amber login?
I thought the zap addreses where stored in a local cache. having it in the backend would be innecessesarily wrong, I give you that.
Their should be different sources of indexers and should have a Merkel root that contains all events that attestate for each post so u could audit it.
Primal is the macOS of nostr clients 🤮
It was manually done, not something broke, ask everyone who was here what happened and you'll find out.
People get confused by the mere presence of server and think centrization, not connecting that censorship can be performed directly on any #Nostr client itself.
Full stack clients like #Primal are going to leave UI-only clients in the dust.
nevent1qqsdxjenj5fp5rr0k28ntuyzwugeuw62a6h8hmy8zkn7wu7a5nhqmhcpr9mhxue69uhhyetvv9ujuam9d3kx7unyv4ezumn9wspzqdtgwhlaw2dsdm45c8t6wzslw5qyt5r8waxjrs86llj272ledghgqvzqqqqqqy2guuqc
