Oddbean new post about login | logout Who here is skeptical about the value/use of WoT and can make a coherent argument against its use?
nOsTr eLiTe
Elite of trust Don't trust the elite Delete the trust
trust require skin in the game, is a behaviour that works in little groups of humans interacting. On internet it will be always weak because the only thing you can loose is some sort of abstract reputation, something that can be re-bootstrapped with another nym with a not-so-big-amount of resources. So nostr WOT have sense and can work well (infinitely better than what we have in centralized platforms) but nothing I'm so bullish on to revolutionize lives.
Something like the idea that just because a social score is "decentralized" doesn't remove the ill effects of said social score and may disallow some to participate in the market?
The great thing about Bitcoin is that it is trust-less and increases market participation. WoT seems to be in conflict with that idea.
I'm generally bullish but if poorly implemented it can misrepresent social signals and create a false sense of trust which can lead to very bad outcomes (eg. installing malicious software).
I am when is see @daylightco giving a shout out on scammers and copycats. What do you think @node @Intuitive Guy ☯️ @ralf @TheGrinder @Mark 🐢⚡️🫂💜 @corndalorian Web of Trust how is this the way when people are not filtering? Ask @Marie
I do believe a metric like WoT could work, If user is able to settle his personal circle of trusted npub. I do believe the game will change when Clients will have full optionability and various different ways of possible settings from what they feed will show. A client should be as "liquid" as it can be, leaving the user to create and form his own nostr UX.
This☝🏼… but how? How exactly does Nostr (by implementations and by NIP standards) give users “full optionability”? What would Sovereign WoT look like? I can think of two foundational elements: 1. Explicit and private markers of trust between users. 2 Subscribable filters (that anyone can publish) for use across clients. nostr:note1437m6fpdcwxurnufzwzj4ztylqw66slug5teza7xllm4slnsamescpftp5
I agree with you. I do have doubts on WoT when it comes to “open sourcing” notes and other content to get zaps
Or when I see @corndalorian getting terrible scores on coracle. Something definitely needs to be adjusted
It’s an interesting topic. I suppose the value of WoT depends on the intent of its implementation. Is it intended primarily to prevent spam and validate that someone is likely who they say they are? Or is it a filtering/moderation system to corral legitimate users into a particular paradigm of social behavior? My posts aren’t everyone’s desired “flavor” of content so to speak, and that’s perfectly fine by me, so a system to allow someone to filter me and similar accounts out of their feed is a good thing. But if someone saw a meme of mine on Twitter and then came to Nostr looking for me but then saw a profile score of 14 on Coracle, they might be inclined to think I’m an imposter account. I think Coracle is missing the mark here, and perhaps using WoT as a pseudo- user/content moderation system, instead of a way to validate that you can trust that someone is who they say they are.
Skeptical, yes, but I think there is plenty of potential value proposition for many implementations of WoT. However, I would argue that it is still being integrated poorly. This is no fault of WoT devs. @nielliesmons is who I would call upon for a good counter-argument in general. I will argue both in favor as well as against WoT because I see things differently, but let it be stated that I am not much of a developer, so my perspective may be skewed. (Warning, this post is kinda long) I had never heard of Web of Trust until I found @straycat on GitHub, and I followed his ideas as best as I could. I basically harassed him to educate me to the best of his abilities about Web of Trust for about one year. At many times his arguments seem very promising but perhaps seemingly short-sighted, though again, I wouldn't place this "burden of proper WoT implementation" on an "amateur WoT dev". I make these distinctions because I believe in the freedom tech movement as much as the next purple-feathered dingo, and I recognize that @straycat wasn't much of a developer either until Nostr encouraged him to keep pursuing his idea of WoT. Watching his progress has been even more satisfying than watching my own. In any case, how this relates to your question- I've been getting to know @cloud fodder and his relay.tools project, and it has me considering what I've thought about Nostr since I got here (~2 years). Relays are flexible as proven by many applications. They can be decidedly ephemeral or attempt to maintain permanence. What impresses me most is the versatility of Blastr. In my mind there will be various structures to the Nostr network which will continue to take full advantage of Blastr indefinitely. When Nostr says censorship resistance, I say BLASTR is the WAY. But not everything needs to be Blasted. So, relay.tools is implementing NIP-42(?) auth which should take care of that and provide ephemeral identities. At this point in my mind, any instance of relay.tools now has the same "problem" of Nostr. "What client is going to integrate with this?" Or, "What does a client with on-demand relays look like?" And, yeah, that's a tough question, cloud. I am fully confident in the direction things are heading. But again, the question. What is WoT for? I think it's for relays. I think with relay.tools we will be able to maintain decentralized distribution of relays that SCALE. And I think it's important that it be done this way. We will be able to create communities of relays based on endorsements from the administrators and users. We will be able to replicate entire collections of relays from one domain to the next. Nostr is a flood and WoT is the wind. It's the direction we choose. The people we trust. It's a trust metric. But I don't trust npubs. I trust heavily endorsed networks of relays, especially when that trust score is heavily procured by my own follow list. By enabling what I call "operational relays" to exist separately with relaytools, we can manage authority structures locally at the domain level, as well as allow users to migrate from one domain to the next, irregardless of client. I believe relay.tools is the future API of scalable Nostr relays and Web of Trust will be our way of sorting signal from noise, down to the personal level, inclusive of client and server levels, and always maintaining total decentralization at the client level, thanks to #Nostr. This is what I see as someone who merely considers themselves a user at this time. When Listr.lol becomes Logseq.lol we will have a better tool for managing complex, personal lists of user data. This kind of application is in development. I found someone on here who is building a client for that too. When I suggested collaborative editing, they seemed on board with that too. The future is fucking BRIGHT king. WoT is not the answer, it is merely our way of filtering signal from noise. But it starts at the relay level. Prove me right or wrong but I hope all of you are aware of how awesome you are. 🍯
Great take! Filtering signal from noise starts at the Relay level indeed. Layers on top that I see: 1. .Communities built on Relays (NIP-29 groups) → Using these as a specific lens / filter instead of your blunt Following List 2. Following Lists → For Web of Not Spam only, not for Trust 3. Specialized Verifiers → Code verifiers in Zapstore for example
Thank you for your response! I tried to zap you but am having an issue apparently. In any case, upon review of NIP-29, I disagree with this part. I can see where it's coming from but I don't think relays can operate as a divided community. Rather, I think relays are individual communities. In my mind, consolidation into archival or decay is the natural progression of conversation, and I think primarily relays are used to transmit conversation. The other stuff would be, like lists, and operational data, protocol-based stuff. As it stands we can embrace protocol-wide communities by empowering relay.tools with a client that enables this. As a simple start we can merely opt for affiliated relays. If I begin a community about mushrooms, and someone else begins a community about specifically red mushrooms, it makes sense for both relays to affiliate with each other to encourage growth and distribution of content. This begins with operational relays, at the domain level. Various protocol data can be broken up and managed in a decentralized construct, while being hosted and controlled in tandem. This allows for flexible navigation and management by users. They decide what level of the protocol they wish to exercise. They decide when to migrate, or when to post, or delete, or make changes. By doing so, we can store the NIP-51 lists of affiliate relays on an operational relay for the host of the example relays. For instance: I start a website called foragers.dev I spin up an instance of relay.tools I decide I want to host three relays: n/Foraging n/Growing n/PenisEnvy Upon initialization of relay.tools (in theory), you would be prompted with the ability to offer multiple domain-level relay configurations. I can't begin to imagine all of the potential stack flows of Nostr servers, but I can imagine that there would be more than one, depending on the client's goals. Everything you can separate to its own relay reduces the load of the "initial operational relay". So let's start with the primary relay, which will initially operate as the basis for the domain itself. n/Foraging would offer the "total suite" of operational relays. The user would decide if they want to separate any particular data on their own accord. But initially they will configure their own stack if necessary. n/Growing would be (in this example) a resource-based relay. Let's say I aim to fill this section with guides for growing healthy mushrooms. My users are happy to help embrace this goal and we all decide there are some other useful relays we want to affiliate with. But, oh no! Their relay isn't hosted on our server! That's okay, because collectively, the users will form a list of the most relevant relays, and they will publish it to the domain-level operational relay. This will allow the domain to know who to advertise, specifically on behalf of a single relay, and only in congruence with the specified relay. Think of this like one subreddit recommending a list of recommended subs. When the relay gets deleted, along goes the domain-level lists that went with it. If a relay migrates? Initalizate a migration (in theory). The destination relay is hosted with relay.tools ? Great, it recognizes the signed events, and authorizes the initial instance of relay.tools to Blast those relevant domain-level events. And Web of Trust? Well, that becomes a domain-level operation.
I think I’ve outlined your 2 and 3 in this short summary article. nostr:note1437m6fpdcwxurnufzwzj4ztylqw66slug5teza7xllm4slnsamescpftp5
@slipstream is working a Logseq type of application for interoperating with relays. I wonder what kind of a headache that must be. I also wonder if the honorable @JeffG has used Logseq 🤔
I haven't used it before (I use Reflect - which is a paid app that's very similar).... looks really cool though.
Close enough! Plenty of applications doing it these days. I'll be exploring SiYuan and Bear notes soon! I think these apps will scale well with the information management demands of Nostr.
Blastr style storage is what attracted me to build on nostr in the first place. I'm not prescribing it, but the option for the user to choose a Blastr proxy relay is great
Bingo! And how could I deny having a fat crush on @Deleted Account.... 🫣
If it can be gamed, it will be. So, it's better than nothing, but not the ultimate solution.
A subjective web of trust where attestations flow from you outward and you only get information from those you trust cannot be gamed. nostr:nevent1qqs29rzrzghl4veh43mvzttx4wlqgwwrrggs7c8gctvdngx7526jm3spr3mhxue69uhkxunewp6x7am0d3nzumn0wd68yvfwvdhk6tczyqh04fc4hw6xm4d7dd7634msqfndz9n5hyfms9u2mk6u9e3anpenzqcyqqqqqqg98hk6n
My bro. Let's stop the acronyms. WEB OF TRUST. I'm not skeptical. But not very educated either. How can someone remain anonymous but also benefit (or at least not get screwed) by a web of trust (wot)
Subjective influence systems when properly implemented work by looking at who _you_ think is valuable, and helping you judge, filter and discover content as a result. That works perfectly well when one is anonymous. It's only if you want to be perceived as a valuable curation node / trust provider to _others_ would you need to be not-anonymous.
Toxic model. It should be about differences in value of content, moreso than differences in value of people
You assign trust/influence/value-to-you to accounts along contexts - not just "about the person" (which I agree is a problem in the bad version of WoT). So you are ultimately scoring their content. If I assign low trust to Laeserin on the "economics" context but high on "religion", then when she writes content on those two topics, it will be filtered (for ME, not anyone else) accordingly. Now, if you attest about me on these two topics, my view of Laeserin will slightly influence your view of Laeserin (only on these topics), along with your own view of her and others you've attested about. The process is entirely voluntary and reputation flows from you. Nobody else can influence your graph if you don't trust them to. There is no global state of influence.
We've discussed this before, what you're describing is useless because it's relying on blanket judgements of entire people which most human brains aren't good at during a population crash. You need to rely mainly on judgments of individual pieces of content. Likes and reports exist. Don't know why this is so hard for you people to wrap your heads around
Friend... likes and reports on a given piece of content could be exactly the things that feed your web of trust about the author of the content on the contexts they wrote about! In fact, an early prototype here does just that. Upvote/downvote on wikifreedia articles are used (crudely for now) to build your personal attestations: https://brainstorm.ninja/#/dashboard
You're not making sense. Upvotes and downvotes on wikifreedia are attestations, if you're using them to "build attestations" it sounds like you're doing something wrong. Like using houses to build a house.
Using them as data points in a personal algorithm to build up a subjective worldview about many accounts and many contexts, taking in other data points as well. Not "using a house to build a house", using numbers to build other numbers. AKA "math". (Or if you prefer your strange analogy context "using rooms to build a house")
Web of trust wouldn't rely on an algorithm to develop a worldview. That sounds more like "web of algorithmic worldview." A web of trust would rely on an algorithm to sort content. The words you're using aren't making sense because you're trying to mask bullshit.
Listen man, I don't know what's up with you today but you're being extremely hostile for no reason. I'm not masking any bullshit and the code I'm referring to that I linked to is all open source. You can see for yourself that there's no big bad secret. I didn't even write the thing, I'm just telling you about it. "Algorithm" here just means "processes", not "evil social media voodoo". I'm just saying that a bunch of data is combined to generate content rankings from your point of view. That's "an algorithm" Please relax
Nostr web of trust is mostly just feeds I like versus feeds I don’t like. So it protects you from spam. But it’s not the same as an explicit “I trust you” let me sign your keys with my endorsement that others who know me will now trust you more. It’s softer, so I think in nostr there is additional room for an explicit statement of trust. Maybe a new kind which is just a signed event that says I explicitly trust this npub.? Also just a second idea I think a note kind of debt between npubs might be interesting. I haven’t worked out the details but maybe something like an event which can be shared privately to define terms and then both parties sign the event and when someone posts it, clients can retrieve the events that show a debt, from one npub to another. And when a debt is paid the “receipt” of the payment can be a new event that is posted so the client determines the debt existed and is now paid? The only debt enforcement mechanism would be your reputation on paying these debts. Anyways that could be another mechanism that users could use to determine who they engage with from a social / commerce perspective.
My initial fear when hearing it is a snowball effect. What if one person I know missed something and gave their stamp of approval, and then everyone else trusts the n people who already gave theirs?
That’s not how WoT works; it’s not binary, many people need to signal, and continue to signal non-garbage
I am skeptical, especially in the context of nostr. Nostr, as currently implemented, can't even accurately count followers. I do not see how a proper WoT can be built with that basic parameter being so wonky all the time. Build your own WoT, just like you would IRL. Don't rely on others. That's what I've done. I love my feed. It's weird enough to keep me coming back without repulsing me and it's cozy enough so I smile and learn things. I doubt a systematized approach will be able to do that.
I think most conceptions of WoT rely too much on (and handwave away) users putting the needed data into the system, in terms of explicitly marking nodes as trusted. I think we need to start looking at using zap data as a latent web of trust (or rather, web of value). I've written about it this here: nostr:naddr1qvzqqqr4gupzqyhjp3nd83hxklumz9elp6gmth2zrhr804hrcrktpmplygwtw4jjqqxnzde38q6rwwph8qcrvdpjwz7qav
Web of trust works for a social use case however people use microblogging/ blogging platforms for other things. Journalists will follow people they don’t necessarily agree with to see what is happening on their beat. Scientists who used Twitter a lot before it’s downfall also may not have trusted everyone they followed but they were using the connections to see what else is happening in their field or adjacent fields - this is especially true when there’s a paradigm shift happening in science.
That's a fair criticism. Maybe a separate personal account/key where they only follow closer more trusted connections can somewhat offset this? Perhaps they lose some influential WoT follows bonuses from their work key but get a more accurate trust graph from their personal? Or better yet, an option for follow lists that don't get accounted for the WoT score can be implemented in the WoT spec.
This isn't really an argument against WoT, but maybe an argument that it's a poor name. All I trust people in my graph for is that they're real people. This leaves room for difference of opinion. More nuanced representations of WoT like what nostr:nprofile1qyt8wumn8ghj7etyv4hzumn0wd68ytnvv9hxgtcpz4mhxue69uhkummnw3ezummcw3ezuer9wchszrnhwden5te0dehhxtnvdakz7qgnwaehxw309ac82unsd3jhqct89ejhxtcpr4mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmp0qyt8wumn8ghj7un9d3shjtnddaehgu3wwp6kytcprpmhxue69uhkummnw3ezuendwsh8w6t69e3xj730qyf8wumn8ghj7mn0wd68yv339e3k7mf0qyw8wumn8ghj7un9d3shjtnzd96xxmmfdecxzunt9e3k7mf0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qpqu5njm6g5h5cpw4wy8xugu62e5s7f6fnysv0sj0z3a8rengt2zqhs54wfss is working on could represent more substantial "trust".
This is a good point. For now, I consider the phrase “web of trust” to be a very broad one that encompasses a wide variety of purposes and methods. It’s been over 3 decades since pretty good privacy was released and we still haven’t wrapped our heads around it as a community, as evidenced by the fact that the big tech companies still exist. So a big, broad, loosely defined term works for me. Recently (last month or two), I’ve been using the term “WoT Score” in a very focused way, to differentiate it from other scoring systems like the Influence Score which is what I’m advocating now that I have a working demo of how to calculate it and use it. Tapestry, concept graph, and grapevine are umbrella terms I use to describe my own approaches, with a glossary of 20 or 30 or so associated terms and concepts, written in draft form and at varying states of editing in my github repos. It will be interesting to see how the terminology around WoT develops over time. I anticipate the terminology will evolve as the use cases become more apparent.
It's non-binary, so nobody knows how to use it. Obvious #shitpost and I am sorry! nostr:nevent1qqs2exmsxce935yfrxgezl35m3nht00y6xvwxtmyt5xlyqa5nkstsncpz4mhxue69uhkummnw3ezummcw3ezuer9wchsyg86np9a0kajstc8u9h846rmy6320wdepdeydfz8w8cv7kh9sqv02gpsgqqqqqqswcygt2
"Imagine if Bitcoin existed, but majority early adopters were dictators & companies" AKA "Image if WOT was started by the bad guys" ( @PABLOF7z not saying we are the bad guys 😅 ) nostr:note14jdhqd3jtrggjxv3j9lrfhr8wk77f5vcuvhkghgd7gpmf8dqhp8sshmqqg
I like the way Max Hillabrand used WoT with PGP. https://web.archive.org/web/20201127093818/http://towardsliberty.com/contact/PGP_policy.txt It would be great to know you are talking to the real Lyn Alden, but like Hodlbod sad, this comes with privacy tradeoffs. I'm not so sure what that would do for discoverability though, but it's a fascinating topic.