Oddbean

Im surprised that ephemeral notes is not the norm. From a design perspective, over a long term timeline, storing everything on relays permanently seems unsustainable. It seems more reasonable that the default time a note exists on a relay should be some arbitrary number of days, with permanence being a service or a self hosting option. Where the idea of storing everything forever came from I don’t know. 🤷

"The bad people" can and will store anything broadcast on Nostr that interests them, for as long as they please, NIP-09 be damned. It is _polite_ for relays and clients to honour NIP-09 requests, but let's not mistake that for any kind of security. At best, this could inconvenience bad actors who (a) lack the resources to store everything even short term and (b) who first took an interest in your account AFTER you posted a delete request for your content of concern. Yeah. Nah. SSB was very good training there.

this whole topic is very odd. the way people respond is quite strange. People who want it, invoke portents of doom. And people who don’t, misrepresent difficulties in achieving it as gigantic impossibilities, so don’t even try, and you’re dumb for suggesting it. The amount of emotion connected to this, and the know it all vibes seem quite weird and out of place. it’s a curiosity

I didn't use the word "dumb". I prefer to think they haven't given thought to the practicalities of retrospectively changing data that was broadcast in an open ecosystem that already has bad actors inside the walls.

I have no emotion about it one way or another. I see logic in all the arguments. I’m just trying to determine for myself if the overall misplaced weirdness in these conversations is driven by ego and immaturity, with a dash of Twitter style toxicity habit, or if there are some underlying motives. I think you’re all great. 🤷

I think so, too. I've followed @ava since about the first day I joined Nostr, and her posts are very informative. But this particular issue attracts too much wishful thinking and not enough information theory.

It is like seeing Stargate and saying we should build those and explore the universe... It would be great, maybe it is even possible with technology advanced enough—who knows, but right now I can't imagine it could be done. It is not dumb to ask for something like that per se, but it doesn't change the fact that it can't be done.

What you are asking for requires a time machine. Or a completely closed and centralised relay and client ecosystem; with perfect security and not subject to external coercion. The time machine sounds like the easier challenge.

How do you unsign a note once someone has a copy? Isn't it like un-telling a secret. You have to trust the person you told when you tell them that you don't want to tell them anymore and can they please forget.

If its not retroactive, then network participants have already received it. What they choose to do with that data is totally beyond your control. You can ask that they forget your secret. If there's a small enough population that received the plaintext (ideally one, as in a DM), then you have a chance, but no certainty, no matter what we do.

I know transactions can't be deleted from my node. I know torrents can't be taken down no matter how hard you try. I know if you delete a tweet, people screenshot and they find their way onto way back machine. It's a trade off we made for censorship resistance. If somehow we can control what other people store and serve in their own relays, we are also dead in the water. So then what? Open to your suggestions

"Greater privacy" is a moving goalpost. Not even XMR passes unrecorded and un-analysed. It is nearly certain that the first year's worth of transactions has been largely de-anonymised. XMR transactions are passing only a few bytes of unique information, and the set of participants is very large relative to the small uniqueness of the messages. This is wildly inapplicable to Nostr.

The point of NIP-09 is to delete already broadcast notes. If you haven't broadcast a note yet, you don't need NIP-09. Unless you're using Amethyst. Then your drafts will get you in trouble regardless...

Disallow is simply not enough. Anything can be written down, but there have to be technology to assure it is not possible... But I honestly believe there is no mechanism which would prevent something once public to be completely deleted and removed.

You just need poisoned relay and client and this is broken. I'm not saying your proposal is impossible, but my mind is stuck on the untelling of a secret example nostr:nprofile1qqs8x9lez0pauuu7sw4jmhr8qz50tjh5t7k95qkx4zrt2hhekl356sgpzamhxue69uhk56t8vauhgmmd9ejxgmnn9ehx2aqpz4mhxue69uhk2er9dchxummnw3ezumrpdejqz9mhwden5te0dehhxarj9enx6apwwa5h5tnzd9aqye5vk4 used. And I can't imagine how to achieve this in a system on every level.

nostr:nevent1qqsfe89fc05rfnz7jhth982e6pwsgjx2hm2yfj75cts9yh8700xgdxcpg3mhxw309a3xjarrda5kuu3kv3jn2mrtweurgarswajx67njv3nxgurvvy6hx7tpxfskvamsvdsky6n4wqe8surfx4j82mrzv9jzummwd9hkutczyprqcf0xst760qet2tglytfay2e3wmvh9asdehpjztkceyh0s5r9cqcyqqqqqqg7pfxlv