Oddbean

Web-based 'Freedom Tools' can't rely on centralized, government-controlled domain registrars. Domains not only serve as a single point of failure but also open up significant attack vectors, especially if the state is involved. I want to take this opportunity to create a solution that mitigates this issue. This will be my new project, I will share more details soon. nostr:nevent1qqs9m5n39v9rv999hqejgxkrcyuh9tt8sky3ltljhegvqsfsa3myzqqpz4mhxue69uhkummnw3ezummcw3ezuer9wchsygxx7urh795e65x0j25k22l7hlavqh7xss4eacu3pzwetxu26h2gl5psgqqqqqqs9tpxnq

Kind of why I'm pushing for Nomen, but people generally shoot it down for (gist quotes) "it's hard / we can make people move to this" or nostr peeps "it isn't scalable" https://habla.news/freakoverse/1691481265480

That's an interesting one. Will research it. Will see if I can hopefully bring development of Nomen back to life. Issue was no client gave it a chance for some reason (perhaps I'll figure out why if I do, but will attempt at least). With that said, would be neat if both of these solutions combine somehow

Main issue was that fiatjaf and semisol were against it. So it had no real chance. For a project to be successful you need everything to go right. And with powerful people against you, it is likely to not a productive use of time. To bring it back you would need to write and put online the indexer. However the schema that is used to create the rules needs to be managed responsibility by someone who has the time. That's another challenge. What's good about #pubky is that its already a working system with millions of nodes. So hard for it to fail. There would need to be a tie-breaker system that ties names to pubkeys. There's emerged new ecosystems for that now, namely runes, or my soft-fork #glyphs. For me it just needs to be fair.

Ya that's what I noticed too. When I mentioned I'd see if I can bring it back to life is by implementing it, to be the first nostr client to implement seriously, hit up the creator to soft get back into it as a result and help a bit with financial burned as well as help with designs, and depending on the success of my client it would bring attention to Nomen in the scene (both positive and negative since it got shot down), then hopefully we'd see if it'd properly live or not. How I see Nomen is just that, a simple name indexer with an end user cost of cheap to expensive depending on traffic, and I wouldn't want control of who takes names and wouldn't want expirations on names either (if someone took google, and the actual company wants the name but aren't successful in buying it off the person, then their name would be google:1 or google:2, depending on when they got the name). Of course it'd also be used as a handle for nostr users. In regards to how people would check for names, well, a lot of people are already running Bitcoin full nodes, so a one time scan then keeping it running along with the node would be it. Sites/apps would link to such scanners to fetch names and that's it. One question I had in mind though, regarding pubky, is why another keypairs? Couldn't it be built on top of nostr and use it's keys?

One thing that will always be needed is pubkey.nostr as a domain. Because only one privkey controls, or can control, that record then getting a DNS doesnt matter too much where you get it from. Pubky are making proper eco system for this including 10 million Mainline nodes, so it truly is censorship resistant, rather than the small nostr public relay network. See also https://dnstr.org/ Main problem is that it's hard to get anything at all through nostr right now. So it's a dead end for most innovation. Attaching names to a pubkey is a two step process because more than one one pubky can claim a short name, you need a tie-breaker. But it's no good some small tie-breaker system that no one has heard of. For it to be fair it has to be well publicized and a level playing field, with some cost to getting names. Running a node and an indexer is one step (tho no one has done that right now) plus getting a good domain, then you have to publicize it, and then you need to ensure the rules are fair and stable. It becomes such a huge task, and with people against it, very little chance of success. As other solutions have emerged from other eco systems, it seems the path of least resistance to use them rather than to do it all yourself in an adversarial env.

Brainstorming! Objectives: Reduce dependency on traditional domains across my Nostr web app. Why: Traditional domains are centralized and controlled by governments. Not ideal for freedom tools/apps. Idea: Create a lightweight static website called "NostrHub," which will serve as a quick-access hub to all my other Nostr web apps. Plan: 1. First Step: Host the lightweight NostrHub website on Nostr relays and IPFS, making it accessible through TOR, IPFS gateways, Freenet, and other decentralized storage or P2P access options. 2. Second Step (my favorite, though a bit unorthodox): Convert the NostrHub website/code into an offline bundle that can be shared as a zip file. When unzipped and clicked, this bundle will open the NostrHub page in your browser, running locally without relying on domains or web hosting—essentially self-hosted. The offline website bundle also addresses a more fundamental issue with the web ecosystem. Unlike traditional websites, offline bundled sites can’t be unilaterally changed or modified by the developer, making them trustless and truly giving users full control over the website, its code, and any updates. This approach will eliminate the single point of failure posed by centralized domains, make all apps easily accessible, and provide users with a more private way to access them. This is a rough outline. Suggestions for improvements are welcome! nostr:nevent1qqszsed8nghq3u57vx0zpwsvs3ujvjw2f3vxgjnnq2cw83l26tp7acqpzamhxue69uhhyetvv9ujuvrcvd5xzapwvdhk6tczyrr0wpmlz6va2r8e92t990ltl7kqtlrgg2u7uwgs38v4nw9dt4y06qcyqqqqqqggkx6kh

So far Achieved: Unified dashboard for all my Nostr apps. In progress: Reducing domain dependency. Added: Quick shortcuts for Nostr backups, publishing notes & blogs, and accessing zPay.live purchases. https://i.imgur.com/IM1pndI.jpeg nostr:nevent1qqs8lfvqnz54qw86akqmgczappdurlcqmvsf7sd8d8usvzcgncssxegpzpmhxue69uhk2tnwdaejumr0dshsygxx7urh795e65x0j25k22l7hlavqh7xss4eacu3pzwetxu26h2gl5psgqqqqqqssm96qf

When Semisol says all websites are insecure and can be backdoored by a developer unilaterally at will, he's absolutely correct. But it doesn’t have to be this way. Here's how I'm addressing it with NostrHub: By bundling my website with its code and turning it into a single executable file, when the file is clicked, it opens the NostrHub page in your browser. The key part: instead of using my server, hosting, and domain, it uses your NostrHub bundle and runs locally on your device, no server or setup required. Think of it like self-hosting on steroids. Once you download the website bundle, the developer has no further control over it. The user truly has full control, which is extremely rare on the web. Even if the developer is compromised, no backdoors can be added. To update, you simply download the updated bundle and replace the previous one. This approach may not sound flashy, but it genuinely addresses a fundamental issue with the web as a whole. nostr:nevent1qqsdqe0235323pyjj9pkngvsaeevrpazfctqk03jjnttxme5agf98esprpmhxue69uhhyetvv9ujuumfv9khxarj9e3k7mf0qgsvdac80utfn4gvly4fv54la0l6cp0udpptnm3ezzyajkdc44w53lgrqsqqqqqpca83xd

No telling what these devs are building ne.. nostr:nevent1qqsdqe0235323pyjj9pkngvsaeevrpazfctqk03jjnttxme5agf98espz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygxx7urh795e65x0j25k22l7hlavqh7xss4eacu3pzwetxu26h2gl5psgqqqqqqs22vcu9

The first prototype of zap.store ever featured something like this, @hzrd149 packaged the nostrudel PWA into a .pwa file that we assigned the application/pwa+zip mime type to (offline bundle). This "pwa" would then be deployed and served locally. Plan to put that back! Maybe we can work on an interoperable standard?

Sure, is there any functional implementation of this standard at the moment? Btw nostrudel is a highly capable PWA client, it could really play a very significant role in the Nostr web app ecosystem, especially micro-apps.

Thanks, I think this might be it. I tested some other Nostr web hostings, & this one is by far the best. It's super straightforward & effectively mitigates the fundamental issues. Interestingly, I was open to all types of options, even outside Nostr. I tested dozens so far, and Nostr is literally the best option I've found. We really might be onto something. Demo: https://nostr.download/d025c2ee6291ccf396c8d01582b6d700c41e20b53552d06b7fefb86aae6c81d7

Seems like pkdns relies on mainline DHT for censorship resistance. What are the censorship resistant properties of mainline DHT? It also requires users to use a particular DNS resolver, so it won't serve my website to 99% of internet users who don't know how / will never change their DNS resolvers. But we gotta start somewhere, and I'm not sure any other solution is any better place to start. Maybe if this or another decentralized system takes off, major DNS servers will start to support it and it'll become more usable. It bothers me that we have this beautifully censorship resistant thing, the bitcoin blockchain, and we still haven't figured out how to leverage that to get us out of the quagmire of centralized power that is ICANN/DNS. I know about nomen but it suffers from the same usability / specialized DNS resolver issue, among potentially other issues. Is there any way to bridge the gap so that the existing system of DNS resolvers will work on whatever the new namespace is? Until owen.bitcoin resolves automatically on my grandma's PC, without any special configuration, I think we're gonna keep failing to take off. If we can solve that, there are probably a half dozen decent decentralized solutions to do the rest.

This week on #nostr. @Vitor Pamplona wrote a piece on relay management nostr:naddr1qvzqqqr4gupzq3svyhng9ld8sv44950j957j9vchdktj7cxumsep9mvvjthc2pjuqythwumn8ghj7anfw3hhytnwdaehgu339e3k7mf0qy88wumn8ghj7mn0wvhxcmmv9uqqkun9d3shjttnv4682uqzpvyjz #AlbyGo 1.7 dropped nostr:nevent1qvzqqqqqqypzpaxm2fctmxgmz7l2reksxh69mm3e9yvu99r5hwkpqdpdyg78fcxsqyghwumn8ghj7mn0wd68ytnhd9hx2tcpr9mhxue69uhhqmr9vfhkuefwdehhxarjxyhxxmmd9uqzqv8fjxrxy05khyxfwsz7t4lc07ywg99wyc9en8mvc3w2v0dhtknkag7kgv #Yakihonne introduces smart widgets with 2.0. @Derek Ross instantly jumped on it. nostr:nevent1qvzqqqqqqypzq0mhp4ja8fmy48zuk5p6uy37vtk8tx9dqdwcxm32sy8nsaa8gkeyqqsv74nqt80s36u8h7n00zyfx9efuqmg7240qq40fyfk8n6tu4x7ksgvdf4yg @The Nostr Review got some stats for us. nostr:nevent1qvzqqqqqqypzqavxnnavfdqnx0p29h8vxtstenmds0wy5n0etkm6fs7sjdmgrxv8qqs2lx9kv9cf5fzg4ct3u86mr5k8fcucw75u0p08z45hkfxp3q39uxcv0fjpx #YakiHonne 2.0 is live nostr:nevent1qvzqqqqqqypzqgycd7urua6ajmgc3jjunhcseekkz0swkljhdzs0pvftxlx6cgdnqqstx408pfrueymeufqu3mk59g0q6ruxtykxr4dkg24zau2pm9ywexsrd045t @utxo the webmaster 🧑‍💻 announces Haven 1.0 nostr:nevent1qvzqqqqqqypzpckv7l8jqspl8u4y54dn9rcduwlrs4v2040nxce0m2h0cunvrj8tqqsqqqp4xn5xl46mfvr6sj6ddjpmgdwt2yln5rwge85za0urckn7kqqwgmcup @iefan 🕊️ with a NostrHub update nostr:nevent1qvzqqqqqqypzp3hhqal3dxw4pnuj49jjhl4lltq9l35y9w0w8yggnk2ehzk46j8aqqsdqe0235323pyjj9pkngvsaeevrpazfctqk03jjnttxme5agf98es6mv8fc #BTCPay 2.0 has landed nostr:nevent1qvzqqqqqqypzpffk4v0h70qpxwa2m005w2c6c7k5ka6w6sevrxyjssvn2unc309qqqswn7777tyj706e2zh7jg0puls67tydarugyr48yrjmaudhtw5jrdgu7prcn @walker goes all-in on #zapstream with the Bitcoin Podcast. nostr:nevent1qvzqqqqqqypzq7q8pqp9qg6mz0y0keaw4u6q7fxr8pzmy3cw0hw8asx5psqxsfj9qqsvmcu7zqlhwzajdv880lr20g6ykdueqy83vrgytjfqchyx5923jlcm9rk8g @Alex Gleason 🐍🚬 is working on a new r3emote signer and nsec bunker nostr:nevent1qvzqqqqqqypzqprpljlvcnpnw3pejvkkhrc3y6wvmd7vjuad0fg2ud3dky66gaxaqqs86zudq30r63ty7tft8vna94ufu85jtjsw5cafntwkdla8dzs67vqafy655 Multi-million dollar NGO planning to use GrapheneOS nostr:nevent1qvzqqqqqqypzpwvda4xw463q0yxmev7rzsqxjgqf6dx8lxf8c2rgxk5ekayp5hpzqqsdmjfz308yxqgywjvjns3lrh0n8dkkx5xwq5ha92xz65kuzhqyfeqfrv25d @MeA_BzZz talking about using nostr in Surianame nostr:nevent1qvzqqqqqqypzq0nwqu6m3ghfd7x0vclkf5zth882jvd0e3tl2snuxkaksk0ftj9zqqs2axt6z58ta763qr8s2rrw2k2ymfzw8ayqqt5p5sy3pyux73trvpgzd0zpd Amazing drone show in Lugano. nostr:nevent1qvzqqqqqqypzpeq5d5whlvhh7mnt83ueat4t5mm5gm7j3n82ykfxw89j8xsn7nvpqqsrwqtud25q64hme6r9ng7kzknutqcg8peg2rs7l55gyglpd4hawyghh057q #Coracle security issue, reported fixed by @hodlbod nostr:nevent1qvzqqqqqqypzp978pfzrv6n9xhq5tvenl9e74pklmskh4xw6vxxyp3j8qkke3cezqqsrz6g5ds3dfht4a6zgdt7k593ujhnrz4njn6mke2fmpwxjc3sgafcd2e3vt @YEGHRO pushed an update to his inactive user tool. It now has bling! nostr:nevent1qvzqqqqqqypzp7ppz7dat453ccd5x43nvwy2mtwresfsfay7wudg0sudulk5l5pzqqsdqlps3mw94507ttgajfghcfdhawvryuvez2jztnjwwx8575eyt7cn5hh8w @fiatjaf merged something into #nostter nostr:nevent1qvzqqqqqqypzqwlsccluhy6xxsr6l9a9uhhxf75g85g8a709tprjcn4e42h053vaqqsqqq84rcushjlhfkpg8xfve83fqpdccly46nmgncl4xncjkx73m3q8nwa8h /thread, Happy Weekend

Hi Connect to me via SimpleX Chat https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FZKe4uxF4Z_aLJJOEsC-Y6hSkXgQS5-oc442JQGkyP8M%3D%40smp17.simplex.im%2FGURI7tP4afExB-87ZpAQViqh3dnT87ia%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAT8NmXPElFRftWJE-Y9p4joK98e-kk6dV0tJNN0frDjM%253D%26srv%3Dogtwfxyi3h2h5weftjjpjmxclhb5ugufa5rcyrmg7j4xlch7qsr5nuqd.onion