Oddbean new post about | logout
Alex Gleason 🐍 | 5 months ago (raw) | root | parent | reply | flag +2 
 Check: https://docs.soapbox.pub/ditto/signing

Ditto is a legacy REST API server similar to Mastodon. In this design, NIP-46 is the most viable way to sign events.

Soapbox (the frontend) has been updated to include a full NIP-46 signer implementation. When you use it, it uses NIP-07 over NIP-46!

This design is actually insane. But it also makes the most sense. The frontend (Soapbox) is not a "Nostr client" at all. It is actually a Mastodon client. The Ditto server is a hybrid Nostr client and relay, and it is actually the Ditto server which publishes your event to other relays.
Alex Gleason 🐍 | 5 months ago (raw) | root | parent | reply | flag +5 
 Also, in the client-server design, normally the frontend has to authorize with the backend to access a protected resource (the database).

On Nostr the database is public. The keys are what's private.

So in Ditto, despite using a traditional client-server design, it is actually the backend which needs to authorize with the frontend to access the keys.

Soapbox (frontend) has security measures and access controls to authorize the backend to use its keys. So the frontend actually grants an access token to the backend in this design.

I believe this is what @hodlbod was trying to say in our call earlier. 😂
tegila | 5 months ago (raw) | root | parent | reply | flag +1 
 Relay owns the content not the content creators
NotBiebs | 5 months ago (raw) | root | parent | reply | flag +4 
 Content creator can run their own relays
tegila | 5 months ago (raw) | root | parent | reply | flag 
 Yeah but they don’t, same as with email. Soon Google take control of everything and we’re left with bad code practices.

Also it’s not a network if you can’t search/discover thru it.
brugeman | 5 months ago (raw) | root | parent | reply | flag 
 Your server is a nip46 client for the nip46 server running inside your client. This is awesome and cool!