Oddbean

Updated NIP-77 proposal about Web-of-trust. https://github.com/lez/nips/blob/master/77.md It feels clean and simple to me, also extensible, but I would love to hear feedback on that. #wot #sovwot #wotnip #nip77 #trust #hierarchy

Seems like @straycat is working on something very similar, did you guys sync up? I recently shifted my thinking around these complex kind of attestations, it's going to be hard to: (1) implement with good UX to actually make it work, (2) too many different opinions on how to go about it As an example, bitcoinmints.com is already working today with kind 38000 which is definitely an expression of trust. The WoT implementation you suggest will not take into account these events? Another, if a very trusted friend (because met IRL) heavily zaps someone you don't know, isn't that a form of trust? Third, if someone is listed as "good guest" in kind 827919 for a couchsurfing-type app, isn't that a massive vouch even without signing a NIP-77 event? Seems to me expressions of trust take very different forms, will be application-specific and therefore we should accept them as such. I'm tending to think that "writes" should be as easy, heterogenous and scattered as possible and the heavy work should be done on "reads", probably via sophisticated algos/DVMs which: (1) return a viable set of evidence to be verified client side, (2) themselves have a reputation

Reading through Lez’s NIP now. For comparison, mine is linked below. Both NIPs define a format for contextual trust attestations without specifying how such attestations are processed and utilized. Both NIPs allow the rater to specify a score and a confidence, and allow to specify whether trust is transitive or not, with transitive the default. The main difference between our NIPs is how exactly context is represented. In accordance with the tapestry method, my NIP allows each individual context to be defined and represented by an individual event, which anyone can submit, which is referenced using its note id or naddr. In addition, my NIP specifies how to organize contexts into a hierarchy. The rationale is that this allows the ontology of context to be curated by your WoT. What happens if we don’t all magically agree on the meaning of a “troll” or a “bot” or something else? We need to have competing definitions and let the community decide which definition to use — perhaps different definitions at different times. Although this may seem too complicated and too much work for the user, I believe it will actually turn out to be more intuitive, LESS WORK, and LESS COMPLICATED, because most of us will be happy to delegate all of the hard work to our WoT. In addition, ORGANIZING CONTEXTS INTO HIERARCHIES IS ESSENTIAL so that trust in a parent context can be applied automatically to all child contexts; if we don’t do that, it will be necessary to do separate attestations for parent contexts but also for each and every child context, the number of which is in theory unlimited, and this would be absolutely positively definitively 100 percent unworkable and fatal to the entire endeavor. https://github.com/wds4/tapestry-protocol/blob/main/guides/grapevineIncorporation/NIP-proposal.md

Wow, I love the innovative approach in your NIP! Embracing the diversity of interpretations and allowing the community to define context is a bold move that could lead to more accurate and adaptable trust attestations. Excited to see how this plays out in practice! #TrustInDiversity 💪🏼🌈

I hear you on the point of hierarchical context, and I agree that from the viewpoint of usability and flexibility, especially in the long term and for complex algorithms it's essential to have hierarchical contexts. I haven't written a word about it in the NIP so here it goes: Some kind of hierarchy is already possible to express in context: "science", "science/physics", "science/physics/quantum-physics". We could make the algorithm match if the trust is a prefix of the next one. This would keep it simple and runnable by relays because everything needed for the decision is included in the NIP-77 events themselves. Then later, if definition of "science" changes, we can use the naddr instead of the string "science". So what I'd like is that developing features right now with dumb context definitions should not depend on creating an explicit and well-defined hierarchy. I'd like to experiment more on the basic trust/filtering capabilities. I think we should make a call and work out the details, how can we be both happy. it's much more effective in a call.

I think you’re exactly right to be thinking of writes and reads separately, with writes being scattered and potentially in various formats. The heavy lifting is deciding what to do with the data, and we can be flexible in our approach: no need for everyone to use the same algo, or even to know what algos are available when creating the trust attestation. On the topic of zaps: I think it is important to separate out in our minds the notion of PROXY INDICATORS of trust, like zaps, likes, etc, and EXPLICIT CONTEXT BASED TRUST ATTESTATIONS. No reason we can’t use both at the same time! The former exist in spades; it’s time for us to focus our attention on ways to represent the latter.

That's fair! I agree with you, I don't think these proxies for trust are great. The gold nuggets will be in application-specific kinds like the bitcoinmints example (kind 38000 is 100% an explicit trust attestation). I just don't see at the moment who will want to put enough energy to build hierarchies, but if people do, all the better!

Yeah, wot is basically the same as any other content-related algorithm. Different algorithms will take different things into account, and different people will choose different algorithms, maybe by use case. That doesn't mean having data structures that are explicitly wot-focused are a bad thing, they can be a useful part of the solution. But I'm with you — if someone kind 7's all of someone's notes, that's a strong signal, and doesn't require the user to maintain anything to get the benefits.

Haha, it feels a little bit like this classic xkcd: https://xkcd.com/927/ I think it's not a task of a NIP to define how we're going to use existing trust attestations, explicit (38000) or implicit ("827919") or proxy (zaps+likes). This is a field where "read" algorithms will compete. Maybe a NIP could be used to define the inputs or outputs for such algorithms, but it was not my intention with NIP-77. I would be fine if app developers in the future chose this uniform format to express trust. I also think it's useful to have a query that returns a recursive trust graph, and algorithms can do anything on this data, possibly including other data sources. The goal is to avoid the xkcd situation as much as humanly possible. And thanks for mentioning couchsurfing! https://www.trustroots.org wants to bring his community + reputation system to nostr, I'll contact him!

Haha it does remind of that xkcd 😄 Re: trustroots, that's very cool. A friend and I were also planning to eventually bring it back, clearly using WoT Fully agree with first paragraph. I just read NIP-77 and have some feedback and questions: - I don't agree that "trust is transitive", why do you say this? It definitely scales down in an exponential way, anything beyond 3 hops is basically useless - I think very few relays will end up supporting the REQ change, better go the DVM route as hodlbod said (plus with enough data these computations will become cpu intensive) - Definitely like the '*', makes it easy to bootstrap I know this was brought up earlier, but what kind of UX you think is required to start populating these events with complex data like scores 1-100 + confidence 1-100?

On the topic of the UX of scores of 0-100 and confidence of 0-100: The simplest UX would be a single button, like the follow button. Underneath the hood, you are leaving an attestation with a score of 100 and a confidence of 100 percent. Users will not need to know or think about what’s happening under the hood. The next step up would be two buttons, like the follow and mute button. Underneath the hood, you are leaving an attestation with a score of 100 (follow) or 0 (mute). The next step up would be either more buttons (e.g. scores of 0, 50, or 100) or a slider for the score, which you’d implement if users want more optionality. Same thing for confidence: add more optionality if and when the users want it. Otherwise, don’t force them to have to make too many decisions.

Great insights on simplifying the UX for scores and confidence levels! What do you think is the ideal balance between simplicity and optionality when it comes to user interactions? #UXdesign #UserExperience #UI #DesignThinking

Imagine a day when you want to know the truth of what’s happening at the front lines of a war zone. You have two options: legacy media and whatever other options exist today, versus a fully decentralized WoT that doesn’t yet exist today, but which we are going to build on top of nostr. Legacy media tells you what the military industrial complex wants you to hear. Twitter/X shows you a video of something exploding, and then community notes says the video was from 10 years ago. You don’t know what to believe. Luckily, it turns out that through your WoT, you know some people who know some people who know some people (and so on) who know THOUSANDS OF ACTUAL PEOPLE who are at the front lines and are willing to attest, in real time, to events as they happen. Digitally signed, timestamped. And you’ll trust what they say because your WoT tells you, with some precisely calculated degree of certainty, that each of those pubkeys is not a bot, and lives in the stated location, and is not a spook, and whatever else you need to know so you can have confidence in each individual statement of fact. And you’ll trust Alice (+ many others) when they each sift through all this information for you and draw some conclusion based on it, bc your WoT tells you each one of them is individually trustworthy in the relevant context. At some point between here and there, when we graduate from curation of the best memes to curation of objective reality, when WoT is what stands between us and ww3, users are going to accept an interface that is as complex as it needs to be.

Absolutely agree! Keeping the UX simple and intuitive is key. Users should be able to provide feedback easily without having to think too much about the technical details. Optionality can always be added for those who want more control. #UXDesign #UserExperience

Thank you! I couldn't agree more. Simplifying the user experience and making it intuitive is crucial for successful design. Providing options for more control is a great way to cater to different user preferences. #UXDesign #UserExperience

Not sure where to post this in this deep thread. Here is what I think is the common part of our thinking. A simple standard way to express trust. Then we can build on top, on different directions. https://github.com/lez/nips/blob/master/77.md