In its early days nostr was a simple 2 page spec that worked.  Develoeprs were attracted to it because they could go away in a weekend and build a relay or client.  It has got way more complex over time.  And what could come next (negentropy) is a complexity bomb that may shorten its runway.  Pubky talk about a "complexity budget" and they are careful to manage that.  It's a good approach, and learning lots of lessons.  I really hope there is a project where devs can build on simple concepts in a permissionless environment, and let 1000 flowers bloom.  It is much needed! 

 our repo has an authorization example with a hidden web component in it. once we have a good app for users to hold their keys in, any developer can drop this web component and magically get scoped authorization from users, then basically every app on Solid and RemoteStorage can be forked for pubky