Oddbean

It's best if they can be introduced by someone, or get noticed by zapping. Secondarily, messages from users who have a nip05 from a bot-resistant provider like iris.to, or provided a sufficient proof-of-work, could be scored higher, at least within the "messages from unknown users" pool.

Based on user research we did last week on onboarding, there are a lot of active Nostr users without NIP05s. Some still don’t know what those are for. Everyone might want to make this a lower ranked criteria until that’s sorted. I realize publicly explaining how you are defining POW is likely not the best idea, however I hope there are options for recognizing legit users vs spam bots when it comes to new accounts.

I was thinking about bitcoin mining style PoW which some have suggested, but actually I'm concerned it might hinder normal users more than spammers. There was a PoW-based anonymous reddit once, but it was filled with spam. https://github.com/notabugio/notabug

This post made think that for those whose goal it is to #growNostr, which is a lot of us on the network, an invite-only system seems to attract interest in new things. It creates like an artificial scarcity and FOMO. It appears this worked well for BlueSky, and I think even Facebook and Gmail accounts did that in the beginning. Since Nostr is already out there, perhaps a new Nostr client, maybe like the one nostr:nprofile1qqsgydql3q4ka27d9wnlrmus4tvkrnc8ftc4h8h5fgyln54gl0a7dgspzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgqg5waehxw309aex2mrp0yhxgctdw4eju6t0qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyfehcpn has teased, might use that strategy and attract a lot of new users with it. Perhaps you could only login to the client or use it if some existing user has invited you (if that is technically possible with Nostr, given interoperability and all). Then you have the start of a web of trust going in and at least one other user to follow. Just a thought. nostr:nevent1qqsfaecdxp68w04hfm6y7llwcl7suk8ulynkynz635pl9a9qywcx3yspzemhxue69uhhyetvv9ujumt0wd68ytnsw43z7q3qg53mukxnjkcmr94fhryzkqutdz2ukq4ks0gvy5af25rgmwsl4ngqxpqqqqqqzutv4n3

I was thinking some kind of invite link with a secret in it that would allow the issuer to auto follow the new user. Kind of a referral link. The new user would publish some kind of message only the issuer could read, and the issuer could listen for that and follow on validation. You might want to make these single use to prevent them being stolen and re-used.

This means that all relays would have to close, preventing new key pair creations that are not by invitation. How would they prevent spurious key pair generations? How would they secure existing keys? How would they segregate misbehaving relays?

Perhaps a client/app could be coded in such a way that you couldn't access it or use it without an invite? I'm not a developer, though I have dabbled in software development. Just throwing out food for thought and perhaps challenges to chew on.

Thanks for the sats! 🙏 nostr:nprofile1qqstnem9g6aqv3tw6vqaneftcj06frns56lj9q470gdww228vysz8hqpz4mhxue69uhk2er9dchxummnw3ezumrpdejqzrthwden5te0dehhxtnvdakqz9rhwden5te0wfjkccte9ejxzmt4wvhxjmcjgxv3n and nostr:nprofile1qqsph3c2q9yt8uckmgelu0yf7glruudvfluesqn7cuftjpwdynm2gygpzfmhxue69uhhwmm59e6hg7r09ehkuegpp4mhxue69uhkummn9ekx7mqprpmhxue69uhhyetvv9ujumn0wdnxcctjv5hxxmmdxz8w7p