Oddbean new post about | logout
 i can only speculate that nostr.wine accepts posts signed by paid users by default no matter where they came from, and that they are not already existing in the database 
 @hzrd149 @Mazin  question: nostrudel doesn't support my relay in development when it has auth-required in the limitation field of NIP-11 but it does work with nostr.land and nostr.wine - either of you two have any tips on how i get my relay to cooperate properly there? 
 Not me 🤷‍♂️ 
 what relay are you running nostr.wine on? so i can try and figure out why it makes nostrudel do auth... i'm guessing maybe it's a NIP-11 thing, and i thought i'd implemented it but maybe i haven't i mean, if it's vanilla i suppose the relay info page will show 
 it only gives info about it being 0.3.1 what? no software field filled in in the NIP-11 
 doesn't say it's strfry, is it the rust one? 
 The backend is strfry but we run our own custom proxy socket in front for AUTH and account management (not open source). 
 ah, and here we see more reasons why this hasn't become widely supported

thanks 
 i won't be renewing my nostr.wine subscription or recommending it anymore until i hear you open sourced this sprocket

i can't believe what i'm reading rn 
 I don't understand what I'm reading, TBH. What are they doing and why is it not ideal? 
 you know about the direct message metadata leak problem right?

we are so far away from having this solved while people are keeping necessary NIP-42 implementations under wraps

it's short term thinking about their own gain and zero thought about the bigger picture for the protocol and its future, completely unnecessary, there really isn't that many competitors out there and this kind of short cut to keeping them out is contrary to everything this stuff is supposed to be about 
 NIP-42 shouldn't only be a gate to paid access it should also gate access to DMs and application specific data 
 So, you're saying that the implementations are too narrow in scope? 
 i'm saying that it's an elephant in the room - free speech is fine but a reasonable layer of protection against access to privileged data - we here see a prisoner's dilemma that nobody wants to take the cost (a few days effort) to solve, which is abombinable 
 I think this won't change, until more people use SDKs.  Everyone will just build the absolute minimum they need. The correct model is for them to only implement the minimum they need from the core library.