What missing documentation do you think should be added to https://docs.soapbox.pub/ditto/ ?
As for custodial login, apart from the UX/freedom concerns I have with it, it's a huge liability on the server owner to store potentially thousands of keys... one breach to the server would permanently compromise potentially thousands of accounts. This would paint a huge target on Ditto servers. Right now Ditto is the most secure piece of complex software I've ever build because there's nothing to hack.
I get that there are issues with the keypair flow. Believe me, it's a big problem in my mind. Adoption is hindered by it. But this is Nostr. Keys are the entire point. We have to convince users that they want to manage their own key.
The issue I faced yesterday was the readme didn’t outline how to evoke deno tasks and what’s involved with doing tasks for updating and managing a ditto instance.
Looking at the docs they’ve improved but the readme is still terrible.
I tried to use nsec.app as an nsec bunker to login, and that didn’t work. Happy to provide more details out of band.
By "readme" you mean this?
https://gitlab.com/soapbox-pub/ditto/-/blob/main/README.md?ref_type=heads
Yeah, because that’s the docs that get installed when you install the app… Personally I feel like the readme should give me an outline for what to do when I’m on the commandline on on the server.
Also the docs assume a lot of knowledge. Like, how does the user management work in Ditto? How do I add users… how do I do things like moderate content. I THINK I add users by overwriting their nip-05 so it uses the ditto domain… is that the only way? What happens if I choose the dittio nip-05 and then switch to something else?
Oddbean new post about login | logout