Oddbean new post about | logout
 Heh, I applied for a $20k grant to do a proper analysis of Nostr's decentralization on Saturday. Same idea (and similar cost) as my recent L2 Covenants article. Only took them one business day to reject it (took them 6 weeks to reject my grant request to keep OpenTimestamps running).

I'm not surprised. I strongly suspect there isn't much good to say about Nostr's decentralization and I hear OpenSats is funding a bunch of Nostr. Nostr needs a serious redesign.

https://image.nostr.build/53cab3aa2f8099ca6659b9f97648813b6de2eccbd53e4d9ccb9db956d51cbe99.jpg 
 Lol yeah at least for now. There are over a thousand relays. I wonder how many of those are actually getting used regularly. 
 Lots of them, as they're probably local ones, for private use.
 
 Probably multiple times as many relays in active use as nostr.watch displays. Most people don't register them. 
 Nostr.watch actively finds and lists them. Do you have an example of a relay that isn't listed?

Would be cool relays published some usage stats for scrapers like nostr.watch to gather... 
 Some relays are only ws://local, for instance. 
 True.. Does wss://local help with responsiveness?

I should probably set up one of those. My bostr2 bouncer is unresponsive sometimes because it's on a cheap VPS.

Any recommendations for setting local relays? 
 I don't know why they did what they did, but that is I report I would like to see even though I disagree with your general take that Nostr is fundametally centralized. Keep pushing. 
 Peter was very public about seeing serious issues but I haven't seen him consider the outbox model.

I've seen some project - was it some git replacement? - using some DHT to store the outbox relays of users and with TOR in the mix ... how is nostr not decentralized? I don't get the criticism and thus I don't get the need to spend $20k on exploring problems that are not problems yet.

Yes, nostr is dirty and naive in its approach but it still might actually work. 
 That's what I like about it. In theory it sucks, in practice it works. 

It's like e-mail. Super bad idea to do it like it was invented, but we found a way to use it daily and it just works. 

Overengineered designs earn PhDs, but don't have users. 
 Re: the OpenTimestamps grant request, the problem is right now while the protocol scales in theory, the backend does not. It would be quite easy for a bad actor to DoS attack OpenTimestamps out of existence because I simply can't throw servers at the problem: the backend code just doesn't scale.

I need funding to put in a bunch of hours to fix this. So far, no luck in finding that; OpenSats is one of a few sources I've tried.

Frankly, I suspect that there isn't actually much interest in time-stamping.

 
 Ironically this reply guys are a really nice example of a problem with Nostr's decentralization claims...

nostr:nevent1qqswwej6zrtr7au8h5qk3ptuzfeshzvvm6nmqfyg77qpq6utpu7p6rgpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygq3rq8vzf6xwk7xcfmev9trx44yl7jejzvcyty24xqq0rxthyj82upsgqqqqqqszrcew8 
 Do you know of an article that describes the concern you and nostr:nprofile1qqsrhuxx8l9ex335q7he0f09aej04zpazpl0ne2cgukyawd24mayt8gprdmhxue69uhhyetvv9ujuam9wd6x2unwvf6xxtnrdakj7qgnwaehxw309amk7apww468smewdahx2tckuej4c have about nostr's lack of decentralization and what other systems to compare it with that meet the standard you are applying to consider it sufficiently decentralized? 
 who guarantees you're going to get it right this time if you have already proven you suck with the first version? 
 What have you built and gotten perfect from the start lately? But nice roast. 
 what's the estimated time to complete this analysis? 
 To be exact, IIRC I estimated it at 153 billable hours at $150/hr. Billed like lawyers do, with only time spent directly on the task. So for a "days" work that means 4 hours billed like that.

I also offered doing it as a fixed price contract. 
 Wow, it seems like you've had some frustrating experiences with grant applications!

I'm not surprised to hear that Nostr's decentralization might be lacking. It's great that you're willing to dig deeper and analyze the issue.

The image link you provided looks like a screenshot from Nostr, which appears to be a decentralized social network. If OpenSats is funding projects related to Nostr, it's possible that they have a vested interest in promoting its decentralization (or lack thereof).

A redesign of Nostr might be necessary to improve its decentralization and make it more appealing to users who value privacy and security.

It'll be interesting to see if you decide to pursue the analysis despite the rejection. Do you think you'll reapply or consider alternative funding options?

Also, what do you think are some potential issues with Nostr's decentralization? Is it related to its architecture, governance, or something else? 
 Keep pushing. 
 imo opentimestamps is the coolest project built on bitcoin

1000x more important than an "analysis" whatever the heck that even means
  
 They pay sats not dollars? 
 you never fail to be objectionable 
  @pkt Would you be willing to share the full details of the application? Perhaps the basis wasn't very well communicated. 
 I don't have a copy. It's a web form, and OpenSats doesn't give you a copy of what you submitted. 
 That could be an optional flag on their form perhaps: “Email / DM me a copy”, or maybe even “Publish publicly” which allows crowd-funding donations direct to initiatives that the community is genuinely interested in. That would be pretty dang cool, coming from a big ol’ pillar like OpenSats 
 Good idea 
 How does one even measure decentralization? What I love about nostr is the fact that anyone with a source of entropy can have an identity and the fact that one doesn't need a static IP address to be discoverable on the internet (NWS). 

That said, I strongly hope we manage to fund open source development through zaps in future:

nostr:nevent1qqspcwwe3awz8s087jh8v76l9q82h2w43g6e88k2aqssvqp5cvvu5tgprpmhxue69uhkummnw3ezucmgv95k6cfwd9hxvme0qgsxyllxr558rfkrn7df69cshgd3qy0rwev0a4l5sfuq754vpu5spjsrqsqqqqqp9s5k5u

https://youtu.be/JWZPN-SAO3U?feature=shared&t=10m56s 
 There actually are pretty good measures of decentralization. You can look at it as graph and see what failure means (is it scale free?), and many others. 

Choosing the right metric is difficult though. People usually pick the one that says what they want to say. It's been the case with lightning for example. 
 Another problem with measures of decentralization is taking into account the dynamics. That can also be done (in this case fragility analysis).

Yes, most posts are on one relay. The question is what would people do if it fails for some reason. Would they point to Peter's paper and say "haha, he told you so" or would they move on and use things differently, use other relays, mirror content, etc.

Because that's what matters. With Facebook, you can't do that.

I use public relays, but all my notes are backed up and frequently synced to other relays. When people lose their notes, will they perhaps demand a backup/replication service and use more relays? Very probably. And that is what really matters. 
 Not sure if I understand the graph approach. Do you mean somethingike a "Markov Chain" where redundancy leads to a lower probably of failure? 

Yes the metrics are an issue. If someone claims that nostr is a decentralized identity layer, I would strongly agree because it gives anyone with entropy an identity. However, I might disagree with claims that it's a decentralized transport layer because we rely heavily on ICANN and IANA to exchange notes. 
 long answer: 

Complexity: A Guided Tour - Book by Melanie Mitchell

short answer - look up scale free networks

micro answer - yes, one of the properties of decentralization is how it reacts to failure. 

Nostr is not a transport layer, for example I'm working on using Nostr over Reticulum/ LoRA which is a different transport layer yet using the same Nostr protocol. I believe a good question about Nostr decentralization is not about decentralization of TCP/IP, even though it inherits its properties if you use it through this protocol. 

The good question is how resilient the network is against attacks on relays, but you always need to have a dynamic look at things - what will the network do after the attack is as good of a question as what happens immediately after a successful attack. 
 Glad to hear that your working on LoRa for nostr. After struggling to add value to nutband I shifted my attention to OpenWRT and WiFi captive portals that accept Bitcoin. 

I think nostr relays are the perfect glue for various transport solutoons interfaces like LoRa, TCP/IP or ham radio. 
 RFC 1925, 6(a): It is always possible to add another level of indirection.

https://www.rfc-editor.org/rfc/rfc1925 
 Not sure if I understand the graph approach. Do you mean somethingike a "Markov Chain" where redundancy leads to a lower probably of failure? 

Yes the metrics are an issue. If someone claims that nostr is a decentralized identity layer, I would strongly agree because it gives anyone with entropy an identity. However, I might disagree with claims that it's a decentralized transport layer because we rely heavily on ICANN and IANA to exchange notes. 
 long answer: 

Complexity: A Guided Tour - Book by Melanie Mitchell

short answer - look up scale free networks

micro answer - yes, one of the properties of decentralization is how it reacts to failure. 

Nostr is not a transport layer, for example I'm working on using Nostr over Reticulum/ LoRA which is a different transport layer yet using the same Nostr protocol. I believe a good question about Nostr decentralization is not about decentralization of TCP/IP, even though it inherits its properties if you use it through this protocol. 

The good question is how resilient the network is against attacks on relays, but you always need to have a dynamic look at things - what will the network do after the attack is as good of a question as what happens immediately after a successful attack. 
 Glad to hear that your working on LoRa for nostr. After struggling to add value to nutband I shifted my attention to OpenWRT and WiFi captive portals that accept Bitcoin. 

I think nostr relays are the perfect glue for various transport solutoons interfaces like LoRa, TCP/IP or ham radio. 
 RFC 1925, 6(a): It is always possible to add another level of indirection.

https://www.rfc-editor.org/rfc/rfc1925