Oddbean new post about | logout
 But how do you keep it to the community / private group that you run the mint for? 

That's what I don't grasp yet. I want to run it as a Community Bank. 
But if I ask for authentication, I'm a privacy honey pot etc... 

How does this compare to running Alby Hub?  
 thats the thing, it requires you to already have a lightning node.. after which it's very easy to install this in addition. 
 So let's say: 
- I set up a group chat for my normie friends (Uncle Jimming a relay+blossom server for them). 
- I run a lightning node (Alby Hub style) 
- I run a #cashu mint on top of it

How do I now: 
1. only let that private group use the mint?
2. maximize privacy?

Is there some kind of "Proof Of Group Member" that they can share?
Is there a way for me to run the mint in "Blind Mode" or something (and prove it to them!)? 
 id be interested to know this too 
 nostr:nprofile1qqs2js6wu9j76qdjs6lvlsnhrmchqhf4xlg9rvu89zyf3nqq6hygt0spz9mhxue69uhkummnw3ezuamfdejj7qghwaehxw309aex2mrp0yhxummnw3ezucnpdejz7qg4waehxw309aex2mrp0yhxgctdw4eju6t09uygje4n and I (and others) talked about this idea at NostRiga.

Proof of membership. There is a public member list (in this case that's the relay-based-community list) and you want to prove your npub is part of that list without revealing to the verifier which npub u are.

There is a way to do it by using zero-knowledge sets, however my understanding is limited. It should be similar to (and simpler than?) the work nostr:nprofile1qqsxwkuyle67y94tj378gw8w2xw2wa6nwmwlqhddlwnz0z7sztsaw2qppemhxue69uhkummn9ekx7mp0su9alh is doing (tldr; prove that I own UTXOs that exceed the value of X sats, without revealing with ones) 
 @pippellia I need that "Proof Of Group Member" we talked about, again 😏 
 yeah, this idea is super interesting in this context.  
 If I get it right, the incentives around #cashu make small Uncle Jim mints the most likely because:
- Big mints are rug factories and are easier to jail
- Spreading your money over dozens of mints is terrible UX, despite whatever cool multi-nut cypherpunk stuff you come up with to make it work technically

And honestly, I'm fine with that. I'm just not clear yet on how that would work, since I would very much like to run my "College Friends" mint **for** my college friends, not for whoever. 
nostr:nevent1qvzqqqqqqypzp22rfmsktmgpk2rtan7zwu00zuzax5maq5dnsu5g3xxvqr2u3pd7qyt8wumn8ghj7mnfv4kzumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qpq8jxdw9kulux9lfa0tdg0tnp87cgzdv9uv6sq4k7f2z5khec9g4mqe2ytv9 
 I'm working on it! https://sovereign.app/

We need auth in the cashu protocol, which we are working on now, to ensure only the people you want to use your mint can use it. 
 cool! Is the auth private, or do I need to sign something with a whitelisted npub? 
 It’s open; anyone can sign up! The app also lets you create a new nostr profile if you want to test it with something not connected to your main nsec. 
 Ooh 👀
Yes, auth seems to be the most straight forward solution indeed.
But as the mint custodian I'd like to be as blind as possible to who is spending what, when. 
 Good news. We’re working on a blind auth scheme. More details will be released soon. 🙂 
 Awesome! Excited to see this! 
 Yes, that sounds exactly like what I need! 
Please, keep me posted sir 🙏 . 
 Is blind auth already a thing somewhere else?
I found this: https://blog.mutinywallet.com/blinded-authentication/

Also, could it apply to Relays (and other services) too?  
 This made my day sir, btw. 

Finally feel confident enough to design for this.  
 Why exactly is multi mint a terrible UX? 
 You add a bunch of actions and trust assumptions the user has to perform fir each mint. 

If you ignore those or delegate them to other people (or mint packs or sth) you might as well just use one mint.  
 fair. It should be automagic like auto-selecting the first 20 mint based on their reputation to you, but yeah, reputation here should not be follows.

follows filter spam, which is the first step, but then you need something else. Like reviews! 🤣 
 You don't need reviews if people literally publicly state what mints they use. Can't get any more "Action > Words" than that 😂 .

But then you still have to determine **who** to look at for the reputable mints. Letting an algo automagically compute that for you (even based on your network) gets us in the same positive feedback loop we see with large npubs now. And please, oh please, let's not kid ourselves that Trending Mints are somehow a good idea. 

In the end, you a need a quick way to combo-filter for Npubs that: 
1️⃣  You know (i.e. part of your network)
2️⃣  Take responsibility 

Communities help with both. 
- They help determine what your network is.
- Admins are the obvious first npubs to look for when it comes to who's capable and willing to lead/run things like groups, relays, servers, mints, ... 
 I am trying to abstract away all that complexity away with #safebox. The user only cares about a balance that has immediate liquidity. Underneath the hood, #safebox swaps between multiple mints. In future, I want to use a rating service to automatically choose the best mint, or swap if a rating gets below a threshold. 
 > a rating service to automatically choose the best mint

Everyone in the #cashu space keeps saying this, but how does that play out UX-wise? It's easy to get excited about "Hooray, it's technically possible to do multinut magic at lightspeed!", it's quite a different thing to define/discover/use those "best mint(s)". 

The state of the art is literally asking users to leave their wallet-app to go and rate mints on another random web-app 🤦‍♂️ .  
 Dunno. I am seeing mints as a routing service. I don’t ask the internet to route my packets, it just happens. I see the same thing for routing sats. As for UX, I see the user being not aware, nor caring what mints they use. 
 Users will only care about sending sats between email address formats. Under the hood, it can resolved as lud16 or nip05 and the appropriate transfer is invoke - lightning for lud16 and Cashu for nip05. The user won’t care. 
 A routing service to where? 
Their custodial LN balance?  
 Could be anywhere. Right now I am experimenting where I am sending to an address that immediately swaps to my on chain address. 
 On chain!?

Why would I not prefer to keep my nuts, as nuts, with a mint that I run with (or is run by) my homies?  
 There is a nip for which mints you recommend, but not one for which mint you use (which has many privacy implications)

There is a danger of feedback loop, yes, however keep in mind that your trending mints are going to be different, and possibly very different from mines, because it's personalised!

I agree community helps with these things, totally.

Another aspect to consider is that in the future reputation is going to become much more important, so who you give your attention to or who you recommend is going to be used to judge you. Trending towards anarchy requires personal responsibility and stricter societal norms, so I agree with you pointing out these problems, but I think they will become smaller in the future (still a lot of work to solve them in a convincing way) 
 > your trending mints are going to be different, and possibly very different from mines, because it's personalised!

Why? I don't see much proof of this. 

1. Mints are very different from content, relays, niche services, ... Unlike with those, there's very little design space for them to be anything else than a commodity.

2. Without the mint auth'ing you (and thus turning it into a bi-directional relationship), what's stopping most users from just going with the fastest, cheapest, hardest one? What exactly breaks that centralizing feedback loop? 
Hard-coding apps to stay away from mints that have over XXX reserves? 
Then you probably end up with the same centralization, just more hidden across "different" mints. 

3. Me and you using the same mint is the cheapest, most friction-less option. Scale that to all the other profiles in our networks and the incentives are there for us all to use the same mint. 
This is why I'm interested in solutions that by default limit a mint's scope to groups of people explicitly trusting each other in some way. 
I don't see many other decentralizing forces besides that.   
 I think mints are similar to relays. Using few big relays is fastest, and if we all do it there is very low probability of missing some posts.

Same with mints, if we use few big ones it's fastest and we have lower fees (as most transactions would be intra-mint).

However, if we look at the current distribution of users per relay it's pretty good (plot from nostr.band)

Why is that?
The advantage of using multiple relays is lower probability of censorship.

Similarly, the advantage of using multiple mints is lower probability of rugs. Also, with mints there is an anti-centralisation influence, because you don't want to use the biggest mints as there is more chance of big rugs from the gov or hacks.

So I would say there is decent evidence that the distribution of mints will be more flat than that of relays.
 https://image.nostr.build/9e05dbd414118bb74e9b0d1e43bd8cffede8db74bf0649350081f64bc5de725b.jpg 
 a post on potential user-per-mints distribution

nostr:nevent1qqs0dkg6hn3tl9lnkgwdqrnyqxlte7ncf30kulelusqk5tzz0qr8h7gpzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtczyrmg86rsxhm66n6yuzuce77e2dlpv326jtxn3nhufje3md640a00yqcyqqqqqqgwyvnch 
 Surely using multiple mints is a *higher* probability of getting rugged.  Just you wont lose everything (hopefully!). 
 yeah sorry, lower expected rugged value 
 > the advantage of using multiple mints is lower probability of rugs

Why? 

I get the part that only 20% of your nuts got stolen if you have 5 mints and 1 of them rugs. 
But what do you do after that happens? 
Add a new commodity mint that can do the same exact thing?   
Add 10 more mints you don't know anything about?
Spend significant time comparing and picking mints, that all are still incentivized to rug you? 

Who does any of that after being robbed?  
 If big mints get jailed, the incentive to run a small one goes down, I think.