Oddbean new post about login | logout schematic of how NWS works https://m.primal.net/JUSZ.png nostr:note12vy8lmphxyfd7np7t503k8fzs3em2h6szfwad0fkgr6prjkjuhxsddyprj
this looks more like nostor to me. 🤔 more anon relays will be needed. i am happy to serve until lawyer headaches start 🫡 can i pay lawyers with cashu? 😂
This isn't great for privacy. Tor is much better and safer. What's cool about this is that you can host web applications without a domain or public IP and the fact that clients can use this without additional software if they can talk to nostr, or a simple socks5 proxy if they can't.
Right… with blossom, tho, it’s possible to have static data replicated, tho, right? Doesn’t help with anonymity per se, but does make the data anti-fragile. So if the data in question was executable code - a script maybe - and then paired with a similarly distributed database (like SQLite)… you could have the beginnings of a distributed app. The database just needs to be filled with CRDTs that can be merged however… Yeah… if I’m understanding this correctly, you could use this as an address scheme to a distributed app.
I’m not this smart enough to understand this, please excuse the silly question. What is the benefit of implementing this?
You can host a website or some other low-bandwith service and make it reachable with an npub instead of an IP or DNS.
So a device on a network can be found through an npub instead of an IP? What’s the difference? Isn’t an IP just an arbitrary number anyway? I still don’t think I understand the benefit. Especially since the goal of a key pair is to sign things with the secret key. Are these devices signing data they transmit?
So this is basically Tor over nostr right? But I still don't understand because relays can see the IP in this case only the NWS would than? nostr:note1rs5ey6vmvxtvtrrfa9uwm8m8ywfmpfq5hlngfnr9a6l4fdv746pshnmlfy https://m.primal.net/JVMt.png
I don't fully uderstand the part on the middle of the scheme with those nostr relays, does that mean that each traffic/packet coming from the proxy is "encapsulated" into nostr events that are then read by NWS exit nodes? So basically we have HTTPS traffic into nostr events and then back to HTTPS traffic again?
would caddy/apache/nginx be the reverse proxy in this diagram or would the NWS exit node have the reverse proxy built into it?
yes, a reverse proxy like that can be the "some service" in this diagram and terminate https and pass over to an http backend. that's what's happening in the demo with the mint. there is still the issue of the SNI which needs to be overwritten by the exit node for backends like caddy to accept them. some reverse proxies seem to be fine with it, others aren't.
can someone compare the architecture diagrams of NWS and Tor?
For anyone looking for a comparison to TOR, as far as I understand it: It’s comparable to the TOR hidden services that can be reached by onion addresses. Here we have the nostr npub to address a service. Since both entry and exit node only connect to relays, they are the only part that needs to be publicly reachable. Services can run behind firewalls on machines that are not reachable from the outside. But it’s not like TOR in term of being an anonymous browsing tool for any website. It’s (currently) only for exposing a single service in a censorship resistant way.
great summary plus you can expose already multiple services, not only one
Hey @florian - just a quick follow-up In TOR - both user & server need to opt-in right? I guess just user opt-in also works 🤔 In NWS - only server need to opt-in and clients can directly hit them right? Or is the client opt-in required?
cool nostr:nevent1qqswt09r5mq59nsqv4wj5z0uz756v6mftzph6ycu863qkreyp8wzcdqpremhxue69uhkummnw3ez6ur4vgh8wetvd3hhyer9wghxuet59upzq5xeflpdskqvdq4swxj59793uvdzqzc9pzatjk3nhmcg2h0js8trqvzqqqqqqywzrr4f
At the end bitcoiners will end up laying down intercontinental internet submarine cables, satellite systems and what not. Internet is centralized from the infrastructure layer and Google, Facebook, Amazon, Microsoft and the likes will use their power to surveil, censor and abstract more power.
Is every TCP packet wrapped in its own ephemeral nostr event?
yes
Better to make relays dns/directory for nip19 rather than proxies to http. nostr:note1uk728fkpgt8qqe2a9gylc9af5e4kjkyr05f3c04zpv8jgzwu9s6qpks74v
@keychat client can connect to serve with npub address, not dissclose the IP
So basically Torstr. Can we call it toaster?
hope this helps nostr:note1uk728fkpgt8qqe2a9gylc9af5e4kjkyr05f3c04zpv8jgzwu9s6qpks74v
And I presume dedpluication on the exit nodes is done as per any nostr client would?
And I presume dedpluication on the exit nodes is done as per any nostr client would?
a solution: nostr:note1uk728fkpgt8qqe2a9gylc9af5e4kjkyr05f3c04zpv8jgzwu9s6qpks74v
It is like running the internet on nostr relays?! That simple?
It is like running the internet on nostr relays?! That simple?
