We must have follow lists for each kind. The kind 1 follow list is different than a blog post follow list. So, all of your options are wrong. :)
Other kinds should never be rendered as root posts on kind 1 clients. But kind 1 clients must render or forward them when they are quoted into a kind 1.
I don't think separate follow lists are optional. I don't want to see any music recommendations or my only fans feed from you people :)
A way to solve it is to create separate keys for each major kind and that breaks the graph too.
Sure. I think we made a mistake when we change the kind3 list from contact list to follow list. We could keep all contacts there and then have different follows per kind as 30000 lists.
If Nostr wins, I expect any user to have at least 30 clients being actively used in a single phone. If Nostr "micro apps" win, I expect over 100 clients for a regular user.
This is why App management clients are so important. No one will install 100 clients one by one. We must have some form of bundling that facilitates the integration of micro apps to do specific tasks.
Makes sense. But most nostr users already have more than 3 apps installed. So, it's not really that far out. It won't be long until we see 10+ apps. And then, it will jump very quickly.
Just from what users tell me. Fountain is onboarding a lot of people. Vast majority of users have 2 kind 1 clients installed. Amber is really common now.
True. I don't think most of our current apps will survive the micro app dominion. The best apps today already have too much technical debt and are falling behind most of the new ones in terms of architecture. That's kinda the point of smaller apps, they can easily be replaced by new tech stacks.
I don't disagree on the solid experience. But that doesn't need to be centralized in massive apps. In fact, I will say that there is no point in building nostr at all if in the end all we have is a few apps that control everything because they are the only ones with good experience.
Because people will realize that most of the current apps they use are modifying what users have said/made in the past without their permission. You probably didn't notice, but I am willing to bet every time you export your photos from a preferred server (Google/Apple/Next cloud/etc) a few of them are missing and other have been changed. Same for documents, PDFs and so on. I have lost many pictures/documents in that way.
Yep, but in nostr you have to hash every single item you publish, making checks very easy to implement, compare and reshare. You don't have to think about that before you start using the service. It's backed in.
Tried multiple times already. But just look at the replies here nostr:nevent1qqszee98s53cn9ml7cxcuaslmzlx87usq98wd6nedygs8g4ylklej8qpz3mhxw309akx7cmpd35x7um58g6rsd3e9upzq3svyhng9ld8sv44950j957j9vchdktj7cxumsep9mvvjthc2pjuqvzqqqqqqykp88um
Yeah, I think on Android it will be about zap.store and figuring out how to recommend signer apps without knowing how the user will install them (PlayStore/Zap.Store/F-droid/Aurora/Obtainium/Apk, etc)
If it's not opensource (so you can check the code for trackers) and you can't change servers (so they can't track your IP, location etc), it's not private.
Check out what What's app does, which uses the same Signal protocol lots of people love. Emphasis on "WhatsApp may start collecting..."'
> What data does WhatsApp disclose in response to government requests?
> WhatsApp scrutinizes every government request and produces only the information that is narrowly tailored to respond to each request. Depending on the request WhatsApp’s response may include, if available, basic subscriber information (such as their name, service start date, last seen date, IP address, device type, and email address), and account information (such as a user’s "about" information, profile photos, group information and contacts list). In the ordinary course of providing its service, WhatsApp does not store message logs once the messages are delivered or transaction logs of such delivered messages. In order to comply with a valid legal request, such as a valid Pen Register Trap and Trace Order in the United States, WhatsApp may start collecting message logs and call logs for a particular user indicating who the communication was to or from, the time it was transmitted and from which IP address, and the type of communication (such as a text or call).
https://faq.whatsapp.com/808280033839222
It's not about WhatsApp. Every app that is closed source and close servers can do the same. Even those who claim they are private. Including Signal themselves.
If both of you connect to the same server, the server can see encrypted content being uploaded downloaded by both in similar times. Then it's easy. IP gets location. Location over time gives your home and work address. Home and work address give your name.
I run a server last year and decided to add a huge number of logs into their code. It's definitely possible to map who is talking to who. Especially if you run it over time. The link between users is possible even through Tor if the connection is not constantly refreshed to get a new exit node. The only thing Tor adds is that I can't get your location from your IP. But who is talking to who and when is still fully traceable.
Yep. Even keychat on Nostr is likely to get centralized over time.
You either incentivize multiple clients, multiple servers, which goes against the duty to maximize revenue of a company, or you end up centralizing everything.
Agree. Some folks are too tied with the idea of having just one key.
You can and maybe should use different keys for different interests, different chats, different communities, etc.
It's so cool to see everyone just using NIP-55. Let's go!
nostr:nevent1qqsyv07tcuegt28dd0ppuqcfmf75ze5ruaq6aghpnnnz3wlvq5f8hccpzemhxue69uhkummnw3ex2mrfw3jhxtn0wfnj7q3q9yeqjawls407xjnmgkk6yss7936pcd7qzd5srlj8wye6j8433vrsxpqqqqqqzgw7zcq
Can we have a Citrine-like app that simply stores all of your pictures, images, music, videos sent to Nostr (NIP-96 Media Servers + Blossom) locally and offer those files to any Nostr client that has the hash via Android inter-app APIs?
Maybe it even syncs with other servers, like Blossom can do?
The goal is to avoid duplicating disk usage between multiple Nostr apps, removing the need for app-centric local caches where the same files are downloaded and stored in every installed Client's local database (like profile pictures).
It all depends on how many clients are people expected to use. I am expecting that people will use between 30-100 clients if Nostr wins. So, It will take a significant tow on disk space if all the information gets duplicated.
nostr:nprofile1qqsr7acdvhf6we9fch94qwhpy0nza36e3tgrtkpku25ppuu80f69kfqpramhxue69uhkummnw3ez6un9d3shjtnyv4ex26mjdaehxtndv5hsz9mhwden5te0wfjkccte9ehx7um5wghxyctwvshszxthwden5te0wfjkccte9ekk7mt0wd68ytnsd9hxktc79dllq any chance you can whitelist my key to test this on your server? :)
So, I am sending image/png as form field content_type, but it always returns with application/octet-stream.
I am not sure what I am doing wrong to get this.
Edits on Amethyst implement this NIP. It allows users to replace the content of their posts but not the extra metadata - they can't move an existing post to a new thread, for instance.
The entire history is kept. Clients can show the history, starting with the latest edit.
Other users can propose edits by sending it back to the original author. The author accepts by creating a new edit by themselves.
https://github.com/nostr-protocol/nips/pull/1090
They don't need to decrypt it. They control both sides, they can just track you using the app and get the information they need before encrypting.
Similar to how WhatsApp/Telegram can get information from you even though they are "end to end" encrypted. They can just monitor what you type (which they do).
If the app is not opensource so that you can check it and if you can't change the server that is storing this info, they can track anything they want and you will never know.
There is no stock iOS. There is only the Apple-provided iOS which you can't see the code and thus you can't actually check for anything.
On WhatApp: "Depending on the request WhatsApp’s response may include, if available, basic subscriber information (such as their name, service start date, last seen date, IP address, device type, and email address), and account information (such as a user’s "about" information, profile photos, group information and contacts list). In the ordinary course of providing its service, WhatsApp does not store message logs once the messages are delivered or transaction logs of such delivered messages. In order to comply with a valid legal request, such as a valid Pen Register Trap and Trace Order in the United States, WhatsApp may start collecting message logs and call logs for a particular user indicating who the communication was to or from, the time it was transmitted and from which IP address, and the type of communication (such as a text or call)."
https://faq.whatsapp.com/808280033839222
Why is Pokey so good?
Pokey connects directly into your inbox relays and keeps the connection open at all times.
Every other notification system is using a server that watches relays for new events and sends them down via Google/Apple/UnifiedPush systems.
It's WAY faster than ANY of these push systems.
There is no restriction on message sizes or frequency. No payment plans for servers and no algorithmic delays from push providers.
It can authenticate in your Private Inbox relays for DMs because it can get Amber to sign as of you. No watching server can do that.
It also decentralizes notifications from Clients. There is no need to run 15 different notification systems, one for each client you want to use.
Once notifications are downloaded, it can pass those events to the appropriate apps to display. You can choose a default app per event kind. And if you don't have an app registered for the event, it can display the notification itself.
It's a win-win-win-win-win situation.
Oddbean new post about login | logout
Notes by Vitor Pamplona | export