Replying to Avatar semisol

Media hosting is a hard problem to solve. The CDN costs with other providers are significantly higher compared to Cloudflare.

Moderation is hard. You wouldn’t want to know the type of content that has to be filtered every day.

There is a lot of work going on in the background so that someone uploading a 10MB image gets optimized down to a few hundred KB, strip metadata, and have the media file load fast, etc.

And a lot more other costs and work exist, while no one properly pays for hosting media, so no one wants to work on hosting media. Nostrimg died partially for the reason of CSAM spam.

I don’t fully get the concerns about CF either in some cases. Sure, if this is a sensitive application then it could matter.

But if it is media that is already publicly available, what changes?

Everyone complains but no one wants to fund switching to an alterntive reliable CDN (some “cheap” options bring significant drawbacks as well)

On Nostr.build we also have backups in a completely different provider.
Avatar
CappyNate🍁 2mo ago

On keys + security.

Do we have an ongoing breach bounty service on Nostr yet? For every cog in the wheel: clients, signers, wallets, messengers, relays, DVM's, etc.

One panel that tracks everything. Fully white hat hackerspace. So we can see who's truly robust.

If not, I'll consider building one. Need to think on it tho.

nostr:nprofile1qqsr7acdvhf6we9fch94qwhpy0nza36e3tgrtkpku25ppuu80f69kfqppemhxue69uhkummn9ekx7mp0qy0hwumn8ghj7mn0wd68yttjv4kxz7fwv3jhyettwfhhxuewd4jj7lal3ny nostr:nprofile1qqswum4p82uluhz2dr40nvdrflspffntgqghc58w9fs57nx6jkdkuaqpz4mhxue69uhks6tnwshxummnw3ezumrpdejqzyrhwden5te0dehhxarj9ekxzmny5dhgt8 nostr:nprofile1qqsr9cvzwc652r4m83d86ykplrnm9dg5gwdvzzn8ameanlvut35wy3gpzdmhxw309aex2mrp0yhx5c34x5hxxmmdqyxhwumn8ghj7mn0wvhxcmmvyzvgs2 nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzpmhxue69uhkummnw3ezumt0d5hszythwden5te0dehhxarj9emkjmn99ue6qm68

Reply to this note

Please Login to reply.

Discussion

Avatar
The Daniel ⚡️ 2mo ago

I’m not aware of any one thing. Most bounties are just ad-hoc posts or comments on GitHub. There was supposed to be one as a part of bitcoinbounties.org I guess, but nobody ever used it.

Avatar
semisol 2mo ago

May have been because the owner is anti-FOSS to some extent

Avatar
The Daniel ⚡️ 2mo ago

Yeah, everyone pretty much abandoned that whole thing a couple of years back.

I say, start a new one!

Avatar
CappyNate🍁 2mo ago

Thanks man. I think that's the one I remember. At least whatever is left of it.

I'll think on how to do it right.

Does multi-sig lightning exist? Or only on-chain? Would prob need a committee-esc mechanism to approve actions. Multi-sig would serve that purpose well. Need to think....

Avatar
The Daniel ⚡️ 2mo ago

I think what you are looking for is a viable escrow system on Lightning, where bounties can be pre-funded and paid out based on a set of conditions. I know some people have discussed and maybe attempted to build this, but I’m not sure what the state of that is at the moment.

Avatar
semisol 2mo ago

escrow is hard and risky

Avatar
CappyNate🍁 2mo ago

Both valid points. It's hard to set a rigid smart contract condition I think, and requires a bunch of building. Plus you never know what the breach will be.

Prob just easier to have trusted arbiters. Ya I gotta think. I'm not super passionate about this. But I think it's an important solution. nostr:nprofile1qqswum4p82uluhz2dr40nvdrflspffntgqghc58w9fs57nx6jkdkuaqpz4mhxue69uhks6tnwshxummnw3ezumrpdejqzyrhwden5te0dehhxarj9ekxzmny5dhgt8

Avatar
semisol 2mo ago

And when you have an arbiter you have custodial risk and being a custodian is MUCH HARDER in terms of risk.

Avatar
The Daniel ⚡️ 2mo ago

Exactly, nobody wants to be the custodian. Too many targets on their back.

Avatar
semisol 2mo ago

Trusting a custodian is hard. Being one is harder.

Avatar
CappyNate🍁 2mo ago

Especially when the target market is penetration testers. Particularly the most skilled ones.

Sometimes we just gotta be courageous and do what needs to be done tho. That's what trailblazing is about.

Avatar
The Daniel ⚡️ 2mo ago

This is why the ETH crowd loves smart contracts and DAOs so much. But that won’t ever fly on Nostr. I’ve ever seen a single “DeFi on bitcoin” product to date that I would consider using other than just to play around with and forget.

Avatar
The Daniel ⚡️ 2mo ago

*never