Replying to Avatar weev

The harm in practice is that they have the ability to censor posts, and eventually they will be forced by EU regulators, among others, to do so, if Nostr ever has significant amount of traction.

You are basically saying you want a centralized system. If you like Primal, you should just use X or Bluesky.

I agree that Nostr onboarding of new users is atrocious and many of the apps are extremely unappealing to tons of people, but Primal should solve these problems without compromising the integrity of Nostr’s decentralized nature.
Avatar
Tauri 2mo ago

> You are basically saying you want a centralized system. If you like Primal, you should just use X or Bluesky.

You assumed I use Primal for their curated content — I don’t. I just found out they even do that, which only proves the point I was making. And you’re not the only one who missed it.

It’s funny how often devs, when faced with feedback they don’t like, default to “if you don’t like my toy, go play with the other crappier ones.” The irony is those “crappier” ones usually work better, they simply choose different tradeoffs. Trying to steer user behavior through shaming or condescension rarely works.

Reply to this note

Please Login to reply.

Discussion

Avatar
weev 2mo ago

It is easier to write centralized software than decentralized software. So many services are going to cheat and make a “Nostr” client that is centralized. You say this “usually works better” but it is actually subverting the entire point of Nostr, and delivering it into the hands of the government.

Subversive behavior deserves to be treated with contempt. If you aren’t willing to put up with a mild inconvienence for freedom, why not just use Twitter or Facebook at that point? Making a censored and filtered version of “Nostr” is not a tradeoff. At that point, it isn’t Nostr, it is a fraud.

Avatar
Tauri 2mo ago

That all sounds true and I don’t generally disagree. It still misses the bigger problem with adoption from the masses. Because this happens when devs leaks implementation details to a non-technical crowd (simply swap core devs with Nostr devs - it’s more or less the same issue).

Avatar
weev 2mo ago

It's not comparable at all. Knots is a joke project made by an obviously incompetent loser, clearly meant to be a social attack upon Bitcoin.

https://blog.lopp.net/knot-a-serious-project/

Primal is not a joke project, but it is a centralized service. Feeds stopped working in the recent AWS outage. Primal is like if someone was claiming to sell Bitcoin but it was just a ledger held in a MySQL database. It’s more of a deliberate fraud and less of a ridiculous joke.

Avatar
vinney...axkl 2mo ago

all current disagreements on nostr are core vs knots in disguise.

Avatar
Dave🐸 2mo ago

Stay humble and enjoy your forking 🤙🏽

Avatar
Tauri 2mo ago

You should have said sooner that you are mentally challenged. I wouldn’t have wasted my time replying.

Avatar
ODELL 2mo ago

> why not just use Twitter or Facebook at that point

the trust model of primal is strictly superior to facebook and twitter

the primal stack is foss, users broadcast directly to relays, users can change caching server in the gui easily, users can copy/paste their nsec to use any other app

> it is a fraud

claiming that an app that uses a caching server “is not a nostr app” is similar to claiming that bitcoin wallets that use electrum servers are “not bitcoin apps,” retarded

Avatar
xenonsky 2mo ago

somehow I was in settings thinking about the word "enhanced"

let me read that Thread

if bookmarks go, I disssaaaapooooint :)

no. not high

Avatar
vinney...axkl 2mo ago

Would a Primal-only user be able to tell if it ever became "not a nostr client"?

Avatar
ODELL 2mo ago

the fact that we are having this conversation right now, exchanging signed and verifiable posts, while i am using primal and you presumably are not, is proof alone that primal is significantly better than x and facebook

to say otherwise is either ignorant or intentionally misleading

Avatar
vinney...axkl 2mo ago

oh i agree about that entirely! 1000%. and it is a beautiful thing.

i want to be certain it stays that way - in a "verify, don't trust" sort of way. and i can't verify what that caching server does or be certain (without trusting) what it will do in the future.

this "problem" just 100% goes away if there is a setting to connect directly to relays. you and miljan both said that's planned; and i look forward to it, and to having nothing left to be skeptical about.

Avatar
ODELL 2mo ago

if there was real censorship on the default primal caching server it would be obvious and most users would either change caching servers or copy/paste their nsec into a different app

Avatar
xenonsky 2mo ago

real censorship? that is not a thing.

Avatar
weev 2mo ago

How would it be obvious to a normal person? Twitter censorship is rampant but not obvious to the average Twitter user.

By the time that regulators get around to ordering compliance it is too late. You will be forced to censor if you make a censorable system.

Avatar
weev 2mo ago

Expecting a normal user to notice the differential between Primal’s Nostr feed and the one on the network is not realistic. So is expecting a normal person to tinker with settings, know what a caching server is and knowing how to locate and replace it. Whatever the default is, that’s the setting that is staying for virtually all users except a tiny fringe forever.

It seems to me that Primal is repeating the essential problem with federation that Nostr was solving in the first place. In a federated system censorship becomes trivial because ever since conversation goes through gmail.com or bsky.app — the concentration of large numbers of people on a single server creates perverse incentives over time. If Nostr ever becomes popular and the most popular client is reliant on a single caching server, the operator will be ordered by courts, domain registrars and registries, CDNs, BGP peers, and app stores to filter it. Or the board will just elect new people who are censorship friendly because it is the only way to be commercially viable and get ads that pay well.

Avatar
vinney...axkl 2mo ago

the caching server setting is Primal's warrant canary.

if they add a "bypass caching server, connect directly to relays" setting i'll be much more convinced they are good actors. and if it ever disappears thereafter, i'll know they've been captured.

...if they refuse to add it to begin with, i'll have no way to know which one it is, and i'll have to assume the worst. this is a healthy sort of pressure in a decentralized ecosystem.

i was similarly obnoxious about nsec sign-in, and to their credit they did ultimately add Amber login and i give them credit for that. this issue can simply go the same way and everyone will be happy

Avatar
Kräftig 2mo ago

This is a resonable ask.

Avatar
vinney...axkl 2mo ago

Requiring users to do their verification that "they're still on nostr" using _other , non-Primal clients_ as the source of ultimate truth... That settles it, no?

nostr:nevent1qvzqqqqqqypzqth65u2mhdrd6klxkldg6acqyek3ze6tjyacz79dmdwzuc7esue3qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgwwaehxw309ahx7uewd3hkctcqyzqhc3ez0csl0kwlfap6g5p2h64u6a8hmc8u87h09gcsyv2pscuu20ngjfv

Avatar
vinney...axkl 2mo ago

Countless examples all over legacy social media of people screenshotting and comparing each others' google results, news site promoted content, twitter and facebook feeds and posts - that whole pile of shit is exactly the mess that we're finally able to escape from.

Adding potentially-malicious and non-bypassable caching servers in between sources of truth and users eyeballs goes in precisely the opposite direction, right back into that mess.

Avatar
ODELL 2mo ago

anyone who runs two different apps will be able to easily verify them against each other

literally the only “technical skill” required to do that is copy/paste

Avatar
vinney...axkl 2mo ago

i had said "someone who only uses Primal".

Avatar
ODELL 2mo ago

copy/paste exists

pretending it doesnt is a weird hill to argue from

Avatar
vinney...axkl 2mo ago

what are they copy/pasting between? and when did i ever say it doesn't exist? that isn't my argument at all - my premise is a user who is only aware of Primal and uses that single client.

if you take issue with that premise, that's fine, but say so and we can adjust.

once you suppose additional clients, you concede that you have to use other sources of truth that DO VERIFY, in order to temporarily be safe TRUSTIing Primal. this is my entire point.

Avatar
ODELL 2mo ago

it is stupid easy to run multiple apps and verify them against each other - literally just copy/paste

a small subset of users doing this protects everyone, they will sound the alarm if any app is malicious

Avatar
vinney...axkl 2mo ago

.....and if an app is truly malicious, then the set of users who _only_ use this app won't ever see the news that their app is malicious - because it is malicious and hides that information.

Remember how the rest of the whole internet works?

Avatar
ODELL 2mo ago

well now your theoretical escalated significantly

this risk is not unique to primal

malicious actors could do similar at app or relay level, unless every user is verifying client code and running their own relays

honestly this is starting to feel like bad faith from you and it’s disappointing

Avatar
vinney...axkl 2mo ago

I completely agree about the app level. Any popular open-source client could quietly add a censorious cache layer and try to sneak it past the eyeballs of reviewers. And any "single client" users would be at risk of never hearing about this news if they've already installed the censorious update.

You're correct there that this is a threat to all software everywhere. That's the level playing field of "threat" that everyone tries to rise above. And in my mind, the shared game then is to try and add features and positive user experience above that line **without** adding new threats unique to one client or service.

The tradeoff is going to be different for everyone, and given the absolute shit state of the rest of the internet, and the potential for open protocols and censorship avoidance, **my** tolerance in that trade-off is very strict.

I've said in almost every note: Primal can completely dissolve even this suspicion, and I do honestly believe they will eventually (I've seen them do similar before!), by allowing the user to bypass the caching server if they desire. I don't actually think Primal (or you) are bad actors, but I do worry that powerful bad incentives are guaranteed to manifest themselves with success and the best way to beat them is to tie your own hands behind your back before they ever appear. Once a project is on the wrong side of that curve (bad incentives accelerate faster than honesty can hold at bay), the game is over and everyone loses (except those with the investment exit). So you have to head it off early. And community pressure can help with that, if done right.

I _want_ to be doing that right - so I'm also disappointed to hear that you think this is bad faith from me. I'd like to correct it if possible, for everyone's sake.

Avatar
vinney...axkl 2mo ago

> starting to feel like bad faith

i take this very seriously and defer to my interlocutor on it generally. i don't mind if you have a negative impression of me personally during this (prefer otherwise, but i'll accept it), but i am very committed to having my argument stand on its own as valid and good-faith.

what do you need from me to dissolve the bad faith accusation? i'm motivated to get there and get back to the core of the argument to see where we disagree. my hunch is that we just feel difierently about the tradeoffs and the severity of the risks, and i would be content to let it lie peacefully there, once established.

🤝

Avatar
unknown 2mo ago

You’re asking the right questions. But I’ve lost faith in getting any valuable answers to your questions. 🫡

Avatar
vinney...axkl 2mo ago

keep the faith. we're all on the same team

Avatar
ODELL 2mo ago

> my hunch is that we just feel difierently about the tradeoffs and the severity of the risks, and i would be content to let it lie peacefully there

yes 🤝

Avatar
vinney...axkl 2mo ago

it would not be obvious unless they had access to nostr notes directly from relays (on another client, as you say). their Primal-only world would not have that information, so they wouldn't know they were missing it.

as i said at the outset, they'd be trusting, not verfying. but their ability to verify is restored with a little toggle that says "bypass caching server".

EZ, if you want it.

Avatar
xenonsky 2mo ago

hm