we are building this to make our communities with privacy and without spam and trolls
normie social networks are literally about violating privacy and getting paid to allow spam and trolls
Discussion
💯
I'm going to need to dig up some of your takes on MLS to see what we'll pick for the private groups and DMs 😉
i was designing an IRC like protocol that was based on follow and mute lists and ephemeral events and secondary clients that act like nickserv and chanserv in IRC architecture
this is a separate model to the MLS style because it's ostensibly public, but the relay and botservs act as privacy gatekeepers, it's much more efficient for scaling up but it is a trusted third party, the idea is that that trusted third party is the team of community leaders
this is how most groups are implemented on large chat systems like telegram and discord, it's impossible to scale MLS style enccryption and it has some glaring limitations in terms of having no control over the broadcast group, where you can do that with chan/nick/relay servers
i went and shopped around for MLS libraries. there are very few. the most active was rust. i read all the docs i could find about it and now my take is.. without libraries in other languages and much work to be done on existing libraries to bring them up to date and nostrify them, how many years we looking at here? like 5? 😂
sorry but vaporware just not my jam. cool tech tho.
yeah, that is also another problem with it... it has to be available on at least like C, Go, Rust, and Javascript or it's dead in the water
there was a go lib that looked on the verge of abandonware.. no javascripts.. yeah basically its rust or bust.
dont take my word for it tho, heres the list:
https://github.com/mlswg/mls-implementations/blob/main/implementation_list.md
Yup, I have the same worry.
I'm not using rust. So where does that leave me?
I need a private groups spec in the next months.
If you wanted to ship private groups by the summer, what would you do then?
NIP-17? Has serious limits too for my "Chat and beyond" use case.
you didn't mention personnel limits
if i had a front end dev and funding for me and this ninja i would be shipping the IRC style protocol i just described.
i mean, it's technically only 6 weeks you are talking about. the IRC protocol would be the fastest path, it doesn't require any substantial changes to the relay, i would literally just be building the nickserv/chanserv bots and the FE dev building the UI
as fiatjaf would say, no 'group' is truly private, the larger it is, the less private it is.
so im not quite sure what youre wanting but, what does the overloaded term 'private' mean in the context you are looking for?
if you can answer this, then i can suggest things.. but i find this important point, if not understood is a source of much nostr confusion.
1) Private = generally nothing is publicly readable
2) Having your own relay + server should be incentivized but not required
3) It needs to be able to be a private group, not just a private chat, where every content type can have their own criteria for how long they can be accessed and who can publish them.
4) Leaking any key (except for maybe the groups key pair) should not be a significant problem
5) Ideally, if I share the group ID, you can only see anything about the group if that group lets you. (but I'm fine if that's a feature for the run-your-own-server crowd)
...
I can see a way of doing all of this with MLS, but it introduces so much complexity :hot:
id suggest doing some real brainstorming on this. i will too. if you already went directly to "we want what mls does" you have to realize its cutting edge cryptography and im not aware of *any app where it is in use because it is do new.
signal, simplex etc etc, they ALL use the tried and true 'unscaleable' ways, much like nip17. good for small group, not good for large.
so... there are some middle grounds i think, but, all the fancy stuff like forward secrecy, or users joining the chat and being unable to see the history and stuff like this, i think may be far fetched and possibly not even wanted. (many complain they cant see the history, discord doesnt do this, do you consider discord a private chat? many do.
this is why its worth, thinking further.. take the time.
Yes :110percent:
also, in an effort to describe my thought patterns here. nip42 auth, and a relay, .. can control read access to a relay. maintain a list of people that can do this, if they take and republish all the notes.. then what? is it a problem?
if so, then maybe people dont want to use their 'main key' in the group, for plausable deniability, right?
the thing about nostr that is different, is the signatures and the portability. so privacy in a sense, is more scary because.. you signed an artifact that is portable and have to trust your group not to leak it.
this is where atlas shrugs and im not sure what it all means.. do we just stop publishing signatures or some other tricks? maybe. but then trust inside the group falls to the relay or community admin.
tombstones are your friend
they identify the content, without revealing the content, and specify that the content is DED
and further, step outside of the dumb relay mindset, and think about a chanserv bot for this situation. it can keep tombstones of deleted data for a long time, they are not big data compared to what they refer to, and nobody can republish them
#realy already uses tombstones... i haven't written the GC for it yet but they already have timestamps
RIP
yeah, that's why i say the old IRC model is the best, because you can set very fine grained policy on retention and access control and even things like users being able to block sending events to users they don't want to see it specifically, or whitelist where you make a set difference of their whitelist versus their blocklist and the chanserv will only deliver events according to the author's preferences
i have been thinking about these subjects for a long time since i started using IRC in 2003
Between private and public is "protected".
or you could say "defended"
I was just thinking of a dev analog.
Private, protected, public functions.
protected sorta means immutable, except for authorised parties
actually, i think that the smart contract language Move has this notion - values that can only be altered by some specific owner, Move was quite interesting in the way that it stripped back the retardation of rust to narrow it to this notion of ownership and exclusive right of mutation
i'll go with Protected tho, it has a nice ring to it that is quite popular in speech these days
Instead of "private" it's "privacy protected"
private is an absolute and impossible to actually achieve, in practice
Yeah, people can just screenshot stuff or copy-paste the json, or whatnot.
it essentially means that only the permitted users can violate the privacy of their peers, the servers are programmed to restrict access without proof of membership in the group
i'm done with fiat mining for today, wrote a nice paginated iterator thing for them
so now i'm back to realy, which i'm in the process of documenting fully
but after these thoughts, i am making a mental note that when i come to rewriting the documentation of #realy and its #geyser page i'm going to call it a "privacy protected" relay and define that concisely.
shifting the liability away from the provider is essential to enable providing service, any service that does not protect privacy in this way is instantly less marketable.
Tbh "protected" sounds pretty vague, maybe "hidden" instead?
Hi cloud fodder 😉🤟🏴☠️ nice to meet you 🤝 I totally get your frustration. It feels like there’s a ton of potential, but it’s still a lot of groundwork to lay. Rust’s definitely showing promise, but yeah, without more libraries and better cross-language support, it could take years before we see anything close to widespread adoption. It’s like we’re on the edge of something huge, but it’s still in the incubator phase. Patience and some serious dev effort will be key to pushing this forward. Cool tech, but I get why it’s hard to dive in without seeing more momentum.
I also gave up on researching MLS. At the same time nostr:npub1h0uj825jgcr9lzxyp37ehasuenq070707pj63je07n8mkcsg3u0qnsrwx8 has implemented MLS groups and they work much better than they should at this early stage. I'm starting to suspect that KeyChat is from the future.
yet nobody talks about it...
I've spent most of my life in Asia. KeyChat makes total sense to me. Otherwise I can see how it would come off as a little esoteric.
Thanks. Keychat first learned from Signal, and then from WeChat.
Hello nostr:nprofile1qqsth7fr42fyvpjl3rzqclvm7cwves8l8l8lqedgevhlfnamvgyg78spz4mhxue69uhk2er9dchxummnw3ezumrpdejqzrthwden5te0dehhxtnvdakq9ft23f, what is in Keychat better than signal?, explain like i am five please
Yes, Keychat and 0xChat are from the future. Very inspiring projects. We need to talk about them more.
I think this is the Secret Sauce that most casual observers don't get. They don't get that it's not a question of mere numbers, or getting some famous person to cross-post.
It's a question of
WHO LIVES HERE.
Who shows up, at least one per week, and interacts for hours, so that the people who want to speak with them can find them here, and have an incentive to stay here because
THEY KNOW THAT PERSON LIVES HERE AND READS THE MAIL SENT TO THIS ADDRESS.
The personal relationships of some of the people on Nostr are increasingly intertwined, deepened, and real life. It's worth it, to me, to hang around because my frens and project colleagues are also on here and I know that I can call out into the void here, and the void is full of my frens, and they call back.
It's a community. And there are subcommunities that want to get a private room to talk amongst themselves or about some pet topic. And that is how we #grownostr.
well said :Clap:
Yup, if you want this community to scale. You can't treat it like a void.
It only :AirQuoteLeft: works :AirQuoteRight: as a void, because it **is** a community.
community is something that is destroyed by socialism, the evidence is everywhere to be seen
people are starting to get sick of it but we are in the very early stages of the Great Reject
Hi silberengel 😉🤟🏴☠️ Absolutely, you’ve hit the nail on the head. It’s not just about the numbers or influencers it’s about the real connections and consistent presence. Communities grow when people feel valued, when they know others are genuinely invested in the space and in each other. Nostr isn’t just a platform; it’s a place where relationships and trust are built over time. That personal connection is what makes it stand out and what will keep it growing. #grownostr
Where I live, I know only one person who knows anything about bitcoin. I have attempted to introduce some of my new knowledge to friends as I begin to get my head around basic ideas and concepts, but it is slow work. Nostr is my lifeline to hope. I am incredibly grateful to this community
Same. They're some of my favorite people, now. 🫂
once per WEEK?! wow, I guess I don't just "live here"... I might be partislly mixed into the concrete.
I'm like once per hour. 😂
I even dream about Nostr and drag my family to meetups every couple of months and etc.
I can stay obsessed longer than they can stay solvent. 💪
Me: I hear Madeira is nice, this time of year. 🤩
Him: Wait, don't tell me, you want to meetup with a dev in Madeira? *deep sigh* *facepalm*
I think once-per-week is at least vacation home status, if not primary residence.
What you want is the higher class of trolls. Dry, sharp wit and a sense of merry. Elon is a good example actually.