Anyone building Linuxstr?
Asking for a friend.
Discussion
wtf is linuxster?
Asking for me.
I was thinking something like Linux Mint or Android but you login with Nostr.
I don't know. Just rambling, I guess.
Everyone looking at me like
But why can't we use Nostr to login to machines?
Like, is there a reason?
i've been working on a thing called "noshtr" which replaces SSH with nostr and i was part way through implementing a noise protocol tunnel for it that uses nostr native - sha256/secp256k1 for MAC and ECDH
as far as using the pc locally, the idea would be to have an enclave that isolates your nsec and then hook that into anything that needs a signer
i don't think it would be useful to go any deeper than that, just to make nostr keys a native auth tool
You could also make local/remote relays part of the filesystem, like Microsoft does with OneDrive/Sharepoint in Windows.
now you digging at something interesting
nostrfs
this one is very interesting because of how it overlaps with blossom protocol, i mean, if you just purely do the "fetch this event ID" functionality they are the same protocol
to make it a useful FS you need to have human readable filenames not just crazy SHA256 identifiers
🤔 Yeah, stuff like this.
I'm kinda getting lost in the details, but I feel like I've done my part for posterity by suggesting it. 😂
well, a signer is at the centre of it, and secondarily a secure TTY, after that you are designing a system namespace hierarchy to tie it all together, and each different part that uses the same signatures/auth has its own specific set of concerns, like a local cache relay, or p2p shared relay caches/blossom etc
i see no reason why it can't be made into a little suite and it should be simple to have this tooling run on any OS to augment it to enable you to do native nostr stuff and plug into things like web apps for signing and so on, LN wallet signer keychains, one keychain to rule them all!
I like that. Nostr Suite. Suitestr. 😂
And integrate git seamlessly, like Sharepoint does with Team Foundation.
And deliver it as a package with Nostr versions of desktop software.
Calculator, browser, document editor, IDE, etc.
LN wallets.
App store. And you install apps natively by double-clicking them. 🤷♀️
yes, and i think that building it on top of an SSH replacement is the unix way to do it also, single responsibility principle, and for security it means you can lock it down easier
https://github.com/mleku/noshtr this is the beginnings of it, i'd started with a different noise protocol framework but then found nyquist which is much nicer, but it's not finished yet, just putting it there so you can see it
I just tagged someone who might understand what you're saying. 😂
I will give a little pushback, aead encryption has been around for a little while now integrating these protocols. Often using the exact stack except Blake2/3. Just missing secp256k1 and to be fair, im not sure I'm risking it all on it anyway, we will never have hardware support for mfgs that focus on government nor operating systems on so on. Libraries are a whole lot more portable when you can rely on an operating system for crypto primitives. Monocypher has a great API for this.
yeah, i've been working with these things for a long time
i built a thing in 2023 that uses sha256 and secp256k1 schnorr signatures as the MAC
in my cruddy initial version it could crunch through 8Mb/s/thread which was more than enough for a typical modern CPU to do a fully packed gigabit channel
and the amount of irrational bullshit about secp256k1 yet here we are, 2024, bitcoin still no problem with signatures, schnorr variant rolling out steadily
idk what to say
i routinely use SIMD code for my SHA256 hashing and it's fast as hell, like, more than 4x faster than it was before
i've seen how fast the secp256k1 C library is, and that's not even going SIMD yet, and it totally could, and if i had 3 months to tool up i could build something like this myself (in assembler)
ironically, the math of koblitz curves is actually on par with edwards, but unlike edwards, it's not possible to craft backdoors into the group
i think that BIP340 style EC signatures and SIMD sha256 allows you to do a perfectly adequate, and single-stack of crypto tooling free of legacy bullshit, and that it is very appealing to bitcoiners and nostr users... you can even find some amounts of commentary on nostr out there about fiatjaf's decision to go with the musig2/taproot BIP-340
when it comes to actually working it on hardware, 256 bit pubkeys versus 257 really makes a big difference, it's an alignment problem, you are talking 4 long words versus 5 long words to process the same data
i think this chacha/blake stuff is cool and all but if it's sufficient and bulletproof secure with a single crypto stack then why pollute your code or your memory with this?
nostr:npub1qdjn8j4gwgmkj3k5un775nq6q3q7mguv5tvajstmkdsqdja2havq03fqm7
https://github.com/mleku/noshtr this is what i built so far, it's not finished yet but the idea was to have it do all the things of SSH but simplified, so it creates a TTY to a remote pc and drops you into the system configured shell, and gives you a key generator and keychain (probably would be easy to integrate vainstr into it, which lets you mine for vanity npubs)
Doesn't GNU already have a pluggable auth provider for SSH?
maybe GNU does but not OpenSSH... would be very cool if it was that easy cos it would take me a day to do it
(*ozzy man voiceover*) yeah, nah, mate, there isn't any such thing, gonna hafta build something custom, by crikey
Wow, good to know, I was thinking the same thing, yeah make a plugin.
so, yeah, just confirming what my research shows... you can make one for PAM, but not for SSH
so, anything you do with PAM is linux only
if you want to make it cross platform, ie windows and mac as well, you are gonna have to write a whole new ting like i've started on
You can already login using yubikeys. All you need is to inject another PAM module, no need for a new kernel or a new linux distro.
How you login is just a very small part of the whole and it's already modularized.
Yeah, but I'm thinking bigger.
Like, a bundled package.
I get it: something that can inregrate with zap.store for apps, with the browser, with sheetstr for docs, with the filesystem, with ngit, storing settings and configs encryoted on relays, etc.
That kind of integrated experience sounds more like Chromebook (nostrbook) than linux. Which is an interesting fine idea, just not something my boomer mindset would want personally.
More like Linux Mint. That uses Ubuntu.
Couldn't we just make a Mint fork and fiddle with it?
probably would be better to just start with debian
Talk amongst yourselves, gotta go to church, and the convo quickly escalated over my pay grade.
😂🙈
I feel like this needs to be a whole community effort. It's too big for one team, even a large team, like ours.
But how awesome would that be?
#[4] #[5] #[6]
well, if anyone wants to fund a nostr system toolchain project i'll put my hand up for building some of the low level stuff for sure
We'd need a good PO, like Will or something.
If it was well-coordinated, and I did analysis and testing and Niels and nostr:npub1r0rs5q2gk0e3dk3nlc7gnu378ec6cnlenqp8a3cjhyzu6f8k5sgs4sq9ac did the design and etc...
nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 could build a nice terminal and nostr:npub1ye5ptcxfyyxl5vjvdjar2ua3f0hynkjzpx552mu5snj3qmx5pzjscpknpr could make the filesystem and etc...
This could be an actual thing. Just need a good road map and divvy up the work, so that everyone has at least one partner and nobody has too big of a chunk.
Nevermind, I was being silly. We already have a good PO. 😁
Same.
*Cracks knuckles*
*breaks out my Dell AT8101*
*dusts off the PS2 port*
Lets fucking go
#[4] #[5] #[6] #[7]
We need someone so desperate to print, that they'd write their own kernel. 😉
Implementing a monolithic kernel on top of Nostr?
This sounds like the absolute antithesis of Nostr design principles. Don't you mean a microkernel based distributed OS?
I have no idea. I've never developed an OS before.
there's no need to, you are just creating a system-wide auth scheme based on bip-340 keys, literally just means a native signer enclave/bunker and a nostr based remote shell interface
also, yes, it would be easy to build this tooling and have a simple lock/unlock interface and permissions for event signing and everything, think like nos2x but it's SSH as well, so you can also use it to connect to your VPS or router and you could even then build further to create client services and ACL permissions systems that are generalised and cover everything, not just read/write access to relays, i mean everything, including blossom servers, CDN download, everything
it makes small scale peer to peer services spamproof and dos proof
Yeah, just do that.
I tend to use operating system in the CPE literal definition === kernel. I hate throwing around with work OS just because we have thrown together some applications on like Debian or something which is like what 90% of people do. If you aren't at least stuffing things into the device tree or adding system calls at build time, you're not modifying the OS and therefor its just another distro imo. Modules don't count :)
But I suppose this means low level protocols, however nostr isnt taking over any byte-level protocols yet and likely won't unless we start to freak out over it. We can have secp256k everywhere, but Linux already has so many decentralized protocols and already has them working well. The issues they are trying to solve are insanely complex which is why it's not mainstream yet.
GNU has made some serious progress in this space.
Yeah, I say further down that I mean something more like a distro.
linux kernel already takes too much in that could be user space, i mean, a lot of stuff has moved into FUSE now and it's just easier to build there, this is part of the intellectual appeal of the BSDs
if you ask me, the kernel should step aside from anything more complex than a TTY, when it comes to networks, it just makes it less flexible
Can't dissagree. Lightweight and easily extensible kernels are ideal IMO.
I was just thinking aloud, in a different thread, about how we're a very Linux-native team, and it suddenly occured to me that a lot of the stuff being built in #Nostr #dev world is just a work-around for the fact that the operating system isn't Nostr-based.
Why not log into the computer with NIP-05 or something and temporarily switch users inside of apps to sign with a different key?
Sort of. That is the dream. An OS that acts as a signing service and p2p network manager. My personal project for the last 6 years has been something nostr-ish that has those goals. I can't jump straight to an OS though. Instead I am very slowly working on a webassembly VM that exposes the signing, encryption, storage, and comms layer to applications running on it.
It isn't nostr though. I like to do premature optimization and use faster cryptographic primitives. :-p ed25519, blake3, byte strings instead of Json.
All wonderful in theory, very slow development pace.
Please check your DMs, sir. 😊
I did, I responded, but I am not sure if my reply replied. I don't have relays configured.
#linuxstr
Urbit?
