He's not wrong that the repercussions of having your "account hacked" are worse on Nostr. There are trade offs. If my password is leaked or hacked on Twitter, I can deal with a central authority to reset my password and get my account back. If my nsec is leaked, that cat can never go back in the bag. It's leaked for life. Twitter allows you to recover your identity, that they own. Nostr allows you to create a brand new identity that you own.
Discussion
It boils down to do you want to own your identity or not?
Yes. I’m not saying he’s wrong. I’m saying that he clearly has an axe to grind with Nostr as evidenced by this and numerous other posts.
I wish I understood why he was so bearish on decentralized social communication when he clearly understands decentralized money.
I don’t think he’s bearish as much as he sees it as a distraction from Bitcoin. He believes Bitcoin is losing brainpower to a less important project
He said that in some interview I saw
I don't think you want to know... once I started conversation on this with him, and nostr:nprofile1qqsvextkm9nssu5u3yp8cyfhxspenl63ra78g9trk399k8760wu9pzcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhspcp49u all but begged us to stop 😂
Do tell
He milks decentralized money industry, he's having a hard time milking decentralized social app because the key pairs can't be custodied by his services.
the short of it is that Parker is more concerned with reach than censorship.
To be fair censorship resistance without reach is meaningless. Everyone in the world has more or less immediate access to censorship resistance without reach. I can stick a note on my window and nobody can come in to my house and take my "window account" away. Or I can get a tattoo. Or I can write anything I want on my computer and save it as my screensaver. What's the reach though?
Basically you need a certain level of reach before you can make censorship resistance an attractive selling point.
I'm not sure I agree. I don't feel the need to talk to thousands of people with Elon's permission. I'm happy with a small group no one controls.
That's fair, though I'd argue that asking someone who *already has* a lot of reach to trade in that reach for censorship resistance would rightfully lead that someone to ask "what's the point?". It's essentially asking them to retire and then spend their days shooting the breeze with their pals in a bar.
I guess the question is then why is he into bitcoin? is it just a great asset in fiat terms? Looking for a consistent position, here.
I've no idea. I'm new to bitcoin. Though I do observe that bitcoin people view bitcoin as very different than other coins/crypto. There is only one bitcoin, as it were. But there are very many decentralised social networking protocols, and I could see someone asking on what basis Nostr gets to be the "bitcoin of them all" (and not the "eth of them all" or the "ripple of them all" or whatever). Architecturally they're all quite similar, just different sets of trade-offs.
we definately view bitcoin as different. and I don't see it as a twitter vs nostr thing but a centralized vs decentralized thing.
I suppose but then I'd expect passionate bitcoin folks to prefer a social networking protocol that is far more decentralised than Nostr.
like what?
OG-nostr for one. That is to say nostr as first envisioned, with outbox across the board and users spread evenly across 1k or more relays (no relay clumping), and anything requiring a global view either not part of client architecture or (when tech matures) achieved through decentralised means, such as decentralised indexing. Plus relays being financially viable.
You can also make a technical argument that a hacked-together AT-proto network consisting of self-hosted PDSs, custom scaled-down app-views and an alternate DID/PLC directory (i.e. all of it totally detached from any company) would actually be more 'bitcoin like' than nostr. With that you wouldn't have the "not your relay, not your notes" and "not your storage, not your media" stuff to deal with (it's all on the PDS and, critically, content addressed) and you would also have general scalability closer to that of bitcoin, especially with how ATproto handles lexicons. Of course the cultures of bluesky and bitcoin don't align well, but such an ATproto network can be implemented entirely outside of bluesky's purview, and some have been already by enthusiasts.
I myself am not interested in Nostr for max decentralisation or censorship resistance. I’m interested in Nostr for commerce, interop and the integration of e-cash, so the way nostr is developing is totally fine for me. But I can understand how a bitcoin purist would see it as anathema.
possibly sour bitkit isn't winning?
Indeed. You might wind up having to become a Derek Ross clone trying to prove your identity in a battle royal.
Ah yes, the future "this is my new nsec" battles :)
Am I thinking about this correctly?
5. You'll need to get your primal.net/dude link back from Primal (example) to ensure that if your profile has been linked to on the web by others then it'll go to your new npub. (Many people are going to share your profile via a link) To do that you'll have to prove you are you to Primal, but Primal might be hesitant, as that'll make them look like a central authority. And that's assuming you have a way to prove to them that it's "your link". There are a few clients that make such links.
6. You'll have to accept that all the places on the web that have shared you via pasting your npub directly (StackerNews, Reddit, whatever), or where you've shared it yourself, are at best dead links, and at worst (if you can't nuke your account) leading unsuspecting people to a phishing account.
7. All your private DMs are potentially exposed
8. If you're slow to nuke your account the hacker can insert notes in the past from before you announced you lost the key, causing much confusion
Thank you. That all makes sense and is helpful. The last one is particularly difficult to deal with.
Would it be possible to create a recovery key scheme... Like when you create your keypair you create a second keypair (offline, cold storage, etc) that signs a single "distress signal" linked to the original keypair, and all of the clients incorporate a flag of some sort when you are seeing a note from an npub that had it's distress signal broadcasted?
Things like that are strong ideas but are difficult for various reasons. The closest NIP is the newly-merged nuke your account NIP (tell client to tell relays to delete everything and ignore your pubkey) but even that will be hard to coordinate, have a read of the link below for all the chatter on that NIP, good stuff.
Another thing to consider is that most times your key is compromised you'll never know. The hacker is waiting, reading all your DMs, keeping a close eye on your zaps, your cashu balance, for months, maybe even years—all the while you have no idea your key is compromised. There is no "see all devices where I'm signed in" UI in Nostr, nor can there be.
It could be that the future of Nostr is simply not for the kind of social history building that we're doing now, but for something else more transient in nature.
Thanks. Will have a look. Personally, I treat nostr as a permanent internet public square (everything is open for all to see, including eventually DMs). And what I carry in my wallet in this square could get stolen. So I don't care about deleting stuff already on relays; I care about making sure that I and only I can broadcast to the network that my key should be considered forked to a new key. That seems like it ought to be doable.
I think that's probably the right way to look at it, a sort of glass box but one that you own.
The key forking thing is hard. The best way may be to start off from scratch with the combo of both a virgin (secure) nsec and FROST bunker URL, created at the same time. You can get such a combo at njump.me via the join nostr thing.
Write that nsec down somewhere, store it in a few places, and never paste that nsec into anything. Nothing. Nowhere. Ever. Only use the FROST bunker URL with clients. And only come back to the nsec to create a new or revoke an old FROST URLs (those are disposable).
That way you'll never lose your account, some hacks your FROST URL, just revoke it, nothing about your npub needs to change.
Problem is FROST is in early stages, not a lot of clients support it. But it is the solution you're looking for by the sounds of it. This guy below gets it:
nevent1qvzqqqqqqypzpx8xhrzg2fzrs2kr89sz4x8c8svrsg8ptwy4z4unzdv9lfwy0kuyqqsdc20kcqqcns2c5cd6t5jvvgcg7slrqtkc6xv7k7vtyu9vhvkv06cjc04mr
Low T is the real pandemic