Nostr Web Client

Thanks for bringing privacy to the forefront. Few read the respective nostr github project documentation on privacy. Your method of exposing privacy on base nostr protocol has been effective.

> hardly any moderation tools

Despite this, the discourse is more civil than that of twtr. Maybe it’s a function of nostr’s tiny size, and lack of algos.

nostr:npub1wmr34t36fy03m8hvgl96zl3znndyzyaqhwmwdtshwmtkg03fetaqhjg240 and nos social are as far as I’m aware thinking and developing most on moderation tools.

I don’t know how far they’ve gotten - that said one of the benefits of nostr is you don’t have a mandatory moderation curator in a WEF stooge. You can have a feature where you choose your own moderator - for instance you can choose Jack.

nostr:npub1g53mukxnjkcmr94fhryzkqutdz2ukq4ks0gvy5af25rgmwsl4ngq43drvk implemented web of trust network hops filter more than half a year ago on Iris messenger.

> no centralized development

Yes, this is a feature. Otherwise we’ll get another closed big tech gulag.

You are more than welcome to submit PRs to Damus, and I’m sure many others will happily review patches. Nearly all of nostr is FOSS, and lead devs welcome patches.

Example code and issues https://github.com/damus-io/damus

Ostrich McAwesome 1y ago

1) Once you have an account established and are following people it is mostly fine, but it's hard to browse the global feed without seeing strongly undesirable content such as lolicon (or worse). This is a natural consequence of being censorship-resistant, but it will scare new users away. I'm excited to see how this can be reigned in without harming the free speech of other users.

2) By "centralized development", I just mean any standard unifying practice for development. Centralizing a core Nostr codebase under GPL would keep it property of the people forever, while making sure all bugs and weaknesses are patched for everyone. Everyone doing things their own way is a recipe for disaster. Death by a thousand cuts.

3) I have never used Damus, so nothing I've uncovered is specific to them. Finding a weakness in Nostr means every affected Nostr project needs to fix it independently. Even I don't want to write that many bug tickets.

Reply to this note

Please Login to reply.

Discussion

elsat 1y ago

1) Agree on the anime p*rn being an eyesore for most. Certain relays have more than others. Agree protocol allows for this, and it is the tradeoff of censorship resistance. I see onboarding as the initial part of the challenge here. Specifically on Damus, the current band-aid solution during onboarding is to have a list of suggested profiles to follow thematically separated (homesteading, parenting, media etc.). Discovery post-onboarding, and the "universe view" is the never-ending continuation of this question. Team is aiming to explore the design, and experience here soon ™️ .

Further to the **** problem, there's some work done on using opt-in sensitive image scanning on Damus. It's not complete, and not yet tested for reliability and robustness.

2) > Centralizing a core Nostr codebase under GPL would keep it property of the people forever

My understanding is nostr code is licensed (verbatim) as "public domain".

3) I got you, and appreciate effectively pointing out a single weakness thus far. I hope you continue exposing weak points. Here is a proposed solution for a single client: https://github.com/damus-io/damus/issues/1897. If you have feedback on this solution, I'd be happy to pass on to the dev team. If it's just the problem statement/issue you want to share, I am happy to put on the radar of various nostr clients by generating a bunch of issues.

Lmk if/how I can be of help.

Ostrich McAwesome 1y ago

One fundamental flaw I see with this idea is that if you are addressing the method in which I gathered these IPs (via DM), you would have to send decrypted URLs from a users end-to-end encrypted DMs to the image proxy, which endangers privacy in a new way because it revealed part of the message to the proxy. Now you have to trust the proxy with potential secrets.

Link Previews are also a vector for attack here, and it would be even worse to send all DM'd URLs through the proxy.

I also worry that image proxies could bloat the cost of running a client, are a form of centralization (this solution only benefits Damus users), and are a vector for DDoS/Abuse.

Mike Dilger ☑️ 1y ago

Gossip client doesn't even have a way to see global relay posts. Apparently I missed out on shower girl, 🍆-pic day, and lots of other things.

Now that users can mark relays as 'spam safe' (trusted to moderate content - I should probably rename it) I may add in a global feed for those relays.