i like the confidence but nostr only has a few users and lacks any moderation yet ie spam control
Discussion
More users will come over time with better clients and more censorship from popular social media platforms, not worried about that.
Will be interesting to see how spam control is handled in either the protocol or in clients though. I know there have been discussions about using PoW on events but not sure how widespread that is today though.
Re: moderation, block/mute lists could probably be built both for the protocol as a NIP and in the clients but not sure if someone is working on such a feature yet
One thing I’m worried about though is the metadata leakage from NIP-04 events. I know there have been some proposals on how to handle that but I don’t think there is any fix for it yet?
I like the not perfect but easy fix of only returning dms for the dm participants via signed authentication. But yeah still needs to be implemented.
IMO from a privacy standpoint it's probably better using nostr only for public communication. If someone wants to carry about a truly private conversation I'd rather use an encrypted DM to set up an actual peer to peer channel that isn't broadcast to the world and use that instead. No point storing the events for everyone else to see even if they can't decrypt them.
nah I still want a signal replacement on an open protocol. nostr having this would be huge.
The reason why signal is so popular is easy and reliable asynchronous comms. I don't believe you can achieve this with a p2p stack. At least with a signal-level ux.
Could it be part of the protocol that relays only send encrypted messages if they know the person receiving is the intended recipient? In that sense the relay is behaving more like a private server and should solve any privacy concerns.
to play devil's advocate. Was just at a boomer conference for right wing techhies, and most simply don't give a shit to switch from perceived "Elon" censor free twitter.
What conference was that? I might like to go. In any case, most of those boomers would likely remember NNTP, and once they realize that nostr is NNTP's bastard child, they'd likely get a bit more interested.
>From: manfromhighcastle at 10/10/22 11:13:23 on wss://relay.damus.io
>---------------
>to play devil's advocate. Was just at a boomer conference for right wing techhies, and most simply don't give a shit to switch from perceived "Elon" censor free twitter.
astral isn't close to using POW but its in the road map. imo this is the best way to be able to mitigate spam. I'm imagining a teired POW where if you've posted too many events per minute/hour/day, needed POW increases.
I also think relays would be good for filtering for POW
I still like the idea of making a small payment to use nostr (although if it's not crypto that probably becomes painful to implement, and if it is you alienate lots of people). Easily eliminates 95% of spam and provides some type of monetary incentive to developers or relay operators.
I think this idea was already suggested, but certain relays could charge a toll in order to post to them (but not read from them). These relays will tend to be spam-free.
Regarding PoW, how would this work exactly? It seems to me it's only effective if all clients opt in (If a client doesn't do you just ignore PoW for those clients? Then all spammers use that client. If you require it then you ban everyone that uses the client. Both seem bad.)
It may be instructive that PoW was originally invented to deal with spam but AFAIK isn't used for that today. Everyone uses machine learning, which may work on nostr too.
i think the relay would be a better place to fight spam. relays can choose to only store events with POW and/or from users who pay/have proven balance. then users select which relays they want to use.
This is how I envision it being used too. It would however be nice to be able to filter events without PoW in the client. Could be a user setting in the client.
yes for sure. or even a separate feed or something. the main reason I lean towards relay filtering of POW rather than client filtering is that the client can't send requests for only POW events, it has to receive all events and then superficially filter for POW
I do think there's still room for data-driven methods that detect this type of thing. All the data is out in the open so anyone can build heuristics or algorithms for flagging non-human accounts, for instance. Those algorithms can then be open sourced for any relay operator or client to use.
imo in the future all nostr client will need to opt in to POW, which will make it more feasible for users to only use POW only relays.
spammers that post via non-POW clients will then get no visibility, and remove the incentive of spamming.