Nostr Web Client

Yeah, it's unfortunate.

But I think you can use Damus and Primal and Band for it, as well.

Agreed. Honestly, this is a noobie question, but is there anything special at all about kind 24133 that requires special relay software?

I'm not being sarcastic here, it's a genuine question, maybe folks want to restrict queries, require auth or promote lower latency + some more relaxed policies given the sheer amount of notes. Is there a legitimate reason to centralise signing in Software like Bunklay or is everyone doing it just because? nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5, I assume that you are the right person to ask here?

Reply to this note

Please Login to reply.

Discussion

greenart7c3 6mo ago

Any relay that accepts ephemeral events should work

Paid relays don't work for this because clients need to create a new keypair for each login

Auth relays can work but no clients use auth for the bunker stuff so I wasn't able to test

What can happen with public relays like Damus is that it rate limit you

Anthony Accioly 6mo ago 💬 2

Yes. It's silly but relays like nostr.mom and nos.lol ask for PoW for Kind 24133, damus and nostr.band quickly starts to rate limit, and as you said, a lot of clients won't do auth. Also there's mostly no easy way to whitelist specific pubkeys as a lot of clients use random client keys. This is my main problem with supporting NIP-46 (and NWC as well) with Haven. For most clients to work properly I would have to allow everyone to write Kind 24133 notes. Shouldn't he a major problem given that these are ephemeral, but still... We need better NIP-46 libraries for clients so that I can at least require AUTH and whitelist a few client pubkeys.

Silberengel 6mo ago 💬 2

I whitelisted kind 24133 on wss://thecitadel.nostr1.com . That's our public relay.

Silberengel 6mo ago

Could maybe also use wss://freelay.sovbit.host from nostr:npub1gnwpctdec0aa00hfy4lvadftu08ccs9677mr73h9ddv2zvw8fu9smmerrq .

Enki 6mo ago 💬 2

I'll be working on the spam filter when I get home from a potluck this evening. I can make sure that kind is whitelisted for yall.

Silberengel 6mo ago

🥰 Thank you!

Anthony Accioly 6mo ago 💬 2

Thanks, both. This will definitely help!

Access to TheForest was the best 300 sats "investment" I’ve made on Nostr :)

Siberengel, just a heads-up from someone a bit disappointed with… well, humanity in general (you have to be a special kind of person to attack an unfunded open source dev paying for their infra out of pocket… but alas, here we are):

I may be preaching to the choir here, since you’ve been running TheForest for a while and have probably whitelisted other kinds of notes before… but do set tight policies and keep an eye on your observability tools.

I don’t know if you’ve had to deal with “enthusiastic fans” “improving Nostr” before… but folks can be very ingenious when attacking relays. I’ve had to deal with a bit of everything, from carefully crafted queries with complex filters designed to choke Khatru, to bots writing massive notes until the relay runs out of disk space.

Hopefully I’m just being paranoid here and folks won’t try (or manage) much with an exotic ephemeral kind. But sadly, on the internet, good deeds rarely go unpunished 🤣.

Silberengel 6mo ago

Yeah, we had to think, for a while, before determining if thecitadel should be public. It seems to work because it contains no "social notes" (kind 01 or 1111), but cloudfodder sometimes has to deal with some craziness.

We might eventually move to AUTH without a whitelist, as needing to do that ping-pong authorization slows them down.

Anthony Accioly 6mo ago 💬 2

I think the 300 sats are a good deterrent. But TheForest does accept social notes, right? (At least for "paying" members?)

Ah, on that front... The script kiddies have evolved. AUTH no longer deters them, unfortunately... But it does deter... like 90% of clients on Nostr from writing to and fetching kind 24133, unfortunately.

I mean, AUTH does help a bit, PoW above 28 also helps a bit, but other than charging some sats or a strict WoT I haven't found a good solution for public relays yet.

Silberengel 6mo ago

We have an AUTH mirror for every non-auth relay, running on NFDB.

TheForest accepts social notes, yes. It accepts almost anything, but only for community members. TheCitadel accepts from anyone, but only certain types.

Anthony Accioly 6mo ago 💬 4

Got it, makes sense. I had both relays mixed up. The NFDB mirrors are a good idea... Then it becomes Semisol’s problem, and I’m sure he’s dealt with every category of Nostr attack at least twenty times.

Unfortunately, there’s not much we can do about NIP-46 libraries that won’t use AUTH.

Assuming this can be made to work on Nostr1, maybe it’s worth considering whitelisting kind: 24133 without SATS and AUTH on TheForest as well? I have nothing against TheCitadel by any means, but since I’m already using TheForest as a write relay, it would be convenient to use it for NIP-46 too.

If this doesn’t bring too much additional inconvenience (though I’m aware anything public on Nostr comes with some pain), it’d be brilliant for sure.

Silberengel 6mo ago 💬 1

Okay, added it. nostr:npub10npj3gydmv40m70ehemmal6vsdyfl7tewgvz043g54p0x23y0s8qzztl5h That should override the whitelist controls, right nostr:npub10npj3gydmv40m70ehemmal6vsdyfl7tewgvz043g54p0x23y0s8qzztl5h ?

Anthony Accioly 6mo ago 💬 1

Tausend Dank!

Anthony Accioly 6mo ago

On Amber I'm getting "Paid relays are not support message. nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5, I assume this will fix it once released? https://github.com/greenart7c3/Amber/commit/8c25535aea8898a61064638a77ba07a0a8dd61f6

greenart7c3 6mo ago

Yes, in the next release it wont show this message

Anthony Accioly 6mo ago

Working well! Just tested with my bastaderised version of nak + Jumble, noStrudel, Amethyst and Nosotros, both bunker and nostrconnect tokens working well over TheForest. I've also tested it with both a npub that is whitelisted and an external one.

I've rebased the PR above on top of Fiatjaf latest changes to nak if anyone else wants it. Thanks a million again!

cloud fodder 6mo ago 💬 2

yep! this is the right move for these obfuscated pubkey type services.

Silberengel 6mo ago 💬 1

Thanks 🫂

It turns out that Amber wasn't as hard to implement, as I'd thought. The relay was just unreliable.

cloud fodder 6mo ago

nice, i saw nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5 gave you a code snippit a few days back, do you think this info is easy enough to find on the amber github? if not, maybe you could do us future implementoors a favor and PR it for them?

Anthony Accioly 6mo ago 💬 2

Beyond Amber-specific code snippets, NIP-46 (https://github.com/nostr-protocol/nips/blob/master/46.md#direct-connection-initiated-by-the-client ) itself needs some love.

For example, while implementing the Direct connection initiated by the client flow, the NIP states:

1. That a secret value must be provided to avoid connection spoofing, and that clients must validate the secret returned in the connect response.

2. That the connect command should return either "ack" or `` (emphasis on "or")

So I knew I needed to return the secret in the response… Still, I had no idea that most clients expect a response containing exactly:

```

{

"id": [secret],

"result": "ack"

}

```

I had to reverse engineer this from client libraries. It would be nice to clarify this kind of thing in the NIP itself.

Silberengel 6mo ago

Good luck with changing a NIP. 😂

Anthony Accioly 6mo ago

Ah, I have enough side quests, lol. Just trying to rage bait someone else to do this.

Anthony Accioly 6mo ago 💬 2

By the way, tried to zap you, got a timeout from Alby just for a change :).

UnitWon 6mo ago

https://www.youtube.com/watch?v=w7XJRPUqknc&ab_channel=Clockateer

Silberengel 6mo ago

Thanks, anyway. The server was down, yesterday. Took our NIP-05s out, so I noticed quickly, but it took a while to resolve.