In 1992, Phil Zimmermann added a feature to PGP version 2.0 that was supposed to solve one of cryptography's hardest problems. He called it the "web of trust." The idea was elegant: instead of relying on certificate authorities to verify that public keys belonged to their claimed owners, users would vouch for each other. You sign my key, I sign yours, and through chains of these signatures, strangers could eventually trust each other's identities.
The vision was decentralized. It was also a complete failure.
Thirty years later, the PGP keyserver network is dead. GnuPG disabled web of trust functionality by default after spam attacks made keys unusable. The dream of cryptographic trust without central authorities died not because the math was wrong, but because the design asked too much of humans.
Nostr has quietly built what PGP could not. Its web of trust works precisely because users never have to think about it.
## The Ceremony Problem
PGP's web of trust required users to perform explicit trust rituals. You would attend a "key signing party," verify someone's identity through government documents, sign their key with your private key, then upload that signature to a keyserver. Back home, you would configure your keyring, assigning trust levels (unknown, marginal, full, ultimate) to various keys. The software would then calculate which keys were "valid" based on weighted combinations of trusted signatures.
This was not a workflow that scaled beyond cryptography enthusiasts. Tim Berners-Lee, reflecting on why PGP never achieved mass adoption, noted the UX failures: dialog boxes telling users to "do X" with no button to do X, multi-step processes to download and sign keys without explaining what any of it meant, the general sense that using encryption required joining a secret priesthood.
But the deeper problem was structural. Most users believed the web of trust worked like "six degrees of separation," where trust would propagate through long chains of connections. It did not. As Hal Finney explained in 1994, "You can only communicate securely with people who are at most two hops away in the web of connections." You could trust keys signed by people you personally knew. That was it.
By 2019, the keyserver infrastructure was collapsing. Malicious actors discovered they could flood popular keys with thousands of garbage signatures, causing GnuPG to crash when importing them. The SKS keyserver network, which had synchronized keys globally since the early 2000s, shut down entirely in 2021 after operators couldn't process GDPR deletion requests for a system designed to be append-only.
The explicit trust model created a bureaucracy. Bureaucracies don't survive contact with spam.
## Trust as Byproduct
Nostr takes the opposite approach. Instead of asking users to perform trust ceremonies, it extracts trust signals from actions they already take.
When you follow someone on Nostr, you publish a kind 3 event listing every pubkey you follow. This is not a security ritual; it is the normal behavior of using a social network. But that follow list, signed by your key, is now a cryptographic attestation. You are implicitly saying: these are the people whose content I want to see, whose judgment I find valuable enough to include in my feed.
When you mute someone, that too becomes a signed event. A warning to anyone who shares your sensibilities.
When you zap someone,, you attach an economic cost to your endorsement. Fake accounts are cheap; sats are not.
The Nostr protocol did not invent these actions. Follows, mutes, and tips existed on centralized platforms for years. What Nostr did was make them cryptographically signed, publicly attestable, and aggregatable into trust scores. The same behaviors that made Twitter addictive now make Nostr's web of trust function.
This is the design insight that eluded PGP: trust should be a byproduct of normal activity, not a separate task requiring special knowledge. The cypherpunk who wants encrypted communication and the normie who just wants to shitpost both produce useful trust signals by doing what they were going to do anyway.
## Computing Trust from the Social Graph
Raw follow lists and zap receipts are data. Turning them into usable trust scores requires computation.
The dominant approach borrows from Google's original insight. PageRank, the algorithm that made web search work, solved a similar problem: determining which pages were important based on link structure. A page linked by many important pages was itself important. The algorithm was resistant to spam because creating fake pages that linked to you didn't help unless those fake pages were themselves linked by real pages.
Personalized PageRank adapts this for social trust. Instead of computing a single global importance score, it computes importance relative to a specific user's position in the graph. If you want to know how much to trust some pubkey you've never seen, the algorithm simulates random walks through the follow graph starting from your account. The more often those walks land on that pubkey, the more connected they are to people you already trust.
This is what Nostr.Band does when filtering search results. It seeds initial trust to accounts with verified NIP-05 identities, then lets PageRank propagate through the network. "If initial weight is given to a spammer by some accident," their documentation explains, "they are most likely losing it all by the end of the calculation, because almost no one interacts with their content."
Coracle, the client built by hodlbod, implements a simpler version directly: your WoT score for someone equals how many people you follow who also follow them, penalized by how many people you follow who have muted them. Crude but effective.
## Vertex and npub.world
For developers who don't want to build graph analysis infrastructure, Vertex offers web of trust as a service. Their system crawls Nostr follow lists continuously, computes Monte Carlo PageRank scores, and exposes them through a DVM (data vending machine) interface. Query with a source pubkey and a target pubkey; get back a personalized trust score, follower counts, and the target's highest-ranked followers.
The companion tool npub.world provides a search interface for finding profiles within the Nostr network, leveraging the same trust infrastructure.
Vertex explicitly rejected the emerging NIP-85 standard for "trusted assertions," which takes a different architectural approach. Under NIP-85, service providers publish kind 30382 events that make claims about entities. The `d` tag identifies the subject (typically a pubkey), and additional tags carry the assertions: a `rank` score, follower counts, zap totals, or any other metric the provider computes. These events sit on relays like any other Nostr data, and clients can subscribe to assertions from providers they trust.
The model has appeal. It keeps everything in Nostr's event system. Users choose which assertion providers to trust, similar to choosing which relays to use. A client could subscribe to assertions from three different WoT services and weight them according to user preferences. The data is cacheable, auditable, and portable.
But Vertex identified a fundamental limitation: NIP-85 assertions are computed for a generic audience, not personalized to the querying user. If you ask "how trustworthy is pubkey X," the answer depends on who is asking. Your social graph differs from mine; your trust scores should differ too. Pre-published assertions cannot capture this. They answer "how trustworthy is X according to service provider Y" rather than "how trustworthy is X from my perspective."
The deeper problem is discovery. Static assertions require you to already know the pubkey you want to evaluate. But web of trust should help you find trustworthy accounts you don't yet know about. "Who should I follow?" is a harder question than "should I trust this specific person?" Real-time personalized computation, responding to the specific user asking the question, enables recommendations that static assertions cannot.
This is an ongoing debate. The WoT-a-thon hackathon running through April 2026 is pushing for NIP-85 adoption, with a dedicated prize track for implementations. Different approaches will compete, and the protocol will evolve. The tension between pre-computed portability and real-time personalization may not have a single correct answer.
## What Remains
Nostr's web of trust is not a solved problem. New users face a cold-start problem: without history, they have no trust scores, making it hard to break into existing networks. The computation itself, while based on decentralized data, currently runs on centralized services like Vertex and Nostr.Band. Public follow lists, which make WoT possible, also leak social graph information to anyone watching relay traffic.
But the fundamental architecture is sound. Trust signals emerge from normal behavior. Algorithms convert those signals into personalized scores. The user never has to attend a key signing party.
Zimmermann's 1992 vision was right about the goal: decentralized trust without certificate authorities. He was wrong about the method: asking users to do extra work. Nostr's contribution is recognizing that the work was always happening. It just needed to be captured.
---
**Artwork Suggestion:** "The Syndics of the Drapers' Guild" by Rembrandt van Rijn (1662). Guild officials whose role was verifying cloth quality through reputation and repeated honest dealing. Trust built through commerce and mutual accountability within a network, not through central certification.
