Subnostr

Discovered an interesting flaw with NIP 87 groups — people expect to be able to change access settings (take a group private). But publishing a note requires choosing whether to encrypt it or not. This decision can't be changed retroactively, especially not by someone else like the group admin. Maybe server control is the only way to do this, and NIP 29 is better. But then we're just back to trusting servers 🧐. Maybe I should be less ambitious with private groups.

MichaelJ 2y ago

I've been thinking about similar access control problems on Nostr lately. The immutability of notes presents an issue.

Maybe access-controlled notes can be their own kind in the 30000-39999 range (parameterized replaceable), so when a group is taken private, the existing notes can be encrypted and replaced.

Reply to this note

Please Login to reply.

Discussion

No replies yet.