Nostr Web Client

I have been using Nostr for two years now, and the lack of a NIP-09 (event delete) or its equivalent standard on Nostr is, more than ever, a significant privacy and safety issue built into the current version of the protocol.

Snowden warned us of the dangers of a permanent record. Have we not learned anything?

Nostr, as it is right now, is a permanent record that seeks to tie all of your apps and your coin transactions to one key pair.

If that key pair is ever compromised, EVERYTHING is compromised.

If you accidentally doxx yourself, you are HOSED.

It's bad OPSEC. And it sounds like a honeypot waiting to happen.

Amber (event signer) is a decent workaround, but it has not passed a third-party security audit, and I still believe a parent/child key system is the way to go as it does not expand your attack surface by having to depend on a third party to keep all of your Nostr business safe.

Now back to event deletion...

The protocol is the protocol. Relays must use the protocol to participate in the network.

If the protocol requires honoring event deletion requests to participate in the network, then Nostr will have avoided this festering security and safety issue.

If certain #Nostr devs don't stop saying universal post deletes can't happen because of xyz (insert biased limiting belief/excuse here), and start figuring out how it can be done... it's a protocol design that's dead in the water to anything but mostly nameless, faceless anons.

The future is privacy-first, client-side computing, not relays. The clock is ticking.

Gigi 1y ago

I love clients that have an "undo" window.

Don't post immediately. Let me undo whatever I did for a couple of seconds, and if I don't, broadcast it. Prevents a lot of fuck-ups.

nostr:nevent1qqsp963hwqq430qencm9luk6t2qz5snkgn2mpex243htargfuswdqxspz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygzwhzp3p445ak2ud4n289dn6084txu9ltkg7a53mt75qk5jup2ad5psgqqqqqqsh7ev03

Reply to this note

Please Login to reply.

Discussion

Uno 1y ago

Yes, I agree with this idea.

David 1y ago

Yup

Niel Liesmons 1y ago

> whatever I did

Let's be specific:

✅ Posts, Articles, Videos, Stories, Books, Repos, Chat messages (public), ...

❌ Reactions, Private Bookmarks, ...

🤷‍♂️ Zaps, Replies, Chat messages (private), ... ?

calle 1y ago

This exists in mail clients and oh boy, the mistakes it saved me from.

Gzuuus 1y ago

I think this is the key, the great power of signing your notes comes with great responsibility. We are shifting from the old paternalistic model of 'oh, you've forgotten your password? Don't worry, sweetie, we'll fix it for you, now go back to playing with your friends in "our" (walled) garden' to being the sole responsible party for your identity and actions. For sure, we are humans and therefore we err, but the key, as you pointed out here, is that users have the possibility to contemplate their actions and responsibly take a step back before they get broadcasted and spiral out of control, rather than acting irresponsibly and hoping everyone else will cover for your lack of accountability

Gzuuus 1y ago

Also would be cool to explore the concept of a mempool relay 👀

Niel Liesmons 1y ago

Ooooh, if this is your private relay that's really cool.

Gzuuus 1y ago

Could be your private relay or another relay that offers this service 👀

I will write a rough description of this idea to see if it makes sense or not