Avoid client-side moderation, rely on relays.
Discussion
Bullshit. You can see the clients code. You cannot see how relays moderate you.
Tell āemmmmm
Keep relays fast and dumb, make the clients smart. This is the foundation of Nostr.
You just made that up, you know.
Even if he did, heās right.
Feels like he wasnāt just making it up. This was my sentiment as well and here is an excerpt from your blog.
That is the very short summary, it doesn't contain everything.
You don't have to. What harm can they cause to you?
Seriously? I have seen relays deleting posts they don't like (political positions, etc) without telling anyone. I have seen them delaying posts that have a criticism of the product that happens to be sponsoring them. I have seen them hide counts and act as if those were at the "bottom of the database".
NEVER trust any relay.
These things are expected, they do not hurt you in any way. If a relay has deleted something that is not different from the relay never having seen that event anyway.
You shouldn't count on relays having all the events in the world, that's not what I said.
They are expected indeed. That's why one should NEVER rely on them. Don't entrust relays to moderate anything because you don't know what they are running.
Clients are always "moderating" because their choice of UI **is** moderation in itself.
That's why I also say people show NEVER use a closed-source client in Nostr. A closed-source client can create and display "events" as if they were signed by the author even if they didn't. They can create things out of thin air.
Use only open-source clients so that you can verify what's happening in code and create an expectation of behavior that can be constantly checked.
I mostly agree with you, but I think we're talking past each other.
is there a way to do software verification where an implementation would periodically self sign a note saying itās verified its build?
and then also broadcast relay actions?
Even, just to see the relay actionsā¦ not to move all trust of moderation to relays.
Yep, it's called reproducible builds. Amethyst has this active. It means that anybody should be able to check if the APK I published matches the code on the repo by recompiling the app with the same code/parameters.
but for relays on servers one would need like artifact sharing?
That's disturbing..šš¤
Iād like to be able to connect privately to my own relay for backing up notes. Is it possible to connect to a relay and no one else be aware/able to see that connection? Encrypted relay list?
VPN is the only way.
Sorry, half reply. You can add a local IP (192.168.0.x, etc) to your relay list while we don't have private relay lists. In that way, people know you have a local relay but there is no way to know where.
Would you need to be on your local network to backup then tho? Can you connect to this local relay from the internet?
Correct. If you make something outside of a local network, you have to place it inside a VPN for now. Otherwise, everyone will know you have access to it.
OR, you can use NIP-42 to authenticate with your public keys to write and read from the relay.
You can also use something like tailscale or wireguard
Your client literally censors ppl for no reason, including me.
Yep, and it's written in the code that everyone can see. That is my point. People can use Onyx if they dont like the filter or simply disable the filters in Amethyst's settings.
However, you have no idea if relays are censoring you or not (hint, they are).
Yes, but there will be thousands of relays. Anyone can setup their own relay and others can broadcast the note to other relays.
Very few people have the ability to create their own client. Right now, if 5 clients decide to censor a user, nobody would ever see them.
There are dozens of clients already. Hopefully, we get to thousands. You don't need to create one from scratch, you can just fork it and remove the things you don't like... like Onyx did.
Clients make 100s of decisions in the visibility of posts. For instance, Amethyst didn't show non-like reactions until this week. They were always displayed as red hearts. Is that censorship? To some extent, yes. But if so, then every client is censoring everyone, all the time.
Don't trust anyone. Not relays, not clients. The only thing you can be sure of is the code that you can see and verify. If you can't verify, hire somebody who can, or fund a group that does it for you (but then you are trusting the group).
The idea that ppl should just ālearn to codeā, or pay hundreds or thousands of dollars to vet an app theyāre using is simply ridiculous.
It's not that expensive. Lots of people do it for free like Tony did with Onyx.
But welcome to real freedom.
Censoring a hug emoji because your client hasnāt implemented it is much different than censoring the text of a note. Damus doesnāt render markdown, but the words are still there.
Iām a bit confused about what youāre arguing for. If relays already censor, and we cannot verify what theyāre doing, how does it help to have an open-source client that explicitly tells you they censor? Thatās just adding more censorship.
At least if I feel like 5 relays are censoring me, I can add 10 more. If Iām censored on Amethyst, I may never know that 1000s of people arenāt seeing my notes, and they also donāt know I even exist.
I have that problem rn. I literally donāt know who can see my posts because of Vitorās censorship.
He doesnāt seem receptive to reason, and seems to condone using reports as a valid means to censor ppl, considering it doesnāt stop spam at all.
Ok but your distributed unaccountable censorship system (which should be opt-in btw) canāt be challenged. If a relay claims they do not censor, itās a lot easier for me as a non-technical person to verify that than it is to go into a bunch of code I have no idea how to read and find out how youāre censoring me (which you are btw).
Relays have an incentive to abide by the policies they establish, and they can be exposed if theyāre lying.
Your system has no recourse, and thereās literally nothing I can do to contest being censored by the policies you arbitrarily set (that gives weight to false reports for whatever reason), particularly since many ppl canāt even see me.
Not to mention how ppl have told you that they literally had no idea your app was censoring ppl. āRead the codeā isnāt a reasonable suggestion, most ppl canāt.
Also there are tools that you can use to check whether your posts are being relayed.
Client-side filters are the future. I donāt like relying on relays to curate content. Users can discern locally (1st person POV) rather than relays discerning globally (deciding the 1st POV for everyone else).
Both types of filtering will occur, but I prefer client-side so as many relays as possible host diverse content.
The moderation needs to be a third service. Where relays and clients can opt in to which moderation regirme they want to use and moderation decisions can be opt in and transparent.
What if instead of clients and relays opting in, just users can opt in?
Sure, but I don't see why introduce this unnecessary complexity.
In most cases as a client you can pretty much
- for whoever you follow or are interested in, request data from any relay, whatever relay on Earth, you really don't care what relay
- for cases where you'll get data from people you don't know ("global feed", replies etc), request data from relays that enforce policies you agree with ("no posts without PoW", "all posts must contain the word 'soup'", "only posts from women", "posts must be manually approved" etc)
I think you're both right, but I tend to lean towards the FoaF (friend of a friend) moderation algorithm. FoaF makes newcomers work to get reach, because they need to know someone, and it's something that Scuttlebot did right so we all know how it works.
You can include a dial for less toleratant people that can be turned down to 'just friends', and people who want to explore more can dial it up to 3 or 4 hops if they want a global feed.
this feel too complicated. just rely on relay for moderation, right now relay feel likes a data redundancy layer on nostr, but eventually each relay will became its own social community focus on specific topics and interests and acts as a content moderation/curation box that user can plug-in
Noooo
Primal.
š
There are, and always will be, far more relays than clients. It requires practically no effort to switch between relays from within a client, to achieve the moderation you want.
Relay moderation > client moderation
Relays should be dumb pipes. If they start moderation, they become the gatekeepers
Would a model like pi-hole work? Something that sits between the relay and client, that does said filtering for you?
Yes. There are some people doing this. https://nostr.wine/ for example.