What are massive nostr flaws?
Discussion
Discovery
Privacy
Lack of data control (for non-tech users who don't run a relay)
Spam
Filtering
Granted most of these are non-problems currently, because the community is small. But if a critical mass of attention comes to nostr, so will attention seekers of all sorts and the signal to noise will plummet. This will force relays to employ increasingly sophisticated filters, which will make it ever harder to run your own. This will create a centralizing forcing function.
This exactly what happened to email. Nothing prevents nostr from the same fate especially if it gains a wider audience who cares more about security than freedom.
The issues are solvable and Nostr is well-positioned to solve them but it isn't guaranteed. The only absolutely solid thing nostr has is users owning their own keys. The rest needs work.
Discovery - can be built on what we have
Privacy - IP privacy is done by lower layers. If not good enough, fix it down there not up here.
Lack of data control - would a REMOVE command help? At the tooling level I agree, we don't have good tools, but at the protocol level what is needed specifically?
Spam - I think client-side we are in a pretty good position. Relay-side it is always going to be a nightmare IMHO.
Filtering - I think you refer to spam again, but if you refer to REQ filters, I think a (positive, negative, limit) system is better (probably off topic)
Email became centralized because it is a push-based system. If your sending server isn't "trusted" and might be a "spammer" then the other systems refuse to accept email from you. But the outbox model is a pull-based system (like websites are). You can always come to my outbox and see my stuff, nobody can get in the way of that. So I do not think the same fate awaits us.
I'm very interested in understanding the flaws and how it can be made better.
The massive flaw of nostr is that it didn't launch before Facebook hahaha