Nostr Web Client

Yeah, I agree to some extent.... We need better mobile signers... It sucks that the only way to get that on Android is to get a custom app store

But it's really not that hard to just generate an nPub/nSec pair and start talking. I mean it's probably a lower barrier to entry than just about any other social media system...?

Anthony Accioly 2w ago 💬 6

We unfortunately have 200 other problems to solve besides NIP-47, starting with Nostr content and the attitude towards non-bitcoiners, but this is a big one for sure. I don’t think most folks are ready to move to totally ephemeral pubkeys, and reusing nsecs across experimental, increasingly vibecoded clients is just... dangerous... Nostr really needs to get the basics done right. As a community, we have wasted so many opportunities to scale Nostr already.

I joined about a year and a half ago, during one of the many huge waves of people quitting Twitter. Since then we have lost at least three other opportunities to grow. The last one was the hype around nostr:nprofile1qqs8d3c64cayj8canmky0jap0c3fekjpzwsthdhx4cthd4my8c5u47spz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszythwden5te0dehhxarj9ekxzmny9uq3zamnwvaz7tmwdaehgu3wwa5kuef0nw62p3’s deVine stuff. Every time one of the non-BTC Twitter experiments shows some promise, Nostr seems to crap its pants.

We really, really need to get the basics right for Nostr to have any chance. I don’t think lightning will keep striking the same place over and over again, and we may not get many more opportunities to make Nostr scale.

Reply to this note

Please Login to reply.

Discussion

Globe99 2w ago

I mean... I guess... People use passwords anyway so I don't see this as a huge ask?

And maybe I'm out of the loop, but what exactly is the "pants crapping" that's happening about deVine?

Anthony Accioly 2w ago

Nah, nsec is like the password for your Bitwarden or 1password, it is much more than just a password for an individual social media website. And if you have a lightining address it is like throwing your credit cards in the mix as well, you simply shouldn't use it on experimental clients (which is most of Nostr). Yes, reusing your Gmail password on vibecoded sites is bad, and this exactly why people shouldn't do it. The problem is the path not to do it in Nostr is broken.

TL;DR on deVine is that press and some big timer YouTube channels like Linus Tdch ztips got wind of it and a gazillion folks tried to join at once. Basically too many users / too heavy of a worjload for existing relay software and available relays. There was a room with the usual folks trying to provision relays for it (Gleason et all) but if you don't have the infrastructure for the normies to flock in all of the hype is wasted.

Cykros 2w ago

If you have a lightning address...with NWC.

An nsec that you use with separate lightning wallet to pay invoices just controls your online identity, not your money. And NIP-05 is supposed to address that possibility, but admittedly it doesn't seem to do it the best.

Anthony Accioly 2w ago 💬 1

The main problem is that a lot of Lightning, ecash, etc. wallets allow you to associate an nsec to unlock the wallet. Not many people pasting their nsecs into random vibecoded apps are security-conscious enough to use a separate Nostr key, so if one of those vibecoded apps leaks nsecs, you can pretty much scan the respective lud16 for half a dozen popular wallet domains and, more likely than not, hit the BTC jackpot.

Cykros 2w ago 💬 2

Oh yea, if you're raw dogging your nsec around like that, good luck.

The more I've looked at NWC the more I think I'm just going to keep paying the invoices manually with my existing lightning wallet. It was annoying when I was using speed wallet but now that I can see who zaps me using Zeus I'm pretty content with the flow as is. A little friction with the flow of money is often a good thing.

ZEUS 2w ago 💬 1

You can send zaps out with ZEUS with NWC in our next release. No need to reveal your nsec to us.

Receiving remains the same.

Rich Nost 2w ago 💬 1

What are the trust tradeoffs when choosing a nostr relay for NWC? What information about my node am I giving up to relay operators or assoiating with my npub?

ZEUS 2w ago

Only what you broadcast publicly. You use a new key pair for each NWC connection..

Cykros 2w ago

I did hear that and will be taking a look, but not actually sure it's something I'll be using regularly. I sort of like a bit of friction in sending money -- call me old fashioned.

But I do appreciate y'all giving us options :-).

GLACA 2w ago 💬 1

As long as it stays decentralized and censorship resistant we will be good. No need to push it too hard, everyone getd NOSTR when they're ready. The glitches will be sorted out.

Garbage nsec 2w ago

Far as I know, about $1m per month in grant funding is being spent on nostr. Maybe more.

If that money dries up before more users come on, that is a real problem.

Needs to be taking into account in your "when they're ready" analysis.

JOE2o 2w ago

Also 'disposable nostr' (ephemeral nsec/npub keypairs) is directly at odds with web-of-trust nostr. It's one or the other. You can't base filtering systems on web-of-trust when you can't trust normal users to keep safe the very thing on which that web is ultimately trusting.