Replying to Avatar Ostrich McAwesome

So basic introduction for anyone interested: I am a gray hat hacker and cybersecurity awareness activist who likes to stir up privacy-centered networks. I have probably met some of you before.

I actually came here looking for a challenge. I've been lurking around here in some form or another for about 4 months now, playing with different clients and tools, even running my own testnet (3 stirfry relays on a VLAN). Mostly I have been focused on the community and how people use different clients. I've been playing with some good open source tools and getting an understanding of how to interact with relays.

Personally I'm not all that into Bitcoin, but I do have a whole BTC in cold storage so I guess I've got that going for me. This whole lightning thing is new to me, I don't really ever spend Bitcoin, and my actual business makes me plenty of fiat.

So far I am impressed with the community. A little too wild-west in some areas since there's hardly any moderation tools, and the community isn't quite interested in the same things that I am, but I do see a lot of advocacy for privacy and digital freedom, and I like that.

But the whole system here is, regrettably, broken. The promises made about Nostr don't live up to reality. A network like this has the potential to become so much more, but there is a lot to lose if it is done wrong.

I intend to help expose these problems. Expect me here for a while. There are a lot of vectors for attack, and I plan to give them all visibility.

Nostr devs, please pay attention. With no centralized network development, all of you are responsible for fixing these issues.
Avatar
elsat 1y ago

Thanks for bringing privacy to the forefront. Few read the respective nostr github project documentation on privacy. Your method of exposing privacy on base nostr protocol has been effective.

> hardly any moderation tools

Despite this, the discourse is more civil than that of twtr. Maybe it’s a function of nostr’s tiny size, and lack of algos.

nostr:npub1wmr34t36fy03m8hvgl96zl3znndyzyaqhwmwdtshwmtkg03fetaqhjg240 and nos social are as far as I’m aware thinking and developing most on moderation tools.

I don’t know how far they’ve gotten - that said one of the benefits of nostr is you don’t have a mandatory moderation curator in a WEF stooge. You can have a feature where you choose your own moderator - for instance you can choose Jack.

nostr:npub1g53mukxnjkcmr94fhryzkqutdz2ukq4ks0gvy5af25rgmwsl4ngq43drvk implemented web of trust network hops filter more than half a year ago on Iris messenger.

> no centralized development

Yes, this is a feature. Otherwise we’ll get another closed big tech gulag.

You are more than welcome to submit PRs to Damus, and I’m sure many others will happily review patches. Nearly all of nostr is FOSS, and lead devs welcome patches.

Example code and issues https://github.com/damus-io/damus

Reply to this note

Please Login to reply.

Discussion

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

please stop saying "submit PRs to x" everyone

the devs are usually either too busy or too obnoxious to pay attention to such efforts

just fork it and fix it on your fork, maybe they might consider backporting it later from your fork...

Avatar
elsat 1y ago

Having a front row seat to nostr dev it’s worked quite well for Damus.

Lead devs appreciate clear, and succinct patches that do a single thing well. These are worth their weight in gold. There are sats reward if done correctly at least from Damus.

Is there friction in establishing contribution norms and the first patch- absolutely. Veteran devs figure it out quicker than junior devs .

Not sure the OP’s track record with FOSS - maybe he needs a prompt.

Avatar
Ostrich McAwesome 1y ago

1) Once you have an account established and are following people it is mostly fine, but it's hard to browse the global feed without seeing strongly undesirable content such as lolicon (or worse). This is a natural consequence of being censorship-resistant, but it will scare new users away. I'm excited to see how this can be reigned in without harming the free speech of other users.

2) By "centralized development", I just mean any standard unifying practice for development. Centralizing a core Nostr codebase under GPL would keep it property of the people forever, while making sure all bugs and weaknesses are patched for everyone. Everyone doing things their own way is a recipe for disaster. Death by a thousand cuts.

3) I have never used Damus, so nothing I've uncovered is specific to them. Finding a weakness in Nostr means every affected Nostr project needs to fix it independently. Even I don't want to write that many bug tickets.

Avatar
elsat 1y ago

1) Agree on the anime p*rn being an eyesore for most. Certain relays have more than others. Agree protocol allows for this, and it is the tradeoff of censorship resistance. I see onboarding as the initial part of the challenge here. Specifically on Damus, the current band-aid solution during onboarding is to have a list of suggested profiles to follow thematically separated (homesteading, parenting, media etc.). Discovery post-onboarding, and the "universe view" is the never-ending continuation of this question. Team is aiming to explore the design, and experience here soon ™️ .

Further to the **** problem, there's some work done on using opt-in sensitive image scanning on Damus. It's not complete, and not yet tested for reliability and robustness.

2) > Centralizing a core Nostr codebase under GPL would keep it property of the people forever

My understanding is nostr code is licensed (verbatim) as "public domain".

3) I got you, and appreciate effectively pointing out a single weakness thus far. I hope you continue exposing weak points. Here is a proposed solution for a single client: https://github.com/damus-io/damus/issues/1897. If you have feedback on this solution, I'd be happy to pass on to the dev team. If it's just the problem statement/issue you want to share, I am happy to put on the radar of various nostr clients by generating a bunch of issues.

Lmk if/how I can be of help.

Avatar
Ostrich McAwesome 1y ago

One fundamental flaw I see with this idea is that if you are addressing the method in which I gathered these IPs (via DM), you would have to send decrypted URLs from a users end-to-end encrypted DMs to the image proxy, which endangers privacy in a new way because it revealed part of the message to the proxy. Now you have to trust the proxy with potential secrets.

Link Previews are also a vector for attack here, and it would be even worse to send all DM'd URLs through the proxy.

I also worry that image proxies could bloat the cost of running a client, are a form of centralization (this solution only benefits Damus users), and are a vector for DDoS/Abuse.

Avatar
Mike Dilger ☑️ 1y ago

Gossip client doesn't even have a way to see global relay posts. Apparently I missed out on shower girl, 🍆-pic day, and lots of other things.

Now that users can mark relays as 'spam safe' (trusted to moderate content - I should probably rename it) I may add in a global feed for those relays.