Replying to Avatar Ava

I have been using Nostr for two years now, and the lack of a NIP-09 (event delete) or its equivalent standard on Nostr is, more than ever, a significant privacy and safety issue built into the current version of the protocol.

Snowden warned us of the dangers of a permanent record. Have we not learned anything?

Nostr, as it is right now, is a permanent record that seeks to tie all of your apps and your coin transactions to one key pair.

If that key pair is ever compromised, EVERYTHING is compromised.

If you accidentally doxx yourself, you are HOSED.

It's bad OPSEC. And it sounds like a honeypot waiting to happen.

Amber (event signer) is a decent workaround, but it has not passed a third-party security audit, and I still believe a parent/child key system is the way to go as it does not expand your attack surface by having to depend on a third party to keep all of your Nostr business safe.

Now back to event deletion...

The protocol is the protocol. Relays must use the protocol to participate in the network.

If the protocol requires honoring event deletion requests to participate in the network, then Nostr will have avoided this festering security and safety issue.

If certain #Nostr devs don't stop saying universal post deletes can't happen because of xyz (insert biased limiting belief/excuse here), and start figuring out how it can be done... it's a protocol design that's dead in the water to anything but mostly nameless, faceless anons.

The future is privacy-first, client-side computing, not relays. The clock is ticking.
Avatar
atyh 1y ago

Im surprised that ephemeral notes is not the norm. From a design perspective, over a long term timeline, storing everything on relays permanently seems unsustainable.

It seems more reasonable that the default time a note exists on a relay should be some arbitrary number of days, with permanence being a service or a self hosting option.

Where the idea of storing everything forever came from I don’t know. 🤷

Reply to this note

Please Login to reply.

Discussion

Avatar
Low Information Voter 1y ago

"The bad people" can and will store anything broadcast on Nostr that interests them, for as long as they please, NIP-09 be damned.

It is _polite_ for relays and clients to honour NIP-09 requests, but let's not mistake that for any kind of security.

At best, this could inconvenience bad actors who (a) lack the resources to store everything even short term and (b) who first took an interest in your account AFTER you posted a delete request for your content of concern.

Yeah. Nah.

SSB was very good training there.

Avatar
atyh 1y ago

this whole topic is very odd.

the way people respond is quite strange.

People who want it, invoke portents of doom.

And people who don’t, misrepresent difficulties in achieving it as gigantic impossibilities, so don’t even try, and you’re dumb for suggesting it.

The amount of emotion connected to this, and the know it all vibes seem quite weird and out of place.

it’s a curiosity

Avatar
Low Information Voter 1y ago

I didn't use the word "dumb".

I prefer to think they haven't given thought to the practicalities of retrospectively changing data that was broadcast in an open ecosystem that already has bad actors inside the walls.

Avatar
atyh 1y ago

I have no emotion about it one way or another. I see logic in all the arguments. I’m just trying to determine for myself if the overall misplaced weirdness in these conversations is driven by ego and immaturity, with a dash of Twitter style toxicity habit, or if there are some underlying motives.

I think you’re all great. 🤷

Avatar
Low Information Voter 1y ago

I think so, too.

I've followed @ava since about the first day I joined Nostr, and her posts are very informative.

But this particular issue attracts too much wishful thinking and not enough information theory.

Avatar
Aida 1y ago

It is like seeing Stargate and saying we should build those and explore the universe... It would be great, maybe it is even possible with technology advanced enough—who knows, but right now I can't imagine it could be done. It is not dumb to ask for something like that per se, but it doesn't change the fact that it can't be done.