why WoT probably canβt just be your contact list, its easy to trick people into following fake accounts. Ideally we should have explicit verification as a more reliable add-on to make WoT scores more accurate.
In PGP keys are not trusted by default for this reason. wen nostr key signing parties. nostr:note14a0leyxp07vy5fdtgv8sx7j5eve9h4fcwjraa8dvetf96pzqw8lqf876tz
but maybe this could just be solved socially for now, point out to users they are following low-scoring profiles. I hear coracle has a good ui for this.
we need livestream video parties where people can shit talk and verify each other π€ some gamified thing where sats thrown around..
There was a bit more of a follow4follow and follow everyone mentality on nostr, a bit less now. But I think that kind of thing could / has been exploited.
nostr:npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft key signing parties by EOD ?
If your own reputation is tied to the validity of what you represent to a particular WoT system, you'll be more careful.
I imagine a nuanced, "Level of Trust" system:
0) I know this person and would trust them to babysit my grandchild
1) I work with them, they're OK
2) I see them occasionally, they seem nice
3) Met them online, they seem solid
4) Online, prolly not a bot...π€
5) Online, sketchy as hell...
6) Who the heck is THIS?
That's the gist, could be refined/scored in many ways.π
When thinking about WoT, we have to consider where Nostr is headed. There is a social WoT usecase & a commercial WoT usecase. The social usecase is pretty much already solved because Nostr discovery is inherently difficult.
There's little risk involved with simply following someone & you can't have trust without someone taking some risk. We humans assign a level of trust to our relationships, it's not a binary assignment.
If an npub is followed by an arbitrary number of npubs that I also follow, then that's probably enough for me to also follow them. To risk wasting time reading their nonsense, which can be easily solved by an unfollow and/or mute.
Would that be enough to send them sats for goods/services? Maybe it's enough to take a small risk with them. What happens if I feel they've acted poorly? How can I warn my other followers to be careful with them in the future? It's the transition from social to commercial trust that is difficult to solve.
If an npub that I trust creates a nym npub for the purpose of selling, how does that npub generate trust? How can I use my reputation to help support them & their business?
This isn't about eliminating risk, just reducing it. It's about assigning a cost to acting unethically. To minimise the value 1 npub can extract before they're exposed.
Value is subjective. How dare anyone derive implication from my choice to follow an account with my chosen npub. Projection. If I don't explicitly indicate the meaning of the interaction for the express purpose of informing WOT score information derivation, the fools should not assume one. And they should rate me based on how trustworthy my explicit indications are. Christ am I going to have to come up there
