If these are the worst issues then we have come a long way π
Discussion
Those are features π€£
Someone wrote "The UI of Nostr still kinda sucks" and now I'm not sure what the UI of Nostr is.
How can a protocol have a UI? π
And a password? What password?
The "fake accounts" thing is solved by web of trust, no ?
It is resolved by NIP5 : https://nips.nostr.com/5
Sure but it takes some effort to setup.
If we are talking about how 95% of people use it, then not at all.
Many beginner friendly Nostr clients now automatically assigns nip05 address for you. So it kinda failed as a 'verification' mechanism unless you have a well known domain that belongs to you and took the effort to set it up.
Oh, sorry, I misread your reply. Yeah.
Partially wrong. NIP-5 as used by 99.9% of people doesn't "verify" anything. It is just an handy way to share/search contacts. Only people that own a well known domain can leverage it as attestation of their connection with it.
badges π, few know how to make badges
One key issue worries me. Could there be a two-key standard (one hot and one cold)? With such approach, if your hot key is hacked (since itβs stored within apps), you could use the cold key (stored in a secure hardware device) to generate a new hot key and somehow invalidate all the posts or actions made since the moment the hacking occurred.
yeah there has been a few proposals on this but I don't think they really took off. it's just not a common problem (yet)
i would love a tapsigner as a second key NFC to my phone (e.g. stuck in the phone protector or smt) and have this 2of2 capability on mobile
the UX I'm moving towards is nsecbunker + confirming signing requests with your apple watch. would be cool af. multisig might be too annoying for every time you want to like a post.
hence the tapsigner fixed in place
musig is handled in the back so the user doesn't need to worry
you can have a backup tapsigner at home for when you lose the phone and have both keys in an alby extension for desktop and also backing up for phone lost case
ps i would like to not have to
1) have an apple watch - dislike ecosystem, dpmt wear a watch
2) touch my phone to sign for every single message. you may have noted when i post, i post a lot
you wouldn't be required to use an apple watch, I was just thinking of the optimal and least annoying UX for a damus nsecbunker implementation.
I guess it could auto-sign, but I personally wouldn't use that. clients are very buggy and nuke contact lists all the time
ps i would like to not have to
1) have an apple watch - dislike ecosystem, dont wear a watch
2) touch my phone to sign for every single message. you may have noted when i post, i post a lot
Look into nostr:nprofile1qqs04xzt6ldm9qhs0ctw0t58kf4z57umjzmjg6jywu0seadwtqqc75spzpmhxue69uhnzdps9enrw73wd9hszynhwden5te0wp6hyurvv4cxzeewv4eszynhwden5te0wfjkccte9enrw73wd9hsxv8qkt nsecbunker
Password reset it is π«‘
Probably an old tweet... And aged like milk.
looking for checkmarks lol
omg nostr:npub1lrnvvs6z78s9yjqxxr38uyqkmn34lsaxznnqgd877j4z2qej3j5s09qnw5 s meme of this will be glorious
Looks like a todo list :)
Even if all that's the case, it still doesn't "suck". I am thoroughly enjoying myself on this pla..... protocol π
It's weird how many "bitcoiners" don't seem to understand public/private key pairs
Sounds like nothing super important and mostly addressable going forward π₯³
Those are all real and big issues, though.
I guess big is relative when you've been around when threads didn't load and you could barely tag anyone xD
nip-49 great again
Nip-28 great again
Nip-17 great again
π
Very happy to see this concise list. Can't imagine how long a piece of paper he would need to write down all the feedback when he tried Nostr last year. π
ah, iam not alone with the image problem π
But on Nostr I own my content. On legacy platforms I don't own it.
They do.
And I don't have to give my phone number to be here.
For the problems of knowing who DMs who, the NIP-42 could possibly solve this. It would however require its impementation being mandatory for a relay, and require a user to be authenticated towards said relay in order for it to send the DMs back though.
And for the wallet that gets hacked, I'd say... Don't use a client that doesn't support an extension to handle the keys (not sure though) ?
Or a signer app (Again, not sure if that's the intended purpose, nor if they are widely supported π )