The truly interesting difference is in authentication.

In traditional servers, OAuth tokens are used to protect database write access, because all the rules of the app are made up and stored in the database itself. So the database itself is the "protected resource".

On Nostr, the database is public and open. It has no fantasies, just data. The "protected resource" is actually the user's private key. So authentication is reversed. The server demands authorization from the client rather than vice-versa. Truly mind blowing for anyone stuck in web dev for the past 20 years.