This is the first social media platform that may be worth my time. Because it's not a platform.
Nostr is so fascinating it's preventing me from leaving my room and getting some sun.
nostr looking to be fantastic. It's got all the right energy.
To answer this, there was a "toggle replies" button at the top of the page in noStrudel. When this is activated, replies are shown and each note indicates whether or not it is a reply to another note.
Also: Is there any way to tell whether a note was written as a reply to another note?
It would be nice, though, to know that the "reactions" mean.
For example, if I click the "fire" icon, does this mean that I think the post is hot, or that I think it should be consigned to the flames?
No, that was wrong. Turns out that "reactions" are different from "replies".
I am learning to refer to replies as "reactions" ...
So when I click on a note in my timeline, it unfolds and shows replies. After unfolding, there is also a number displayed at the top of the original note that appears to be counting the replies and sub-replies.
However, as far as I can tell, before unfolding there is nothing in the original note that indicates whether it has any replies attached to it, or how many. Is there a reason for the number of replies not being shown before unfolding? Is it necessary to click on a note to see whether it has any replies or not?
I'm using the web client noStrudel. Maybe this would work differently in another client?
I set the display color mode to dark and the primary color to blue in the nostrudel web client. However, these settings don't seem to be persistent. The next time I log in, the colors are back to light and green.
So to follow through with the idea described below, here is my "backup" public key:
nostr:npub1n2sajpzdpyfa87wlw7rscfkcalel0fyhe574skeewwm0lr0dvxmqtndpgq
Just to be clear, I'm not currently using this public key. I'm just handing it out so that, in case my current private key is compromised, I can use the above public key to let people know that they should no longer trust messages signed with the compromised private key.
Now to do generate the backup keypairs securely would require the ability to generate keypairs offline (preferably on an airgapped system), but as I mentioned above I haven't been able to figure out how to do this - in particular, I haven't yet figured out how to generate a public key from a private key in a place that's sufficiently distant from the internet.
The idea was to broadcast all of the public keys to the world and let people know that, if my current private key is compromised, I will use the other "backup" private keys to sign messages letting everyone know that my initial private key has been compromised and that I disavow the initial key and anything that's done with it.
With a view to this, I thought about creating additional keypairs at the time I create my identity, with one keypair intended for immediate use and the other keypairs intended to be stored securely offline in my basement and to be used only for recovery in case the first keypair gets compromised.
Now if my password for twitter (or whatever they call it) is stolen, I can convince the twitter team that I am me and have it reset and things will be fine. Not an option here. If my private key is comporomised, my only choice is to publiclty disavow the compromised private key and anything that may be done with it, get a new private key, and re-establish my identity by convincing everyone that I'm the same person as the one who used to control the compromised private key.
But that then means that, over the long term (say over a 10-year use period), there is a pretty high probability that the private key will get compromised at some point.
Ideally I'd want to sign events on an airgapped system, but that seems impractical if I'm to use nostr for everyday social networking. The private key will, at least sometimes, have to be pasted into various applications, browser extensions, etc., with all of this taking place on internet-connected systems.
On the subject of private keys: I'm pretty nervous about the fact that the private key lives and needs to be handled (e.g. copied / pasted) in "close proximity" to the public internet (e.g. in a browser extension or a client app).
Also, I still haven't figured out how I can generate a public key from a private key offline, i.e. other than pasting the private key into a client or into a browser extension. Even having pasted the private key into a browser extension (nos2fox), the extension does not generate the public key in a format that can be copied and pasted. Would be nice to a have an easy one-stop solution for generating a keypair offline in a format where both keys can be easily copied and pasted.
Key creation: Not so easy if you want to do it offline. Had to use a combination of openssl and key-convertr in linux, and the latter needed to be downloaded and installed, along with cargo, etc., i.e. lots of tinkering with software I had never heard about.