Now seems like the perfect time to remind everyone that I’m offering an astrological new moon reading on the 17th ☺️💖
Zap this note 1,111 sats or more to sign up!
🔮💖✨⚡️
#tarot #zap #fuckapple nostr:note1wft8xjrtqf6p9750hdvqasyv6atuljp8u9fqrhq0xwsz2h57julsv4njs4
My perspective is that ad-supported relays are no longer “free”.
That said, if enough people are willing to pay for relays with attention rather than sats, then so be it. It will be a real shame if ads become the dominant funding mechanism, however, as it tends to be a centralizing force.
nostr:npub16wfslcveyqrpch6p7uqsrfvpcwwz5qv99hc65xyt87s42jf3rftstdh9ga rude. Don’t appreciate the vibes ser ☹️
An issue remains where/how to store the nsec.
Browsers do not have a secure storage method at present. I’m not sure how native client choose to store private keys currently, but they are almost certainly better than storage options in browsers that exist now.
The one pattern for key management that shows the most promise is creating key objects using the WebCrypto API and storing the unserialized objects in indexdb for use in signing/encryption.
https://gist.github.com/saulshanabrook/b74984677bccd08b028b30d9968623f5
Even so, this relies heavily the security of the code which “locks” these objects from being imported and on the browser’s single-origin policy browser.
This may not be that much worse than the current state with native apps, but it remains to be proven by folks much more experienced with browser security than me.
As with most clients, the best course going forward is going to be some combination of hardware signers and nsec bunker to get the keys off the critical execution path.
Apologies. Typos abound.
How much do I have to zap nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s to get a PWA version built of Damus? 😆
An issue remains where/how to store the nsec.
Browsers do not have a secure storage method at present. I’m not sure how native client choose to store private keys currently, but they are almost certainly better than storage options in browsers that exist now.
The one pattern for key management that shows the most promise is creating key objects using the WebCrypto API and storing the unserialized objects in indexdb for use in signing/encryption.
https://gist.github.com/saulshanabrook/b74984677bccd08b028b30d9968623f5
Even so, this relies heavily the security of the code which “locks” these objects from being imported and on the browser’s single-origin policy browser.
This may not be that much worse than the current state with native apps, but it remains to be proven by folks much more experienced with browser security than me.
As with most clients, the best course going forward is going to be some combination of hardware signers and nsec bunker to get the keys off the critical execution path.
The next thing I’d suspect is either a client is subscribing to kind 4 notes when it shouldn’t or a relay is responding with them when it shouldn’t. 🤔
Some cards for today are 4️⃣ of ⚔️ reversed and The Tower reversed …
We are invited to take a pause, if only briefly.
The road ahead will bring about a profound clearing for us, whether we resist or not. This moment may be used to take a much needed breath and allow any sense of panic or overwhelming quiet a bit.
The tower is perhaps just the wrecking crew we need to begin rebuilding the structure of our lives.
What can be relinquished that no longer serves us?
Are there hopes we forgot we had which now have space to flourish?
How are we able to ground ourselves more fully in the less comfortable moments?
🔮💖✨⚡️
#tarot #dailytarot #grownostr 
As you mentioned on the most recent AI unchained, we are all individually solving for our own use case so there will be many answers.
Apple will feel the pressure from a legion of angry nostriches until they either relent or make their ecosystem uninhabitable.
I personally like the trend toward hardware signed notes with a web-based PWA. But I’m also a web dev, so that makes sense.
This also brings up an interesting design space for privacy solutions. I wonder if it is more difficult to censor what can’t be observed.
The storage API and indexDB are available as places to store application-specific data (as previously mentioned).
The other key browser API for PWAs is service workers. https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers
These are JavaScript workers that are allowed to run independently of the document and respond to network requests on a given origin (essentially acting as the server for offline use cases).
When someone refers to women as “females” 🚩🚩🚩
A few cards for today are:
7️⃣ of ⛤ reversed,
2️⃣ of ⚔️ reversed,
🌱of ⛤ reversed
As the stems of our labor just begin to show fruit, we may be feeling impatient or dissatisfied with the outcome. The powerlessness we experience is understandable, but may be leading to unnecessary defensiveness.
The Ace comes to us an invitation and an offer, always.
We are reminded today we were never promised the outcome — only that the effort would be in integrity with our purpose.
We are merely in conversation with the universe. Relationships, by their very nature, are decentralized — we can and must only control our own responses.
Recognizing our own sovereignty allows us to rebalance the relationship and accept what this moment is offering us.
🔮💖✨⚡️
#tarot #dailytarot #grownostr 
