Also nostr:npub1qqqqqqyz0la2jjl752yv8h7wgs3v098mh9nztd4nr6gynaef6uqqt0n47m I feel a bit insulted that you believe this writing could be me. I'm the most BTC-only guy around and might not have posted on UpWork precisely because I wanted to go BTC only. My developers accepted BTC.
Come on! I think I did search on Upwork but if I remember right, I did not post an offer. I ended up paying $100/h for work on Nostroid which was a waste of $4500 of my money. That was last year, so I don't want to know how much I lost in terms of BTC.
You have to invest to make a profit. But mostly you invest and invest :D
Your post has me concerned, are you talking about allowing your keys to leak onto the Internet? Read the https://seedsigner.com/seedsigner-independent-custody-guide/
Then think about: Have you looked at multi Sig, air-gap Hardware wallet.
Another good ref.
https://bitcoin.rocks Self custody
No. The masterseed never leaves the device. Not even encrypted.
The idea is you have a safe deposit box. You put your valuables into the safe deposit box and then give the keys to the box to some guardian who will only give it to people who guess the pin on the fifth attempt. The guardian doesn't know where exactly you keep the box and less what's in it.
Bitcoiners are divided over what makes a good hardware wallet.
Some are in the radically open source camp.
Some are convinced that without a so called ""secure element"", key extraction is too easy. And as these SEs always require closed source, all-open-source hardware wallets are a lost cause.
But nostr:npub1jg552aulj07skd6e7y2hu0vl5g8nl5jvfw8jhn6jpjk0vjd0waksvl6n8n 's Jade, and nostr:npub1tg779rlap8t4qm8lpgn89k7mr7pkxpaulupp0nq5faywr8h28llsj3cxmt 's BitBox02 and probably soon SatoshiLabs' nostr:npub16lcw8ytugeh3ug3na93yl0tdf0gnjtduljhn2a852atf6jtvkucs7pruje 's Trezor are providing fixes for this.
The Jade is all open source but to my understanding it stores a key encryption key on a server (you can roll your own. It's also open source but nostr:npub1jg552aulj07skd6e7y2hu0vl5g8nl5jvfw8jhn6jpjk0vjd0waksvl6n8n provides one). And this server won't share the encryption key with the Jade unless provided with the correct pin. You really need the PIN to get to the Bitcoins unless you can both get the Jade and the server under your control. Against your average evil maid with a hacker friend this is certainly as good as if not better than a SE. In how far state actors could get the server to do what they need, might depend on your jurisdiction.
The BitBox02 has an SE and just like the Jade with the server, the SE never gets to see the Bitcoin masterseed. It only stores a key encryption key. Where Jade talks to a remote server that cannot be audited, the BitBox02 talks to a local chip that neither can be audited.
If you trust in the unhackability of SEs, BitBox's approach looks better as it doesn't rely on some server being online when you decide to spend your money. If you don't, the Jade approach looks more transparent about how secure it is.
And then there is Trezor. They are working on #TropicSquare, an open source SE which would allow to run open source wallet software with the protection of a ""secure element"".
As unhackability always will be a hard to proof property of a chip, I'm intrigued by Jade's approach but would worry about the continuity of the server.
Maybe some manufacturer will come out with a product that features SEs made in China, US and Iran to store shards of the KEK?
Or the next Jade stores Shamir's Secret shards in 5 jurisdictions where you would need 3 of, warning the user if ever less than 5 servers replied?
People hate getting corrected. Less than getting made fun of but still, the the best way to help is to hide the correction. Whenever somebody poorly pronounces a word, I reply using the same word but correctly. With more abstract things it's harder to do this way but I'm convinced it's great to get around the defense reflex that corrections trigger.
When a family member gifts this to your child, it is an act of aggression. 😏 https://nostr.build/av/cac42499da7c62d143dbbdc8409e18d29e46067b07906a2b8f5162558993592d.mov
My daughter just told me she wants a robot like this. 🤦♂️
Seems like an appropriate time to re-up this video.
TWITTER VS #NOSTR
nostr:npub1hu3hdctm5nkzd8gslnyedfr5ddz3z547jqcl5j88g4fame2jd08qh6h8nh
Shared on Twitter :D
So what do you think about the idea of marking certain badges as relevant? I want to teach my client to tell genuine badges from fake ones.
I don't know it but if it's a web tool I would use it with my nip07 extension.
nostr:npub18ams6ewn5aj2n3wt2qawzglx9mr4nzksxhvrdc4gzrecw7n5tvjqctp424 I noticed you have a **lot** (79) of badges and I wonder if you could help me with your opinion. Are badges here to stay? I saw sentiment to remove them from certain clients and little effort to improve their meaning. Snort appears to have removed badge management? nostr:npub1v0lxxxxutpvrelsksy8cdhgfux9l6a42hsj2qzquu2zk7vc9qnkszrqj49? Coracle shows no badges. Iris doesn't. Amethyst shows badges. Damus I think does not?
Your badges mostly look like fun meme things. "Hellthread survivor" is perpetuating a spam attack. "Elite NostrGram User" supports a dev (who's client also supported badges and badge management). "Nostr developer" I would call a badge of honor. If I knew this wasn't given lightly ... I would consider it a strong indicator of awardees not being bots at least.
But as soon as something has meaning to others beyond being a meme to laugh about, in other words as soon as people might aspire to obtain a certain badge, what is to stop them from just self-awarding them any badge they want? Maybe with a new account that is given the author name of the to be copied badge? In the latter case they could always accept the badge and claim innocence. They didn't know it wasn't the real badge.
My vision is to - beyond accepting badges personally - ascribe relevance to badges one does not personally hold. To sort the relevant ones first. So when opening your list of 79 badges, for the first time, they would all be marked as irrelevant and I could mark them or their authors as relevant using nip51 lists:
(*) not relevant (default)
( ) relevant badge in its current state (e-tag)
( ) relevant badge (a-tag)
( ) relevant badge author (p-tag)
By marking for example the "Nostr developer" as relevant and assuming a client that shows only relevant badges next to TextNotes, I could smash that follow button much easier when recognizing that badge. It would have meaning.
I'm confused. There is only one "most followed" account on Twitter (ElonMusk). The first of a set of one ... makes no sense.
It's broken since weeks at least for me and nostr:npub1sy70twa0vadtk8hjs6wt2hmfszduj04tw78ccs3ktmr9u99mfmqsj62srx
absolutely. there's an open source effort to do this. you can contribute if you're able. https://git.semisol.dev/NostrPlebs/nests
So nostrnests.com was built by you and Semisol ... based on Affero GPL Jam ... but is not(?) open source? Affero GPL would not allow that, would it? But you are now working on a new nests version that would be open source under a custom license? I'm slightly confused. Mind enlighten me? Or ... should I come back into the nest?
Can we have nip07 support on nostrnests, please? It's sad to see half the crowd has no profile pictures, even those up "on stage".
My account is throw-away, too.
As I trust you, I consider checking them out but they look so shady ;)
