My OP was to gauge activity. People with heads down working on a thing can burn a lot of resources and stirring some discussion around this might help to get some either to fomo reveal some progress or to drop out as they see what they are working on is not the right thing.

Re: "CLI tools and email? Give me a break."

Many great tools were built on well designed APIs or actually using CLIs on the backend. NIP34 will be the API. ngit a CLI using such an API. Devs need nothing more than a CLI to test workflows. Designers can then wrap some fancy UI around that. That's normally how Open Source development goes. Some devs know how to solve a problem of theirs. Only later some less technical people pay designers to make it work without a keyboard.

Although Jack had doubts about his bounty, it stands as in "it was not retracted or superseded" and as long as it's not broken down into smaller bounties it will inspire devs to run off in the one direction or the other. In which direction should they run off in the meantime? I love nip34 and https://gitworkshop.dev if I understand it right. Both clearly are going in the right direction unless I totally get it wrong.

Ok, what the hack. Ok, Jack why do you boosts Fiatjaf's comment? Could we please know what the bounty was about or at least how community consent could be measured? I'm super excited about the interoperability layer stuff (and websites that build on top of that to look like GitHub) and if not that, what is it you see so important to throw tons of money at it?

If not for this then what do you think Jack had in mind?

Nobody needs yet another GitHub clone. There's already GitLab and Gitea and certainly others. We need a way to bridge these. An interface to make MRs from a self hosted Gitea instance to GitHub and a way to discover repositories no matter where they are hosted. At least I suspect that is what would make Jack happy.

nostr:nevent1qqs93u93ardqlw2atjels8dqf8d9v05p70rur9nmq87nz4zgn8t0tgqpp4mhxue69uhkummn9ekx7mqprpmhxue69uhhyetvv9ujuar0v9ehgu3wwdcxzcm9qgsydl97xpj74udw0qg5vkfyujyjxd3l706jd0t0w0turp93d0vvungrqsqqqqqpplr57g

His original bounty was totally not specific: nostr:nevent1qqsqkfjzlcx0fg7ymte3t0ka2wpzve68hykep8rq7aflj9svhg7jragpp4mhxue69uhkummn9ekx7mqpzpmhxue69uhkummnw3ezuamfdejsygyzxs0cs2mw40xjhfl3a7g24ktpeur54u2mnm6y5z0e6250h7lx5gpsgqqqqqqs684apg

His later post with link to bountsr did not make that more clear. https://web.archive.org/web/20230126232251/https://bountsr.org/code/2023/01/19/nostr-based-github.html

For what it's worth, I had suggested to fix discoverability and cross instance PRs as a reaction to his original post (although I can't find that event now) and he "liked" that.

🔥 🦊 is your browser but the nostr client? I thought it was Snort but in Snort it looks weird in a way I can't even guess what's happening. nostr:npub1v0lxxxxutpvrelsksy8cdhgfux9l6a42hsj2qzquu2zk7vc9qnkszrqj49

I sense a disturbance in the force. nostr:npub1sg6plzptd64u62a878hep2kev88swjh3tw00gjsfl8f237lmu63q0uf63m 's github replacement bounty appears to be bearing fruits with two or probably more implementations working on a compatibility layer for git repositories and an open standard for those. nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 nostr:npub15qydau2hjma6ngxkl2cyar74wzyjshvl65za5k5rl69264ar2exs5cyejr

I wonder which client though. I marked that a bug in my project.

Casually flashing $12 worth of Bitcoin.

## Just testing ...

Is **markdown** rendered?

Uhm, yo no hice ninguna versión en español de nada. Pero ... bienvenido ;)

I think the BTCPayServer integration doesn't confirm the zaps yet. To my understanding, the server has to emit the zap event as a receipt of the funds received. Did you configure anything nostr in your server?

Chaumian Mint wallets usually can pay LN invoices and at least in principle they should equally be able to support on-chain transactions.

The anxiety when connecting and listening in on the tone to see if it fails before your PC would timeout and come to the same conclusion.

The sigh when a friend called in and mom picked up to talk to his PC even though you told her that this call would be for you!

Yes.

We are testing it here: https://wallet-scrutiny-pthyfg5t3-shourya742.vercel.app/

We are developing it here: https://gitlab.com/walletscrutiny/nostr-opinion-plugin/-/boards/5229380

All issues in TODO and DOING need to get to DONE before we release it but ... soon™️.

I'm very bullish on Chaumian tokens and envision a world where millions of "Uncle Jim" take custody of their family/community's wealth which clearly deserves a distinction from the hundreds of custodians we have today but how much difference of scale constitutes a difference of principle?

I have to come up with a "verdict" for WalletScrutiny. Shoudl I call it fist-reach-custody? 😜

nostr:npub1hz404lnj7lxsdt5vxdlex9rlvhlz6dxqqed4y6tpywvzgwx0qmlqfpl6sm nostr:npub1tlgqfynfdyup4s4m8ge8yqpkm8ukxtfflv3dcxl4mra3e83x27vqrlj5tp and nostr:nevent1qqsrd8ue4e7caj5207zu4c6p565q22nh3ul8jx8rjjs4l5c753kucmszyr6974n8llnkf8tunajgjvxffxxd4zyhfel29zffr9xsze7de0qjgngu9uq are the top referred content. What I find suspicious is that each of those appear first with a leading / and then with a leading // which to me looks like the / ones get forwarded to //, counting them double.

Thanks for sharing!

So openly identifying as crawlers account for "only" a good third of the hits.

Top referrer is katochsingel? Which for no good reason uses a certificate from nostr.at which both are njump instances? A lot of jumping involved here.

Might there be something recursive going on? But visitors are also high, with less than 2 hits per visitor on the busiest day.

Ok, so mercury does fancy math under the assumption that an SE can establish a secure channel because a secret cannot be extracted from that SE.

To answer your original question: I do not consider such tokens self-custodial. SEs are little more than snake oil and usually are secure until they are not, which regularly happens. SEs are security by obscurity and their providers take legal action against individuals that talk about their flaws, resulting in a situation where it's hard to assess how secure they actually are.

So if some small shop markets their tokens in that way, I would assume they don't know how to crack the SE. After all they are not Intel engineers, right? On the other hand, who would have the biggest incentive to push such a scheme? Somebody who has a backdoor to the SE and can't even talk and take credit for his discovery.

I would never put significant amounts of money into such a token and would much rather trust federations of mutually vigilant entities. And if part of such a federation, I'd much rather trust Open Source software on commodity hardware than closed source software on obscure SEs.

$ aljazdo grep 'nevent\|npub\|naddr\|nprofile\|nrelay' all-access.log | goaccess --anonymize-ip --log-format=COMBINED --output=fileToShareWithNostrPlebs.html

That's truly wild! Can you see some patterns of bots in that? Some IPs that stand out etc? I like goaccess to get insights on server logs. It's in the debian repos.