Domain names were the first NFTs. Joke’s on us!

Looks like my bitcoin node got corrupted, rebuilding my utxo set now. In the meantime I’ve temporarily switched to alby… do zaps work? 👀

LND or CLN ?

My friend is a financial advisor with 500 clients, and a book of business of $100,000,000.

I orange pilled him in 2016, and he’s been a Bitcoiner since 2018, he left the financial advisor business 2 years ago.

He’s at the point where he wants to help these 500 families get 1-5% of their net worth allocated to BTC.

Most of these families are asking him questions about Bitcoin already, and a lot of them are ready to buy BTC once he has the conversation with them.

The problem is that most of them are not ready to take custody of their own coins, they want him to help them acquire the BTC and hold it for him.

Are there any practical solutions for this where he can help onboard people to bitcoin without being “in custody” of their coins?

There are probably hundreds or thousands of RIAs in this position.

How can we help them onboard clients that trust them already, and make some money for their efforts, without taking on the liability of being custodians?

AppStore has latest version

#[2]​ can you repost now?

Thoughts on #nostr.

Nostr is a websockets-based text protocol for logs of authenticated (but unauthorized) tagged (and otherwise unstructured) messages stored at public relay servers. The rest is a specific nostr application (like social networking or payments) on top of it.

Nostr takes several decisions on possible tradeoffs, which I try to analyze here:

1. Websockets. Good: pub/sub data access, web-integratable. Bad: high load on relay servers limiting scalability. Verdict: ⚠️

2. Elliptic curve (secp256k1) for identities. Good: bitcoin-based. Bad: very low performance, not GPG/SSH compatible, sidechannels. Overall: ❌.

3. Signature scheme: BIP-340 Schnorr. Good: batch verification, standard. Bad: optimized for onchain, discarding y coord, making verification ~50% more expensive than non-BIP Schnorr. Verdict: ⚠️

4. Hashing function: SHA256. Good: standard, bitcoin. Bad: slower than BLACKE3. Verdict: ⚠️

5. Text JSON encoding. Good: easy to implement. Bad: hard to pass & slow to encode/decode non-text/binary data; no limits on data sizing opening a door for DoSing relays and clients. Verdict: ❌

6. No authorization scheme. Good: easy to implement. Bad: limits use cases, limits scalability. Verdict: ⚠️

7. No encryption on the transport level, relying on TLS. Good: easy to implement. Bad: centralized, not end-to-end. Verdict: ⚠️

So I see most of selected tradeoffs by Nostr as a bad or poor decision. This us arguable of course.

Can Nostr survive and success? For sure, if even much worse systems had done that in the past (Ethereum, JavaScript, PHP).

What is the greatest Nostr weakness? Limited scalability and possible DoS (not even DDoS) attacks.

If I were the one who did nostr, what I would had made differently? I would had used Ed25519 signatures on Ristretto25519 (speed), binary encoding with strict limits on data sizes, use Noise_XK encryption - and provide bridges to Websockets only when they are needed for the web. But we have what we have.