My first proposal on the improvements: https://damus.io/note1wra64ux3w5fwxjd3y3v63pwxkmx64p57564zkjk6xj0a87k8keuqy07l34
Here is the proposal addressing this issue: https://damus.io/note1wra64ux3w5fwxjd3y3v63pwxkmx64p57564zkjk6xj0a87k8keuqy07l34
NIP-88 proposal adding support for the binary encoding of #nostr events: all file services, munsters and devs suffering from slow JSON serialization - I know you was looking for a such thing :)
https://github.com/nostr-protocol/nips/pull/512
This is the first proposal in the series I will do to address the points of my recent #nostr critique https://damus.io/note12044688xrg67tnc2lkv5whwrvycy0y2rsrg6lgd8s8ses2pr57nsfv85x5
MyCitadel v1.3 is around the corner with some great updates: ability to compose complex time-locked conditions (like 2-of-4 multisig which in 1 year becomes 1-of-2).
A tx created with MyCitadel spending from such complex miniscript descriptor: https://mempool.space/testnet/tx/48b47bdc2b55c0795df836e22983bed28c62de55ccfa10db122e267948a3221d
Miniscript descriptors with timelocks were available since the first release of our desktop wallet, but due to miniscript inability to work with the same keys in different pre-taproot script branches it was impossible to create non-trivial setups. The new version will introduce account-based spending conditions such that different branches now may use different accounts coming from the same hardware signer.
Descriptor wallet got updated to v0.9.2 with better command-line explorer functions: miniscript support, tx fee & minimg info, P2W* witness parsing, RBF info and colors!
`cargo install descriptor-wallet --all-features`
https://github.com/BP-WG/descriptor-wallet/releases/tag/v0.9.2
No. It is the human society which always “evolve” into centralized systems - as any other ape “society”.
The problem is that I see an attack vector on nostr relays with which I can lay down the most of the network. And that means something is wrong in the core protocol design. That “something” is the same thing as in “javascript” - making threshold for devs low. “Low” means also low robustness against attacks.
Just one note: none of the async runtimes can handle 100k due to POSIX limit on connection number which is 16 bit (number of ports per the underlying physical network card).
Async is a myth. It is nothing more than the threads, with semi-automatic allocation of procedures (“tasks”) over threads. And threads are limited and heavy - just a dozens per async runtime.
I was thinking about nostr, a bit from a similiar perspective, especially that a lot of things are very much like in https://github.com/crev-dev/cargo-crev (exchanging documents signed by self-generated identities). The purpose was different, but most things are analogous.
Agreed on everything, but with a note that ease of building client is a huge benefit, especially for a protocol that lives or dies based on network effect. The idea would probably not catch on if building things would require too much work. If it is to be more complex, it needs to come with good off-the-shelf libraries to use.
End user software delivery is the biggest constrain on boostraping. Being able to handle everything from a web-client (primarily) is a must have. And it must work well.
The transport layer is a secondary thing. Self-signed document can be delivered in various ways - through web sockets, raw tcp, bittorrent, with e2e encryption or without it. In carg-crev github repositories are used free and public transport. Relays could support combination of all and it can be iterated on. So I would leave websocket with TLS as is to start with.
Using faster and more compact encoding and crypto, detaching the signature (witness) would be the biggest wins, and can't be easily iterated on after the fact, so getting it right is important. Good engineering suggest using some "one byte-prefix for version", to allow ecosystem rotate to something else in the future.
Identities/crypto should be modular (just add a "type" prefix). Clients that don't support certain ID type, can just ignore the message. That gives an ability to rotate to something else in the future, without changing too much elsewhere. I'm not a fan of GPG/SSH (even though I use them all the time, every day). Being able to support it for clients that need it for something - great. Forcing on everyone - meh. Something that is fast and easy to support would be a preferable default.
Also, IMO, nostr needs to come with a portable, reference WoT handling library. Coming up with a well working WoT is quite complex. Different clients could come up with their own approach, but having something off the shelf that clients can use to get a reasonable and consistent WoT behavior would be a big plus.
In cargo-crev there's a `crev-wot` https://github.com/crev-dev/cargo-crev/tree/master/crev-wot that implements a basic Wot based on "trust levels", "distance from root" with support for bans and overrides, but I always wanted to (and never had time) to implement "maximum flow" algorithm to deal with sybil attacks and bot farms.
Ultra-agree. Very good points. Will take a time to digest and integrate with my own thoughts - and will reply in details after.
I was thinking of what nostr is. The initial concept I had was that nostr is a specific client-server (relayed) protocol for social network defined as NIP-1, plus extensions on top.
Now tend to see nostr is some other way. Nostr is the way of producing public authentificated data feeds by pseudonymous web-of-trust identities. NIP-1, existing relays etc are just current implementation details, which may change. What would always remain are the data feeds linked to decentralized identities.
I have a draft for “denostr” with Noise_XK encryption, GPG/SSH keys, binary data & DoS protection - which is interoperable with current nostr (each denostr mag is valid nostr msg). Plan to submit a NIP.
That’s all true. But it needs to survive through the future DoS attacks and scale, though. And I see that because of the tech issues that may be very challenging and limiting its future.
Yes. And there is more of what should be done: https://damus.io/note12044688xrg67tnc2lkv5whwrvycy0y2rsrg6lgd8s8ses2pr57nsfv85x5
It should be
TL;DR:
1. Choice of crypto: nostr picked “bitcoin crypto starter pack”. But what is good for blockchain may be bad for network: it is ultra-slow and non-standard in digital identity world (incompatible with PGP/SSH)
2. Choice of javascript-style (no data typing): vectors for DoS attacks, slow speed, low extensibility
3. No end-to-end encryption
Overall: very vulnerable to DoS, incompatible with other decentralized identity schemata, will have scalability problems.
Thoughts on #nostr.
Nostr is a websockets-based text protocol for logs of authenticated (but unauthorized) tagged (and otherwise unstructured) messages stored at public relay servers. The rest is a specific nostr application (like social networking or payments) on top of it.
Nostr takes several decisions on possible tradeoffs, which I try to analyze here:
1. Websockets. Good: pub/sub data access, web-integratable. Bad: high load on relay servers limiting scalability. Verdict: ⚠️
2. Elliptic curve (secp256k1) for identities. Good: bitcoin-based. Bad: very low performance, not GPG/SSH compatible, sidechannels. Overall: ❌.
3. Signature scheme: BIP-340 Schnorr. Good: batch verification, standard. Bad: optimized for onchain, discarding y coord, making verification ~50% more expensive than non-BIP Schnorr. Verdict: ⚠️
4. Hashing function: SHA256. Good: standard, bitcoin. Bad: slower than BLACKE3. Verdict: ⚠️
5. Text JSON encoding. Good: easy to implement. Bad: hard to pass & slow to encode/decode non-text/binary data; no limits on data sizing opening a door for DoSing relays and clients. Verdict: ❌
6. No authorization scheme. Good: easy to implement. Bad: limits use cases, limits scalability. Verdict: ⚠️
7. No encryption on the transport level, relying on TLS. Good: easy to implement. Bad: centralized, not end-to-end. Verdict: ⚠️
So I see most of selected tradeoffs by Nostr as a bad or poor decision. This us arguable of course.
Can Nostr survive and success? For sure, if even much worse systems had done that in the past (Ethereum, JavaScript, PHP).
What is the greatest Nostr weakness? Limited scalability and possible DoS (not even DDoS) attacks.
If I were the one who did nostr, what I would had made differently? I would had used Ed25519 signatures on Ristretto25519 (speed), binary encoding with strict limits on data sizes, use Noise_XK encryption - and provide bridges to Websockets only when they are needed for the web. But we have what we have.
Predating some major events: https://dr.orlovsky.ch/blog/cyphernox-manifesto