Ok hodlbod has been COOKING on his frost signer thing with email login. I just got a demo from him and it has me more excited about Nostr than I have been in a long time.
- users can sign into Nostr apps via email (or someday any other identity system they like. Phone? Facebook? snail mail? Δhau?) but behind the scenes they still have a private key
- no server or company ever needs a full copy of their private key
- at any point they can extract their Nostr key from the system to use another one (like a bunker, hardware signer, or just a different group of signing servers, etc.)
The big problem with Nostr onboarding is that people need to put in a significant amount of work to understand and manage keys before they even get a chance to get any value out of the software. But pomade enables someone to join without thinking about keys, *and later* start caring and still be able to take full custody of their key. It is the second part that nobody has really done before, on Nostr or anywhere else that I know of. It's not bulletproof, but it combines all the best tech we have to balance ease-of-use, security, and user control.
Because itβs slower than Chrome and Safari.
nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn I think at some point I heard you say you get a summary of recent Nostr events every day. Is that from a DVM? Have you written about this somewhere? I would like to try something similar.
I wrote up some instructions for running a promenade signer, if that's something that interests you. Promenade creates a cluster of servers that cooperatively sign of Nostr events without any of them knowing your Nostr secret key. Bleeding edge identity tech. Join us! nostr:naddr1qvzqqqrcvgpzp59pl7u8vxuhfnky5wlge09ja948pyxu73jll6kg8x4yegsvnfv7qy88wumn8ghj7mn0wvhxcmmv9uq3wamnwvaz7tmjv4kxz7fwdehhxarj9e3xzmny9uqsuamnwvaz7tmwdaejumr0dshsz9mhwden5te0wfjkccte9ehx7um5wghxyctwvshszrnhwden5te0dehhxtnvdakz7qghwaehxw309aex2mrp0yhxummnw3ezucnpdejz7qq6wf6kumnfdenj6cfdwpex7mt9deskgefdwd5kwmn9wgvft2nc
bug: it doesn't work in Firefox
Happy horrible software vulnerability day everyone https://react2shell.com/
Cold Root Identity v0.1.0 is live.
Nostr was never meant to run long term identities off a hot private key sitting inside a mobile app.
This repo ships a clean model that fixes it without changing the protocol:
offline root key
-> deterministic epoch keys
-> signed lineage event
-> clients follow rotations safely
All using standard NIP-01 events and ed25519 signatures.
No relay changes. No NIP changes. Just better key hygiene.
Spec, docs, test vectors, and a working Python CLI are here:
https://github.com/GHOST-UntraceableDigitalDissident/cold-root-identity
If youβre a client dev, this gives you everything you need to support safe identity rotation today.
This would require an overhaul of clients and any relays that use wot, auth, or similar features, correct?
π Thank you Itunu! This is so nice to hear.
This website speaks to the nerd inside me on so many levels. I think I'm going to give the "No S Diet" a try. https://everydaysystems.com/
I just posted a project update video for Keydex that shows the current features and future plans. Plus an announcement that I'm renaming the project from Keydex to Horcrux! Check it out: https://tube.tchncs.de/w/oyxzSzhocB3k6BNbVTdU7d
I'm so excited that Satellite is back. It's always had my favorite design of any Nostr app.
What's up guys
After my year break from social media I deployed the total rebuild of https://satellite.earth I created over course of these past 12 months.
It's a major upgrade.
The old Satellite was cool aesthetically but was not functional enough to be a daily driver. I had to fix this, to make the nostr client that I've always wanted.
Something beautiful that gets the basics right.
I changed the front page and the profile pages to focus on *just* what you're looking for, but I kept reddit-style threads because they are amazing for reading long conversations, e.g
https://satellite.earth/thread/note15yhl85e6jnayprt3ufp4ucuzwqry0uxd8sxqn4twctxxf4gkfdpsfyea0e
I got rid of NIP-172 communities. They were just too messy. I'm working on replacing them with relay-based communities instead (something like what nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn has been cooking). This will be ready and deployed in the near term.
In the meantime, straight up relay feeds are already functional. You just have to type the url in yourself, e.g.
https://satellite.earth/relay/pyramid.fiatjaf.com
You can create aggregate relay feeds too by just including multiple comma separated relays in the url, e.g.
https://satellite.earth/relay/pyramid.fiatjaf.com,relays.land/spatianostra
Satellite CDN got reworked and refreshed as well. You can now see all your transactions, your current balance, and your burn rate. It's way more clear now what's going on.
I added client side search, based on your social graph (or *my* social graph if you're not signed in). It pulls all your contacts, your contacts' contacts, and indexes your web of trust locally. Believe it or not this is actually quite performant (especially if you are on a multicore machine).
To be clear, this is not really *search*. Something like what nostr:npub176p7sup477k5738qhxx0hk2n0cty2k5je5uvalzvkvwmw4tltmeqw7vgup is building that is not strictly local will be necessary for finding obscure people.
This is essentially navigation UX, and it works great for jumping to someone's profile when you know where you want to go.
Notifications are super reliable now.
Aside the feed working well (which is the #1 live or die UX that absolutely must work) having notifications that are useful and where you can reply immediately from the interface without hunting down the post context is pretty important.
Added NIP17 support.
Maintained legacy NIP04 support for existing chats only.
The future is nostr:npub1whtn0s68y3cs98zysa4nxrfzss5g5snhndv35tk5m2sudsr7ltms48r3ec style Marmot Protocol (pending)
One of things that always annoyed me about legacy social media is that they spend all their screen real estate trying to get you to go somewhere *else* (???)
I mainly designed this profile page to be the client that I want to use.
I want to link to my page and not have the sidebars to like a billboard or something.
In the new Satellite the profile page looks pretty and only shows your stuff (and nothing else)
Added full featured rich text editor. This was one of the main things the old Satellite was lacking.
In the new Satellite you can upload media inline, directly to Satellite CDN or whichever is your preferred blossom server.
Mentions, emojis, embedding nostr notes inline are supported as well.
The Satellite CDN UI is much improved as well, especially if you have lots of files.
The terms and cost are the same as old Satellite.
You can upload big files (like > 5GB).
Bandwidth is free. $0.05/GB/mo.
Prepaid. Lightning only.
If you want a nice blossom-compatible gallery UX to be a home for all your media on nostr, I would encourage you to check it out.
I added some other thread improvements too. One feature I'm really happy about in the new Satellite is that you can link directly to deeply nested reply, e.g.
The ability to link to replies while seeing the whole context of the conversation I feel like really increases the "surface area" of the thread.
* * *
There are some more cool things in the pipeline.
Relay communities are the priority right now.
After that I will show you guys the new relay that I also built during this 12 month interlude.
Finally, if you still want to use the old satellite, you may at https://v1.satellite.earth
The release looks great! Satellite's thread view has always been my favorite, I'm so glad you kept and improved it.
hey stu, if you need help with the search my DMs are open :)
Using nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qghwaehxw309aex2mrp0yhxummnw3ezucnpdejz7qpqkpt95rv4q3mcz8e4lamwtxq7men6jprf49l7asfac9lnv2gda0lqpsy38p is super simple, as shown by this code of npub.world
More here: https://vertexlab.io/docs/services/search-profiles/
hah, linking to 20 lines of source code for a feature as complex as search is such a flex πͺ
I've been quiet lately but I've just been very heads down trying to get Keydex ready for it's first alpha usability test, which I'm about to head to right now! I'll try to post a project update this week, as I passed the halfway point on my (relatively tight) 4 month timeline recently.
I just did a weird thing with gift wraps in Keydex and I want to make sure it's not dumb. I'm having a bug where lockboxes are showing back up on the devices of key holders after they have been removed. Like this:
1. Alice invites Bob to be a key holder for their lockbox
2. Bob accepts
3. Alice publishes a shard of the lockbox data for Bob to download, gift wrapped and addressed to Bob.
4. Bob changes their mind and deletes the lockbox from their device.
5. Later when Bob reopens the app it downloads the shard event again and recreates the lockbox.
Of course I could maintain some local state about what has been deleted, but it would be better to just nuke the shard from the relay. We could ask the original publisher to do it, but we can't guarantee they are online. So what if we just include the ephemeral key used to gift wrap the shard in the seal? Now Bob can publish a NIP-09 deletion request to delete the shard.
I could see this being useful in other places too. For instance you could have a type of direct message that gets deleted from relays as soon as it is downloaded by the recipient.
Yeah I haven't used it much in the past couple weeks. I've been in more of a refactoring mode and have just been doing one-off prompts or using Cursor's plan mode for that. I would like to get back and try it on some more tightly scoped features though.
I should circle back to Claude code at some point but viewing and accepting changes with the Cursor diff viewer is just so ingrained in my workflow now, I think I would miss it a lot.
Ah makes sense. I guess the hard "outbox model" problem I was thinking of was building an infinite feed from some list of pubkeys.
Yes! But before it was the only way to log in, right?
Good thread on some of the pain experienced by new Nostr devs, and also a good response of why things are the way they are.
TLDR; Loose governance is not very meritocratic, and stronger governance is generally not either π
Personally Iβd love to see (maybe found?) a NIP consortium/collective/co-op some day, but I donβt think itβs time yet. nostr:note1nf2les6pzrn3c60a9nm4f82qenha032a6nrh00qerjdgxr8xu06qptgedn
I had a great time at DWeb camp last week as always. I sat on an "Open Social Web" panel as the Nostr representative and I think what I had to say about Nostr was generally well-received alongside Bluesky and Mastodon. People were mostly drawn to the loose governance and the scrappy "good enough" approach to protocol design.
But, like last year, it still feels like the energy folks have for "social media" as we typically think of it has been completely sucked out of the room. Few people are interested in putting more energy into some public virtue-signaling town square. I think Nostr has an advantage over Mastodon in Bluesky in this area because it really does have the most non-microblogging experiments going on, and the protocol is the friendliest to encrypted private spaces.
In the future all food will be made with a microwave, and if you can't deal with that then you need to get out of the kitchen. https://www.colincornaby.me/2025/08/in-the-future-all-food-will-be-cooked-in-a-microwave-and-if-you-cant-deal-with-that-then-you-need-to-get-out-of-the-kitchen/
Iris July 2025 Update. If you last used Iris in 2023, give it a retry! https://iris.to
New features:
- Feed editor! Edit feeds and create your own.
- Relay-based feeds
- Real-time updating feeds
- Show which relays an event came from
- Read-only mode (view as user / pubkey login)
- Improved popular feed, calculated locally (no more API calls)
- Performance Optimizations - Significant feed rendering and caching improvements
- Encrypted uploads in private chats
- Notification feed functional and visual fixes
- Configurable imgproxy
- Swipable image / video carousel
- Setting to disable specific reactions or the whole reaction bar for faster & calmer experience
- Lots of small fixes and UI improvements
- Binary serialization of social graph β 55% reduction in size. Distributed with a dataset of 30K users, 200K follows and 2K mutes in 1.4MB.
Double ratchet group chat & multi-device support WIP. Zaps not working great atm, fixing. Want to add nutzaps.
Tauri Android & desktop app available if you don't want to depend on iris.to, DNS, cloudflare, your ISP etc.
https://github.com/irislib/iris-client/releases
Iris subscriptions are now live. Get relay & blossom hosting and a shorter iris.to username: https://iris.to/subscribe
Iris used to be me go-to client but it fell out of rotation at some point. Giving it another try!
Can you explain to me (or point me to the details) of how the tokens are reissued? I thought to swap you have to connect to the mint? Or is reissuing different from swapping?
That seems like an error in NIP-11. I have seen relays send AUTH at a lot of different times. Sometimes only certain actions are gated behind auth (like requesting content from a closed NIP-29 group).
It is really fascinating: https://max.levch.in/post/724289457144070144/shamir-secret-sharing-its-3am-paul-the-head-of
Relatable. I've actually had this bug on a bank website before. They truncated my 20+ character password, I wonder if they were running Solaris somewhere in the background.
Also I submitted my first git PRs via Nostr yesterday, it was pretty easy with ngit and https://gitworkshop.dev!
I set up nak bunker on my home server in docker yesterday, so I finally have a Nostr signer running on my own hardware. If anyone is interested in the compose file it's short enough that I'm just going to paste it here:
services:
nak:
build: .
command: bunker --persist --sec your-nsec-here wss://nos.lol
volumes:
- docker/nak:/home/nakuser/.config
restart: unless-stopped
I haven't taken the time yet to figure out how to use ncryptsec or something to keep my nsec encrypted at rest, if someone figures out how to do that in docker lmk.