I agree.
I’m just partial to this one, because it has a payment layer built in.
I'm kinda unsure if I should move on my ideas. After all, if we break everything is it nostr anymore? I don't think so. And if it isn't nostr anymore, will OpenSats want to fund me anymore? I'm kinda jailed into sticking with nostr if I want to keep that sweet sweet funding. At least I need to stick to what I proposed I would do.
But yes I do have a lot of breaking ideas. As it stands, those ideas keep piling up. If I had "started over" 6 months ago I would have been doing it wrong. I think it might be better to just keep piling them up and doing small experiments with them, and thinking about them for some time, before actually forging ahead with it.
For example, the other day I was explaining CRDTs to a friend/colleague in town and in preparing what I was going to say on the drive over, I realized that follow lists with CRDTs aren't enough, we still need to avoid simple race condition clobbers per-server: https://github.com/mikedilger/nostr-next/issues/55
For example again, I was thinking about still using websockets, but now I think building directly on QUIC is better and the HTTP and WebSocket layers don't buy us anything we want (what they give us, like proxying, is actually against good security practice). Because QUIC has to work for HTTP/3 to work, there wont be middle-box routing problems.
I also recently did https://github.com/mikedilger/alt-tls where I got TLS running with ed25519/x25519/blake3 in ways browsers suspiciously do not support (even though the RFCs do), with modern crypto that didn't come from the US government. Interestingly I can't get secp256k1 working because of this stupid thing: https://docs.rs/rustls-pki-types/latest/rustls_pki_types/alg_id/index.html I don't know what the pkix algo identifier is or if there is a reserved area I can use.
A quick summary of other breaking things I'm interested in:
* Framed binary protocol over QUIC, not WebSockets, not JSON
* ed25519 signatures, not secp256k1
* Device keys that can be rolled over, the master key used only for managing device keys (and the DHT).
* Learn a person's relays from Mainline DHT
* Relays/servers have a pubkey and use it in their TLS certificate, so we don't need to trust DNS.
* In-protocol feature negotiation
* Mechanisms to avoid all possible clobbers
* All event kinds are default replaceable, but see the application layer to determine how the application specifies it
* Separation of application layer from the main protocol, avoiding proliferation of NIPs.
* Nodes (clients/servers) remember timestamps when records arrived, which bounds when the record was created, giving better idea of what to do regarding revocation and such
* Spans within content marked in 'tags' e.g. (start=13, end=18, bold) or (insert=56, url=SOMEURL)
I keep coming back to this for the all-in-one solution to side-stepping DNS and key rotation.
I’m a little obsessed with long form articles, so I have ideas for favorites and semantic search working together
I’ve been thinking about this, yes. Have a couple of my own ideas percolating. I also have a demo selective crawler set up to pick from and have some plans to give people previews and selections, essentially saving them from endless test articles.
When I requested at the bank office to have my savings account permanently closed, the clerk said they’ve never done this before so they need a minute to figure out where this is in the bank’s system and wouldn’t I reconsider 🤣🤣
I know. It just seems so transparent to me, that this is a play, that I have a hard time believing that anyone takes this at face value.
We also have local politicans spout nonsense like “we’ll issue special bonds and get people to transfer their savings into gov bonds, since banks don’t give them any interest on their savings and gov bonds are awesome in comparison.” All savings are third-party managed assets already. Moving them from one spreadsheet to another is meaningless, but it all sounds like they have our best interests at hart, realy. 🤦♀️
I’m trying to point out the issue of a potentially misleading sense of accomplishment. It’s hard to judge expertise in most circumstances and it’s harder to judge an AI. It’s possible to pick up bad patterns from it unknowingly especially as a beginner. Maybe the soufflé chef never actually made the soufflé before either and just makes it up on the spot.
But yes, writing code is already of relatively little value. And we are all guessing which of the related skills will stay relevant and how long.
Then it finally sinks in how much you’re NOT getting it.
… then debug some of your own nonsense. 🙈
Same 😂 We are still endlessly resuscitating Java Web Start for some business usecase irl 😬
This is already a problem. Explaining backend and architecture design choices to devs who only ever worked on a framework that wraps all kinds of internals is hard. Right now, senior devs that started before all the fancy stuff keep a lot of the teams afloat by understanding where it all came from and vetoing mad ideas.
If you have any favourite writers or articles, please share
Yes. Although it won’t be apparent to the users in the beginning, just used in the background.
I have 4 todos I consider essential to get through. Then it’s going live.
notestack.io is gone. It seems nostr:npub1yzvxlwp7wawed5vgefwfmugvumtp8c8t0etk3g8sky4n0ndvyxesnxrf8q is the only option for long form reads with both habla.news and highlighter.com gone
nostr:note165wj7ft3l4l98xy33xx93y5r94yne469f0pugu2hfh68jlmc333qzynj3z
Would you be willing to alpha test something new? I’m still getting it ironed out and it’s going to be read only in the beginning, but I’d love some early feedback. I have the grand opening planned for June, but it will be available sooner.
This will resolve itself if/when Nostr-based businesses build funnels and marketing for their own self-interest and offer value that is apparent without explaining all about the underlying protocol.
It’s more about scaring all the lesser baddies away than being intimidating to you personally. It can also register as competence. I find vigilance and street smarts more attractive than pure physical strength, which is often a proxy for intimidating. I appreciate the early warning aspect because I tend to be oblivious and hyper focused on other things.
I broke my last one spectacularly by dropping it in the yard 😭 but still, it’s just not the same 🤷🏼♀️