pull down to refresh

Nostr is currently a leaky ship with a lot of bad practices baked into the NIPS (external links to profile images LOL)
That being said, I think it is a great paradigm shift towards what is essentially a decentralized database query protocol. There's many cool applications that are waiting to be built!
There's also a lot of challenges yet to be solved with pubkey based identity. Like, how do you rotate private keys if your key is compromised? There's no password reset in ECDSA :-D
What an exciting future! Can't wait to build on top of it.
reply
I fully support the development of nostr. My favorite thing about it is that it has no token, however I won't be using it just yet because of the issues pointed out in the writeup.
reply
How terrible of an idea is it to be running nostr on the same computer that I manage my LN node on?
reply
You mean a relay?
The more stuff is running on your computer, the more attack surface it has.
I would try to run BTC+LN on a separate machine
reply
No, not a relay. I guess I'm not technically "running nostr", just using a client and sending/receiving messages and I use the same computer to access my Umbrel node which runs on a separate Raspberry Pi. I don't think I could compromise my node unless I did something really stupid like running a shady executable. I like to think I'm pretty smart about avoiding stuff like that, but maybe there's something I'm not thinking of.
reply
If you don't want to trust any client, you can write your own, it's quite simple! or audit one that's open source, I think they basically all are .
Other than that you should be fine, i think there is more risky stuff running on your machine.
As far as umbrel goes, i heard that it's communication is unencrypted, and basically relies on your network not being compromised ( if it's on the same network as your public Wi-Fi, that's probably not great). So maybe running it in a separate network and using vpn to Access it might be a good idea. I don't know enough about that though, so please don't take my word for it.
reply
Good post, thank you!
reply
no probs ser
reply