30 sats \ 0 replies \ @ek OP 30 Dec 2023 \ on: Why do so many nostr clients ask for your nsec just for authentication? security
Btw, I really like the idea of nostr and I see great potential in it. Saying this before anyone thinks I am just writing this because "SN is competing with nostr". I am not.
I am writing this because I want to believe in nostr but sometimes, it gets really hard.
The combination of bitcoin as a network for value and nostr as a network for identity sounds very promising.
But sometimes, it feels we're building identity theft in a honeypot disguised as a SaaS product and not a "decentralized, truly censorship-resistant open protocol".
Even @fiatjaf openly claims that he would like to fork the NIPs and while searching the note about this, I even found this note:
Cryptography is only needed in Nostr because relays are many and not just one. The relay infrastructure precedes the need for keys.
Maybe this is obvious, but just in case.
-- note1g808vpy57jgulxxfapqeedhcjsr9yql6wec6yu9c3684j32khzlq68rkhd
That's another indicator that nostriches really don't take cryptography serious like this comment in the NIP-44 PR about a note from @jb55:
You’ve mentioned “We now have more breakage between clients though. yay?” - seemed like a complaint. 🤷‍♂️
As for your question “how does it reduce metadata leakage”, the answer is simple: padding helps a lot, esp with small messages.
before it was “yes” => 3b ciphertext, which is really bad.
Can’t reply on nostr, because my client doesn’t see your post there
And apparently, nostr.com also still sees nostr mainly to be about social networks:
A decentralized social network with a chance of working Learn about Nostr: A simple, open protocol that enables a truly censorship-resistant and global social network.
Imho, continuing to advertise nostr like this is stifling innovation in the space.
write
preview