ynniv

follow the iwakan
scale things
be what can't be unseen

email / x / signal / wn

"it's not our purpose; it's our programming. our purpose is yet to be determined"

Public Key

npub12akj8hpakgzk6gygf9rzlm343nulpue3pgkx8jmvyeayh86cfrus4x6fdh

NIP-05 Address

[email protected]

Profile Code

nprofile1qqs9wmfrms7myptdyzyyj330ac6ce70s7vcs5trredkzv7jtnavy37gpz3mhxue69uhhyetvv9ujuerpd46hxtnfduqs6amnwvaz7tmwdaejumr0ds28lz52

Publishing to

relay.damus.io

nos.lol

Author Public Key

npub12akj8hpakgzk6gygf9rzlm343nulpue3pgkx8jmvyeayh86cfrus4x6fdh

Show more details

Last Notes

2026-06-04 05:04:06 GMT

- reply

at least, that's how i ended up there

2026-06-04 05:03:40 GMT

the longer you try to fix ecash, the closer you'll get to https://bitcoindeposits.net

2026-06-02 18:15:16 GMT

- reply

same

2026-06-02 15:46:01 GMT

- reply

this is the flexibility i need

2026-06-02 15:45:14 GMT

please tell me that we've come full circle and this was ai generated
#nevent1q…wmtm

2026-06-02 06:28:46 GMT

- reply

point your vr browser to https://atc.ynniv.com and you too can have an earlier-than-alpha experience

2026-06-02 06:26:51 GMT

ads-b playback in vr (webxr)?
... sure, why not
https://blossom.primal.net/05f7d90e8b3c2ee254be94f916079f9c8439c5a2a28998026d67f4238ffee2a4.mov

2026-06-02 00:59:52 GMT

when you discover you have extra tokens that are about to expire
https://blossom.primal.net/6e3801d0fed59f485e129a1739c8f1cd3d374a3cf5cb4570cd11f99a6eea159e.png

2026-06-02 00:14:15 GMT

- reply

that's more exciting than the fancy steak 🎉

2026-06-01 23:53:45 GMT

- reply

i could. but the protocol can't escape without a rewrite that's so big it barely make sense to call it cashu:
communicate with mints over nostr instead of https, identified by npub. have mints listen on dozens of popular relays so that wallets can choose which seem unlikely to be monitored. use giftwrapped and time randomized messages to make reconstruction difficult
and the obsession with nuts isn't doing you any favors. "Cashu" is fun. "NutZaps" is actively interfering with adoption

2026-06-01 23:35:52 GMT

- reply

luke was running qubes and *still* got owned?
i'm not giving him the credit he deserves

2026-06-01 23:35:09 GMT

- reply

https://blossom.primal.net/5a30c1317af3bb7a2d62940e919f014d40e839ab756dd26d8f9364191be42f6d.png

2026-06-01 23:30:44 GMT

- reply

you might speak a different language, but i hear it

2026-06-01 23:29:13 GMT

- reply

it turns out i forgot quite how cringe s.e. lain actually was. it's really quite impressive

2026-06-01 23:27:50 GMT

- reply

wish @nprofile…7v94 was still around too
it's okay, the revolution WILL be broadcast on nostr

2026-06-01 23:24:42 GMT

@nprofile…nt24 makes nostr a better place ❤️
on nostr no one can take your 🤙 gm – gn – gfy 🤙

2026-06-01 22:28:30 GMT

- reply

well ... depends on how people use it 🤷

2026-06-01 21:12:40 GMT

- reply

there's a few complexities. first, the intent of the app is primarily to be a bluetooth / wifi mesh, and many people won't use nostr at all. second, it makes a new key for every "channel", and even if you don't override your location (teleport) you make a new key for every level that you post in. third, it rotates keys sometimes - i'm not sure how often. so, there should be many more pubkeys than bitchat/nostr users

2026-06-01 18:54:25 GMT

- reply

yes and no. they're ephemeral

2026-06-01 18:51:46 GMT

never goes out of style
https://image.nostr.build/deae2d5b58b4400995f3cd67e6eb66ec02b663f322a16ae9929027f827278d11.jpg

2026-06-01 18:15:38 GMT

- reply

competition is always good news

2026-06-01 15:33:06 GMT

- reply

what i find interesting is how much i just think about problems now. walk, and think. the part that used to take all the time has become dominated by clearly articulating the solution

2026-06-01 13:16:12 GMT

- reply

the world feels both fast (many impactful, unexpected things happening) and slow (traditional progress). i worry that this discrepancy is systematic, and will continue to widen, creating stress and knock-on complications
solving impossible problems? sure, why not. getting someone to pay you for value that you created? harder by the day

2026-06-01 03:41:23 GMT

- reply

not usually

2026-06-01 03:03:28 GMT

- reply

"i'm assuming the client side is checking signtures"
hahahahahahahahahahahahahah

2026-05-31 23:10:13 GMT

- reply

i think it goes even further than sales. if you frame your idea as "better than x", you've positioned yourself to compete over the same base. i don't want deposits to compete with non-custodial lightning or even ecash ... as a percentage of the world population, the number of people running them rounds to zero
figure out how to address the larger market if you want to find success

2026-05-31 21:11:56 GMT

- reply

🤷 potato, potato. i'm not saying primal is the best, but it's also not "paper" in the way that a nostr client that used a username/password would be

2026-05-31 21:06:48 GMT

- reply

"i hated it before hating it was cool" 🏴‍☠️

2026-05-31 21:05:10 GMT

- reply

no. you can switch to another client at any time and keep all of your value
try doing that with paper bitcoin

2026-05-31 18:02:12 GMT

- reply

let's fix that
https://bitcoindeposits.net

2026-05-31 17:55:31 GMT

i made strong technical claims about the inability cashu to provide real privacy due to browser fingerprinting. these criticisms are based on the parts of my career involving web security, but we don't trust, we verify. here's a demonstration of the problem:
even cloudflare knows who you are. they are not your browser, or the page that you think you're visiting. they wouldn't see amounts, but wallets frequently make change before sending funds, and swap after receiving them. if a mint is behind cloudflare, they will have fingerprinted both the sender and receiver, and recorded the time proximity and ordering. since they are cloudflare, they also know who you are from everything else you do on the internet
this is the cost of using web browsers, and there's very little anyone can do about it at this point. the best we can do is design distributed systems with intermediate layers, but this breaks branding and discovery
https://hacktivis.me/articles/cloudflare-turnstile-webgl-fingerprinting

2026-05-31 17:33:37 GMT

- reply

the best option seems to be to use ai to reduce the cost of development by a few orders of magnitude. this has its own issues (BUT TEH TRUST), but sometimes just a change of strategy creates opportunity.
i'm building a new lisp os because legibility makes defense possible, trust is easier to maintain than replace, and claude's time is cheap. maybe other similarly "vibe coded" apps will help rebalance the situation with nostr

2026-05-31 17:27:51 GMT

- reply

well, yes. but they're still going to exist, and that's okay. the problem isn't "centralized services that use nostr data", it's that primal is one and it dominates the marketshare, therefore the most common nostr experience is centralized
this is a similar problem to the most common bitcoin experience being custodial, and the answer isn't "lecture people on why that's bad", it's to build better distributed tools. this is why i have spent significant time and energy on bitcoindeposits.net
analogously, the solution is probably to make self hosted options like iris.to better. to build distributed caching relays. etc. the problem is that building these costs money, and money likes centralization and defends itself, and so funds things in line with its interests, like primal and spark
there are no good answers here. funding open source has always been miserable. a long time ago i had the opportunity to ask stallman about this, and his reply was that how the software gets built wasn't his problem. at the individual level it's true, but it doesn't solve the problem

2026-05-31 16:31:56 GMT

the fact that we can argue over which nostr clients are "real" proves the point

2026-05-31 16:23:42 GMT

- reply

really closing the back to the future loop here

2026-05-31 16:22:11 GMT

- reply

#nevent1q…zsxh

2026-05-31 14:44:19 GMT

- reply

as opposed to ... building lightning acceptance at square? a bitcoin layer 2? an operating system that's easier to defend than attack?
you think i'm a reply guy because you like talking more than listening, but inconvenient replies catch your attention

2026-05-31 14:33:55 GMT

- reply

there's a fundamental tension here. it's easier to build and benefit from centralized services than distributed apps. philosophically we want distributed, permissionless, censorship resistant things, but most people, most of the time, just pick the easy one. @npub1sg6…f63m often points this out.
there isn't a simple answer, but maybe recognizing the asymmetry would reduce the emotional conflict. we're all on the same team

2026-05-31 04:15:39 GMT

haters gonna hate.
talk to me goose

2026-05-31 03:46:43 GMT

- reply

thats what "permissionless" means though 🤷🏻‍♂️

2026-05-31 03:28:23 GMT

- reply

https://blossom.primal.net/ce0405a7f0208ef6344f22a96fe58afb3ae94d04d4a97cc16cba6f78cb9e4bab.png

2026-05-30 23:05:07 GMT

- reply

i've been watching claude grind modus to pass the 1989 ANSI Common Lisp conformance tests. also boring as hell, and took a lot longer than i wanted, but exposed tons of bugs along the way
the most important skill when developing with ai is to create a verification feedback loop, get yourself out of it, and let the matrix math do its magic

2026-05-30 20:39:34 GMT

- reply

"i can stay autistic longer than the market can stay irrational" 🤙

2026-05-30 18:56:51 GMT

- reply

don't trust: verify

2026-05-30 18:56:20 GMT

- reply

unilateral exit is misguided. maybe try doing the math

2026-05-30 01:29:34 GMT

- reply

yes, but if the seller uses it they burn their reputation. thats unlikely to be worth it, but yes, still possible

2026-05-29 23:03:50 GMT

- reply

don't exit 🤷🏻‍♂️ build a self healing network that doesn't die

2026-05-29 22:28:16 GMT

- reply

when you're in ecash you have to assume mints last forever or confront the fact that rugging, even in the most honest case, is inevitable

2026-05-29 22:24:11 GMT

- reply

or just ghost everyone. my solution to this in bitcoinsdeposits.net is to have public ledgers and funds controlled by someone other than the operator, so if they disappear another node just takes over
couldn't figure out how to do this with blinded payments. i'm not sure it's possible

2026-05-29 22:13:08 GMT

- reply

"i'm going to store all your deleted events and run an ecash mint that tracks everyone using it" doesn't sound like it's going to make very many friends though

2026-05-29 22:11:08 GMT

- reply

will nitro sign that the document originated in the TEE?
but also... right: ecash.
*sigh* the probability of redeeming an ecash token always trends toward zero
can an AWS HSM do the necessary math? you're still bound to the life of a specific HSM, though

2026-05-29 21:51:05 GMT

nostr apparently needs more hackers to keep people honest

2026-05-29 21:49:23 GMT

- reply

err... why? escrow seems to solve this.
also, you can backdate posts (primal accepts a year or two), so it's even easier on nostr than on traditional social media

2026-05-29 21:46:48 GMT

- reply

curious to see how that goes

2026-05-29 21:45:55 GMT

- reply

"i'm running inside a TEE" isn't verification. you have to publish audited, reproducible builds, that generate the key material, and somehow attest that the key was generated inside a process launched from a reproducible build on a TEE, in order to close the loop
and nitro doesn't even provide a means of key attestation. so you can run outside the TEE and just tell people you're running inside one 🤷🏻‍♂️
TEE's aren't magic. they're a very specific capability, and one that's only valuable to the operator. this is the same problem that lexe and maple ai face
h/t @npub1226…grkj

2026-05-29 20:50:17 GMT

https://image.nostr.build/59e671cc5e54c5f1fb851c95555678a3951c245925899549d97be0522fad1134.jpg

2026-05-29 16:05:00 GMT

@npub1vlp…cfwp lol, speaking my language. except for apple products – they're too reliable. but i don't write software for them anymore
https://captainsblog.bearblog.dev/2025/june/dont/

2026-05-29 02:48:38 GMT

- reply

oh snap, that's slick. i'm never going to actually log in 🤣

2026-05-29 01:53:06 GMT

- reply

i would fat zap that 🤙

2026-05-29 01:52:42 GMT

- reply

no it's crap

2026-05-29 01:52:22 GMT

- reply

distinguished!

2026-05-29 01:47:38 GMT

- reply

shhh! it makes us look *verified*

2026-05-29 01:39:34 GMT

- reply

it is... i packed too much into that reply. the reserves/collateral utxo degrades: 3 of 5, later 2 of 5, etc. this means that funds are never truly lost, but are locked long enough for the protocol to be effective.
"respectful confiscation" means that the quorum takes reserves enough to cover the ledgers obligations, and sends the rest back to the node. this is required unless proof of fraud is presented, and it protects the node from losing funds just because it went offline. wallets still get a new operator and access to their funds
when there's proof of fraud, the quorum takes everything, restores ledger operations, and divides the rest up among themselves

2026-05-29 01:26:55 GMT

- reply

if i was being charitable i would explain how this could solve cashu's privacy problem

2026-05-29 01:18:25 GMT

- reply

if the minority is not honest / conforming, that's a different story and relies on the network being overcollateralized, and the conforming boundary having sufficient funds to restore operations

2026-05-29 01:15:45 GMT

- reply

i think what you're asking is, what happens if three of five quorum members suffer a boating accident. i haven't deeply mapped this area, so let's assume the remaining two are honest / conforming. the reserves multisig will eventually allow the minority to spend, but the protocol would still require a majority to consign, which can't happen. i could change co-signing requirements to align with the degrading multisig. this would make sense because what's it matter what the ledger says if the reserves are gone.
assuming this timing tweak, the remaining minority would eventually be able to rotate the quorum, or perform a "respectful" confiscation and resume ledger operations.
but these are slow, so wallets should spread funds around to avoid downtime

2026-05-29 01:02:18 GMT

- reply

yes. losing your winning lottery ticket is a form of slashing

2026-05-29 00:58:56 GMT

- reply

miners can mine any block they want. so why do they mine consensus valid ones?
because it's economically foolish not to. quorum members have their own collateral at stake, and it exceeds what they can steal

2026-05-29 00:54:29 GMT

some people get millions of dollars to build important things

2026-05-29 00:52:20 GMT

- reply

as in, a majority of quorum members go offline? i haven't covered that case as well as others. right now a minority would confiscate and reassign after a long period. 🤷🏻‍♂️ i can only do so much so quickly on my own

2026-05-29 00:34:58 GMT

- reply

hard to pitch the whole thing in one reply. yes, you are operating a bank. but it's full reserves and you have to follow strict rules or you get slashed and someone else takes over your ledger. a form of multiparty lightning channel
https://github.com/bitcoin-deposits/deposits/blob/main/FAQ.md

2026-05-29 00:23:04 GMT

- reply

which features a wallet uses is also their choice. simple, complex, full plaintext, partial with leaves, partial with encrypted full reference. one key, many keys, key change on idle, spend rate limiting ... it's up to the wallets, man

2026-05-29 00:15:00 GMT

- reply

most people will never be able to afford a lightning channel. on-chain doesn't have the bandwidth, and faux-txo solutions have trust issues while still not scaling to "billions of lightning wallets"
so what you're really asking is, is it worth allowing bitcoin to be the currency of the internet.
i think it is

2026-05-28 23:40:57 GMT

- reply

been thinking about that. but, you could use a full plaintext descriptor. less private, but compatible with twelve words. you could also use a tap root plus a full, encrypted descriptor. this retains both twelve words and partial reveal. of course, you still have to find the deposit, but that can be any pubkey off the primary wallet. whole descriptors work because data is cheap off-chain
the deposits north star is the on-chain experience with lightning-like speed and spending costs:
twelve words,
no management,
offline receive,
always

2026-05-28 20:12:38 GMT

the simple truth is that you can never protect a browser from a web server. the only recourse is to build systems where the page can be hosted by anyone, from anywhere, and have it access important things through intermediate layers

2026-05-28 19:38:22 GMT

- reply

which section covers browser fingerprinting and swap time correlation?

2026-05-28 18:51:37 GMT

- reply

test cluster is down. back up soon with fancy descriptors that allow for social recovery and rate limiting
https://github.com/bitcoin-deposits/deposits/blob/main/DEP-16.md

2026-05-28 17:58:04 GMT

- reply

and not a very rational one

2026-05-28 17:52:41 GMT

- reply

sounds like a challenge

2026-05-28 17:06:20 GMT

- reply

bitcoindeposits.net is specifically designed around nostr relays to prevent operators from seeing you, and gift wrapped messaging to prevent relays from knowing you

2026-05-28 17:02:32 GMT

- reply

even if you use a vpn/tor, it's very likely that your browser can be fingerprinted and identified across sessions, even with incognito mode.
this is how the web works

2026-05-28 16:54:52 GMT

- reply

this is inherent to all protocols based on https, which is central to cashu but not other ecash designs.
this would be obvious to anyone familiar with web security

2026-05-28 16:48:44 GMT

fine.
PSA: if you're using cashu without a vpn or tor, you've defeated all of its privacy guarantees.
the mint knows:
who you are,
where you are,
and who you transacted with
#nevent1q…ar3u

2026-05-28 16:35:42 GMT

- reply

yep. trying to ensure delivery beyond best-effort will always sacrifice availability or partitionability / redundancy.
bitcoin is consistent and available
nostr is available and partitionable
trying to be consistent, available, and partitionable is a mistake

2026-05-28 16:31:24 GMT

- reply

so does keeping old replaceable events, without making resolution a client problem
https://blossom.primal.net/24db75bdc37b22429b2cb12740fc58eaa4e2bc2caddc47f5d798eadda2ca4c19.png

2026-05-28 16:15:55 GMT

- reply

if you don't want replaceable events to be overwritten ... just retain them? no protocol changes required

2026-05-28 16:00:04 GMT

i'm not saying that people don't want reliable delivery...
#nevent1q…28ae

2026-05-28 15:59:27 GMT

- reply

if you require sequential ordering, which relay is the point of truth? how does a client or relay keep a partial view? when is your "start" anchor? which kinds are included? do you increment the seq for giftwrapped events? do you block rendering until you've completed the chain? what if the popular relays drop one of your events, breaking the chain forever?
but, i dunno. maybe i haven't thought about it enough

2026-05-28 15:46:32 GMT

- reply

i'm trying my best to give the benefit of the doubt, man

2026-05-28 13:16:11 GMT

the solution to ai ... is more ai
it's still true, and it still blows my mind

2026-05-28 09:38:19 GMT

- reply

lame

2026-05-28 09:38:03 GMT

this centralizes the protocol on relays and kills distribution and censorship resistance. it trades one convenience for everything that makes the protocol valuable
#nevent1q…9fuh

2026-05-28 09:32:28 GMT

- reply

i'm tired of talking to the void
at least ai returns your calls

2026-05-28 09:21:55 GMT

- reply

you stake 2x reserves in a 3 of 5 multisig of existing nodes, then operate as a full reserves bank ledger. if you're dishonest, they confiscate your funds and one of them takes over the ledger. if they're dishonest, they have their own funds that get confiscated.
if it holds, wallets trade annual fees for lightning functionality with offline receive and no channel management, because the network serves as their watchtower.
since it uses ledgers instead of utxos, i'm working on advanced key management that natively provides rate limiting, social recovery, and inheritance

2026-05-28 00:42:23 GMT

everything's a dogwhistle in bitcoin

2026-05-28 00:40:07 GMT

- reply

ah, that's good feedback. no one can actually steal funds though. i'll work on the copy

2026-05-28 00:25:43 GMT

- reply

what if that liquidity had a thousand people transacting on it, and you got bps on idle funds
https://github.com/bitcoin-deposits/deposits

2026-05-28 00:15:08 GMT

- reply

open the channels brodawg

2026-05-27 23:51:20 GMT

- reply

lightning works pretty well when no one cares about bitcoin
think about that

2026-05-27 23:50:01 GMT

- reply

july of last year it cost $45 to open a channel
bro