hodlbod

Christian Bitcoiner and developer of coracle.social. Learn more at info.coracle.social.

If you can't tell the difference between me and a scammer, use a nostr client with web of trust support.

Public Key

npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn

NIP-05 Address

[email protected]

Profile Code

nprofile1qqsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgspzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgqg3waehxw309ahx7um5wgerztnrdaksv8uwk2

Publishing to

Author Public Key

npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn

Show more details

Last Notes

2025-07-09 21:31:08 GMT

- reply

Those who cannot do, teach

2025-07-09 16:41:34 GMT

- reply

What browser?

2025-07-09 00:14:12 GMT

Just made a website which tracks nostr projects I've created that are approximately useful: https://stuff.coracle.social/
Maybe they will be approximately useful to you too.

2025-07-08 19:53:16 GMT

- reply

This is about right. NIP authors might fail to define heuristics for relay selection, client developers don't explain what different relay lists do, relay operators fail to explain how their relays should be used, users ignore any advice their given. Oh well.

2025-07-07 22:24:06 GMT

Here's a great illustration of just how much data you give away about yourself on social media:
https://noperator.dev/posts/o3-pocket-profile/

2025-07-07 22:15:39 GMT

- reply

Shut up and take my money

2025-07-06 02:07:54 GMT

- reply

Still thinking about it 8 months later

2025-07-05 04:39:49 GMT

Happy Independence Day. Even if the American War for Independence collapses into woke crony socialist fiat after 300 years, I hope it will always inpire people who love freedom to do what their time demands of them.
https://coracle-media.us-southeast-1.linodeobjects.com/1000000244%20(1).jpg

2025-07-03 16:54:24 GMT

Nostr will fail to the extent that people can't tell an impersonator from the real thing. The number of reports I get about my impersonator indicates to me that nostr is failing. But it doesn't have to be this way! Web of trust fixes this.
Let's play a game of "spot the impersonator". I created a fresh impersonator account with a valid NIP 05 from nostrplebs and all the same profile data. I didn't bother to clone my notes or create a bunch of sock puppet followers, but that could easily be done, and would improve the resemblance.
Coracle:
https://hbr.coracle.social/d0088375c6d3f408533ede1d41e57955041748a0028fdc34ad8ef27997af4729.png
Pretty good if I do say so myself. Social trust is shown in two separate ways: web of trust indicator and followers tab (although followers is not complete or sybil resistant).
0xchat:
https://hbr.coracle.social/1db0daf3bd5fa40f0e1bb428407fae93b3fc8d6915bf902d9be8672794c2494b.png
Exactly the same, other than NIP 05 address, which I don't consider any sort of validation at all. This is a classic phishing maneuver, and recently allowed @nprofile…4lcf's impersonator to trick some people.
Yakihonne:
https://hbr.coracle.social/9f47c1610244b9934de4db3ef9b414bd09480686b0cd996f8afa9c95040a8957.png
Some social indicators are shown, but are not sybil resistant. They're also down the page a bit, and might not be noticed by users.
Jumble:
https://hbr.coracle.social/8413e06dede55f08416faa934f35c77c3e098fbc1e00cf7756dd36351ceb4001.png
No social proof indicated at all — the tabs at the bottom can easily be faked by the impersonator.
Nostter:
https://hbr.coracle.social/7b368e6e8fd722e5998cf7f6c6aee6b1c9c75b24ef86463500db24e97f452051.png
No social proof, and failed to validate the NIP 05 for the real user.
Nostrudel:
https://hbr.coracle.social/bb9a937abd6258ede943c289367c2126d3171f1d1dc1c1f06c1ee85cd297a50b.png
Nostrudel does something original in showing the public key color. But how often are you going to memorize a user's color? I'd argue this is even worse than nothing because it obscures the NIP 05, which _might_ tip you off.
Iris:
https://hbr.coracle.social/0a4f2f1a6196bed96d8ca0ed02fb6d7500b515c6b89cb725b542882144e9a19b.png
Iris shows wot-vetted "known followers", which is good. In other places, a wot-based check mark is shown next to user avatars. This should probably be added to the profile page too, but still, pretty good.
Amethyst:
https://hbr.coracle.social/379d5d2f629b77cf7bc5936a1567ca925d070f565587178341ccab4a0b61001b.png
Amethyst shows some social proof, but it's hard to tell exactly what those profile pictures mean.
Primal:
https://hbr.coracle.social/61a08689f9bfb57b6387772feee7592f9fd2bf62eb622d858343ac45abd726dc.png
Like yakihonne, social proof is visible, but not sybil-resistant.
Let's take a look at search now. Some clients do a much better job at this, some do a MUCH worse job.
Coracle:
https://hbr.coracle.social/646e814eaa3495741c6a85cec5240c6057a972b34542a5ee8192bd89cc62523b.png
WOT indicators, correct sorting, complete results. Arguably, the impersonators should be filtered out entirely, but I personally prefer to have them included.
Jumble:
https://hbr.coracle.social/1ba88073a1d9c96737ccb9ae3fdd5303f8a7e4e38649a2c5d063e1ff5d71797d.png
Same thing, minus WOT indicators. Not bad.
Nostrudel:
https://hbr.coracle.social/87ea3587f69512a2e88e9e1751e31b8e0d1f9f29bf48f536eb5c93794727bcff.png
It's a pass, but I'm not sure if duplicates are filtered out on purpose or not. The check marks indicate NIP 05 validation, not wot validation.
Yakihonne:
https://hbr.coracle.social/7013babfd7b324aa4628716fff989b443c1a7ea4a98dafd4c126fd4d177e5883.png
Only shows the legit version, along with a badge (I'm unsure if it's NIP 05 or something else). Pretty good.
Iris:
https://hbr.coracle.social/89337ce8320c9cc4d2714caf343f77a66933458353d59d13653fb71070648140.png
Very limited results, WOT-based check, pretty good.
Primal:
https://hbr.coracle.social/ef25d3cd33c0e902c200bc8d04a809e1aff047bd233d091bd108f436028cc2cc.png
Eliminates impersonators, show follower count, pretty good (though not sybil resistant in all cases).
The winners are Iris and Coracle for web of trust indicators, and Primal and Yakihonne in the "global view of the network" category. I'd love to see this get better though, and not just because I am now famous enough to have an impersonator. WOT calculations are low-hanging fruit, especially with the vertex DVM by @nprofile…zju5 around. Getting this right is a core value proposition of nostr and is worth the effort.

2025-07-01 20:17:24 GMT

- reply

Am I right? Was it Primal that did this? Or was it following.space? I lost track of the source of the hype

2025-07-01 20:13:44 GMT

Person lists used for onboarding have been around for literal years. Here's Coracle's version:
https://hbr.coracle.social/01fc92f71163d4ad41f84f6d7195560f485ac8c16e35e6b9b2960786b900a591.png
Now that Primal has renamed them "follow packs" everyone is suddenly losing their mind. Not salty, just in constant awe of what a little marketing can do.
#nevent1q…k2l7

2025-07-01 16:10:35 GMT

- reply

Hey, welcome to nostr! I've been working on push notifications for the past few months as well, which present some interesting challenges on nostr. I took a quick look at nopu, and just wanted to offer some design critiques:
- How are you planning to grant notification server access to auth-gated relays? The way I see it there are three options: 1. share user keys or bunker access (dangerous), 2. extend the protocol so that relays can optionally support pushing events to another server (not likely to get adopted), and 3. grant access to push servers using invite codes: https://github.com/nostr-protocol/nips/pull/1079. The latter is the approach I'm using, which only works if relays support that PR, but gracefully degrades.
- Using `h` tags is an odd choice, NIP 29 groups bring a whole load of semantics along with them. I would use some other tag, maybe even an `a` tag referring to an existing subscription.
- I like that users can self-host their notification server, but it seems like a pain for users to get their own FCM/APN keys.
You can find my work on this at https://github.com/coracle-social/anchor, which takes a different approach in that it's explicitly coupled to a particular application (in my case, flotilla.social). I've put together a NIP for this over at https://github.com/nostr-protocol/nips/pull/1796 which a few other devs have left feedback for. Also, you might take a look at Pokey by @nprofile…y3c4, which is doing something very similar to nopu.

2025-06-30 23:34:07 GMT

- reply

I'm reading the spec now, liking it so far. I'm glad you separated general purpose flags, application specific flags, and tags. I'm not sure about human readable payloads, it seems like they should always be structured, especially since the only other place to put data is in tags, which is indexed (I think?) Also, limiting tags to 253 bits might be a tricky limitation for referencing URLs which might be much longer.

2025-06-30 19:19:00 GMT

⛴️ New Flotilla release: 1.2.0
This release introduces push notification support on web, android, and ios — this was the last big item to check off before considering Flotilla "normie friendly!"
A lot of the work this release went into refining https://github.com/coracle-social/anchor with support for push notifications. Anchor is sort of a Frankenstein of an application, but might be of interest for anyone hoping to add push notification support to their nostr app — just update the .env file with your FCM and APN details and it should "just work". A NIP that describes the data flow is in review here: https://github.com/nostr-protocol/nips/pull/1796
Also in this release is a new space dashboard, complete with a quick summary of recent conversations — hopefully this works to sidestep Slack's "Threads" tab monstrosity of a design pattern.
https://hbr.coracle.social/b68d7384dc9c0a98d791dc2c1188e90d7dd2500e4e5442b3b3b048cc46adeee0.png
Full changelog below:
* Fix sort order of thread comments
* Fix link display when no title is available
* Fix making profiles non-protected
* Replace bunker url with relay claims for notifier auth
* Add push notifications on all platforms
* Add "mark all as read" on desktop
* Re-design space dashboard
Next up: zaps, better member lists, and of course lots of usability testing.

2025-06-25 15:42:43 GMT

- reply

Like it doesn't load when you scroll, or you can't control the time range? You should be able to customize to set since/until if needed

2025-06-25 15:17:41 GMT

- reply

Try this:
#naddr1qv…09kn

2025-06-25 15:10:46 GMT

- reply

You can create a custom feed that includes reposts and they should get deduplicated, it's just not in the default

2025-06-25 13:43:16 GMT

- reply

Fwiw coracle has the same thing. The tradeoff is storing dms unencrypted which I imagine would't really fly with whitenoise. Alternatively you could re-encrypt with a local key (since the bottleneck is really nip46), or keep a decrypted index to build list views, but store the actual messages encrypted

2025-06-24 22:36:25 GMT

- reply

I run relay.nostrtalk.org for this purpose, which is best used via flotilla, but also works on chachi (I believe). But I was thinking about this problem, I think the issue is that nostr itself is the nostr dev community, and so there's not much incentive to switch to a room/channel/relay/community/group

2025-06-24 22:33:27 GMT

- reply

Was humble pie served?

2025-06-24 22:23:08 GMT

- reply

I hate to mention it, but also take a look at https://github.com/pippellia-btc/rely which looks quite good. Also, fiatjaf is re-writing khatru/eventstore: https://pkg.go.dev/fiatjaf.com/nostr/khatru

2025-06-24 16:10:39 GMT

- reply

Hey @nprofile…79lq I just added a cache to my proxy instance, I don't know if ip banning is automatic or what, but if you could un-ban 66.228.53.172 that would be helpful

2025-06-24 15:59:45 GMT

- reply

Makes sense. I put the proxy behind a CDN but it doesn't look like it's caching anything 😐

2025-06-24 15:31:00 GMT

@nprofile…s7vf when using an imgproxy instance to load images, a lot of media from nostr.build is timing out with a 504 from the proxy instance. The images load plenty fast when requested directly. Any idea what's going on?
https://github.com/coracle-social/coracle/issues/625

2025-06-23 23:37:26 GMT

- reply

Thanks I hate it

2025-06-23 17:02:28 GMT

- reply

Flotilla supports calendars, although it will only work if you know what relay they're being posted to

2025-06-23 15:42:39 GMT

- reply

https://github.com/coracle-social/frith doesn't have this bug, and has some interesting things that relay29 doesn't have, like invite codes, normal relay mode, etc

2025-06-21 19:53:02 GMT

- reply

Snow crash is amazing

2025-06-20 18:37:49 GMT

- reply

Nice, do you know of any services that use this functionality so I can try it out/look at code?

2025-06-20 17:02:24 GMT

- reply

@nprofile…wkgf @nprofile…084g @nprofile…gkge

2025-06-20 17:02:07 GMT

Has anyone figured out subscriptions or pull-based payments on lightning/NWC yet?

2025-06-19 03:40:00 GMT

"The idea of effecting decentralization while maintaining technical progress is purely utopian."
Jaque Ellul

2025-06-14 00:38:09 GMT

Really enjoyed watching Pig with Nicholas Cage

2025-06-12 17:56:29 GMT

- reply

Even with background workers? I'm trying to design something for normies without pokey, obviouspy if they have pokey installed that would be preferable. Is there a way to detect if pokey is installed?

2025-06-12 17:48:52 GMT

- reply

I guess I could also just imitate pokey and do the same background processing in Flotilla directly. But the limitations just seem so severe. From perplexity:
- Android allows background services, but recent OS versions (Android 8/Oreo and above) impose strict limits on background processing to save battery life.
- Foreground services can run persistently but must display a notification, which is not ideal for most user experiences.
- Periodic background work can be scheduled using WorkManager, but the frequency is limited and not real-time.

2025-06-12 17:41:37 GMT

- reply

I haven't dug into the details on any of this, but the way I understand it is (at least when using FCM) you generate a client-specific token and send it to the push relay, which then sends notifications for all subscriptions by token. So you wouldn't need a relay per client, or per user (unless the user wanted to set up a custom push server).

2025-06-12 17:36:15 GMT

- reply

Is there a kind used for configuring user push notification relays?

2025-06-12 17:34:36 GMT

- reply

I read pokey's readme and played around with it, it does look like a background process. Which is great for user security, but not so much for battery use, multi-device, or UX simplicity.

2025-06-12 17:27:50 GMT

- reply

So the push server has privileged access to the relay's content so that it can fulfill requests for a given pubkey? That makes sense. So to translate this to a group context, you would need every community relay to either support push notifications directly, or forwarding events to another push notification server? More complex, but it avoids the need for signer access. I'll think on't.

2025-06-12 17:21:52 GMT

- reply

Well, I need this to work on iOS as well. But I'm also a little in the dark about how pokey works (I know next to nothing about android development). Is there a server component, or does pokey just run in the background all the time?

2025-06-12 17:19:36 GMT

- reply

How does the push server get access to the content in the first place? The use case I have in mind is relays with NIP 42 access control.

2025-06-12 17:00:36 GMT

Does anyone have ideas on how to handle push notifications for encrypted or access-controlled notes? The problem is that it seems to me the push notification server is going to need access to the user's signer in order to sign relay AUTH messages and decrypt DMs (if they want to show DM content in the notification).
On my email notifications server (https://github.com/coracle-social/anchor), I'm allowing the user to optionally send along a NIP 46 session so that I can sign AUTH messages, but for obvious reasons this makes me nervous.
I am aware of 0xchat's spec for push notifications (https://github.com/0xchat-app/0xchat-core/blob/main/doc/nofitications.md), but it seems like closed groups and NIP 17 group chat support is limited.
@nprofile…pt5w @nprofile…5e7v is this something you guys have solved?

2025-06-12 16:12:45 GMT

https://github.com/pippellia-btc/rely by @nprofile…0ug6 looks quite good

2025-06-12 00:44:57 GMT

My wife just made some sourdough cheez-its and wow

2025-06-09 23:05:57 GMT

🧶 New version of flotilla.social is out! And yes, I am still vainly trying to fight the vibe, however I've given up fighting NIP 29. This release drops support for "Unmanaged" rooms, moving messages to one big chat room, or (depending on relay implementation) to proper NIP 29 rooms.
Also included are several UX improvements, and probably some regressions. See below for details:
* Add better theming support
* Improve forms for entering invite codes
* Rely more heavily on NIP 29 for rooms
* Support multiple platform relays
* Remove default general room
* Remove room tag from threads/calendars
* Show pubkey on profile detail
* Support pasting pubkey into chat start dialog
* Add minimal style for quoted messages

2025-06-06 23:33:56 GMT

doing > having

2025-06-06 22:06:31 GMT

- reply

This is @nprofile…9h9m's fault

2025-06-04 20:29:50 GMT

- reply

correct

2025-06-04 18:01:50 GMT

- reply

Amethyst also has support for encrypted media

2025-06-04 18:01:24 GMT

- reply

Here's how I'm doing it: https://github.com/nostr-protocol/nips/pull/1947
This approach is based on some stuff in NIP 17 for sending encrypted media. Basically, encrypt the file, upload it to blossom, and send the decryption key in a message along with the URL. I think this works great. I don't know why in particular it doesn't use NIP 44 (maybe @nprofile…vz88 can elucidate). But aes-gcm is pretty standard web crypto, so not hard to use. For your use case, you might look at defining a new event kind for "encrypted media" in NIP 94.

2025-06-04 17:38:17 GMT

- reply

Yeah, the encrypted media thing is a huge oversight. Strangely, I've gotten a lot of push back for the way I've proposed doing it. But I'm going to forge ahead anyhow 😂

2025-06-04 17:09:18 GMT

- reply

Not at all, I've been meaning to fix this for ages, just haven't gotten to it (and probably won't for a while either)

2025-06-04 14:52:58 GMT

- reply

You're correct about coracle, I write to the public list for web of trust purposes, but it would be nice to have the option to mute privately. I've opened an issue for that. Regarding mute words, I implemented that before it was added to the 10000 via NIP 78. I've opened an issue to migrate that as well. Thanks for being a squeaky wheel on these kind of forgettable minutiae.

2025-06-03 23:53:04 GMT

- reply

@nprofile…mhcf @nprofile…5ntl have either of you guys addressed privacy of media uploads to private groups? Does this PR look reasonable?

2025-06-03 20:01:12 GMT

People sure are salty about ecash

2025-06-03 18:02:07 GMT

Does anyone else feel like using a cashu mint based on reviews is sort of backward? You can't know if they're going to rug you unless they've already rugged you. Which means you can't use reviews to gauge trust (though you can gauge uptime etc). Reviews might even be a problem, since mints with high reputation will attract more users, making it more profitable to rug their users. The whole idea (same with relays) is to spread activity across many custodians to dilute the risk, but reviews seem to undermine this.

2025-06-03 17:26:14 GMT

Opened a PR for encrypted file support in NIP 92 and 94: https://github.com/nostr-protocol/nips/pull/1947
@nprofile…67r3 @nprofile…gpcc curious if you think I'm doing something evil/redundant and if I should approach this differently.

2025-06-02 21:58:17 GMT

I had an idea this weekend for how to make running community or personal relays easier for non-technical people by piggy-backing on commodity relays to avoid dealing with DNS/incoming connections. This would allow people to simply run a "relay" on a computer they own, but have it publicly accessible.
The way this works is via a DVM-like flow, where the user NIP 59 wraps a message to the relay's pubkey, sends it to a public relay where the target relay is listening, and waits for a similarly wrapped response back.
I call these "kelays", which is a terrible name, but the best I could come up with within 8 seconds. You can see my proof of concept implementation at https://github.com/coracle-social/kelay. The go program allows proxying any relay, and the `example.sh` uses `nak` to demonstrate the flow.
People could address these using something like `kelay://<pubkey>?relay=wss://relay.example.com&relay=wss://relay.example.com` This obviously routes traffic through hubs, but I think that's a reasonable trade-off, especially with the option to use multiple broker relays.
What do you think? This could obviously be abused in any number of ways, and I still have to figure out how I can make NIPs 42 and 98 work. And maybe some other p2p technology would be more suitable for hole punching. But this is the kind of left-of-bell curve solution that made nostr famous, so I'm reasonably optimistic about it.

2025-05-31 18:06:46 GMT

- reply

I have a fix coming - unfortunately it ia going to wipe out current rooms and require a relay upgrade to support nip 29 😔. I'll try to migrate things reasonably smoothly

2025-05-30 22:00:03 GMT

#asknostr I'm looking for a book which offers an argument for why the internet is "good" in the sense that it advances human flourishing. I want an argument that doesn't rely on:
- Cooked utilitarian metrics (consumption, access to services, literacy rates)
- Unreflective appeals to individual freedom, self-expression and authenticity
A teleological argument (what are humans for and how does the internet advance that purpose) or an ontological argument (what is good about humans and how does the internet amplify that) would be ideal.

2025-05-30 17:10:06 GMT

In this age of vibe-coded nostr apps I am getting back in the habit of manually approving signing requests 😂

2025-05-30 17:09:23 GMT

- reply

My jeans zipper always beeps. I've had like 5 pat downs in a row. The TSA is a joke

2025-05-30 17:08:43 GMT

- reply

Coracle used to do this, but dropped it because it's pretty rare you're going to be certain about a given person's color (and you probably already follow them if you are)

2025-05-30 16:05:49 GMT

- reply

What more can I do

2025-05-30 16:05:37 GMT

- reply

Also @nprofile…4gce @nprofile…3uqq @nprofile…kwss @nprofile…ajqa @nprofile…7kv8 @nprofile…r7f6, please unfollow @nprofile…t867

2025-05-30 16:01:26 GMT

PSA @npub17yz…a6q6 @npub1824…tzv8 @npub1ehh…zjqv @npub1mt8…m7cz @npub1vxl…gnvx @npub17vc…6mq9 @npub1nn5…zmh4 @npub1pc5…dmza:
Please unfollow and mute the impersonator account @nprofile…xfp4

2025-05-30 12:44:43 GMT

- reply

I will likely record an episode on it

2025-05-29 18:33:28 GMT

- reply

This is a pretty good place to start: https://www.theinvestorspodcast.com/bitcoin-fundamentals-starter-packs/bitcoin-basics/
@nprofile…sl5f's interview with Breedlove (included in the starter pack) is what got me into bitcoin.

2025-05-29 18:09:42 GMT

- reply

The world is not ready for that content

2025-05-29 17:12:23 GMT

- reply

way more intimate content than I was expecting in my feed this morning 😂

2025-05-28 22:34:43 GMT

How I feel working with NIP 29
https://www.youtube.com/shorts/41iVm_57yyc

2025-05-28 21:12:51 GMT

This is a commentary on the delegation of agency to machines, written in 1973, but maybe relevant for all you vibers out there.
#nevent1q…uecj

2025-05-28 20:49:01 GMT

"It is now time... to shake off the illusion that men are born to be slaveholders and that the only thing wrong in the past was that not all men could be equally so."
- Ivan Illich, Tools for Conviviality

2025-05-28 14:08:55 GMT

- reply

Whitenoise by @nprofile…lycm uses strong encryption for privacy within groups. Currently kind of a signal alternative but it could scale to larger groups. However, there is always a social trade off to be aware of. The larger the group, the less trust exists within the group, and the less consequential privacy on the technical level is.
I also think that the relay requirement is an acceptable trade off, since large groups are usually going to have a sufficiently committed admin that will be motivated to run a relay, while smaller groups can thrive in a more informal encryption-supported scenario. The relay requirement may actually be a beneficial barrier to entry that discourages insufficiently motivated would-be community organizers from starting.

2025-05-28 13:57:38 GMT

- reply

Somewhere between is and ain't

2025-05-28 01:41:43 GMT

- reply

Code is law after all

2025-05-28 00:36:55 GMT

- reply

The BS jobs came from technology, more technology is not likely to get rid of them

2025-05-28 00:35:34 GMT

- reply

Retirement is when people finally start doing real work

2025-05-27 23:26:44 GMT

The proliferation of "AI assistance" in professional settings is going to result in increased alienation from work, worsening an already acute crisis of meaning and purpose. The depressed workers on whom AI relies for direction and agency will get less and less done, resulting in a reduction, rather than an increase, in actual productivity.

2025-05-27 23:06:52 GMT

Just discovered that I accidentally banned myself from nostr by adding a `-` tag to my kind 0

2025-05-27 22:42:16 GMT

The new "not everything has to be kind 1" is "not everything encrypted has to be kind 14"

2025-05-27 20:03:47 GMT

Got some pretty sweet central-american-gang-member-style back tattoos going on today
https://hbr.coracle.social/4691f2d04c07ce1b0349331b50847174f9fd126796c1467688e9b2509a0f7a9a.jpg

2025-05-27 15:07:26 GMT

- reply

Open carry gives away the initiative and paints a target on your back.

2025-05-25 00:15:07 GMT

Finally tried out Primal on Android and... I see why the hype. They've nailed the UX 95% of the time. The reads tab is especially pleasant. Soe bugs/suggestions for @miljan a team:
- Scrolling the feed naturally often opens the side nav. Dial that gesture down.
- I've always hated twitter-style notification pages. Take a look at coracle's notifications page for a (imo) much more helpful notifications view. Noy only does it show context, but it also ends up acting as a readable digest.
- I had to bail when writing this note because the note compose screen was missing keyboard input. Like, I had to type the same letter multiple times for it to register, and then it stopped working altogether.
Primal is almost a completely different experience from coracle, down to what content shows up. Sort of dicey too on the explore tab. But great work, really.

2025-05-23 23:44:37 GMT

The more I learn about @nprofile…7l94 the more I like the guy
#nevent1q…r43j

2025-05-23 23:09:20 GMT

- reply

Sent a DM, but coracle is telling me you don't have DM relays set up. Is that true or is my software lying to me

2025-05-23 21:59:52 GMT

@nprofile…3nww stacks is the best experience I've had so far with vibe coding. Your recent work is really... interesting. Want to come on the podcast and talk about it?

2025-05-23 21:58:18 GMT

- reply

Yeah, 1059 wraps 13, which wraps 14. This allows the only metadata visible to be the addressee. It also allows the DM to be deniable since it doesn't carry its own signature. It's annoying to implement, but @welshman/signer has one implementation, and there are others out there if you're looking for a library to use.

2025-05-23 21:14:16 GMT

- reply

who knows at this point

2025-05-23 21:13:52 GMT

- reply

Can't really enforce it on the relay level without sharing the ability to decrypt the events, since sender metadata is obscured on nip 17.

2025-05-23 21:12:40 GMT

- reply

Mostly claude, but via codebuff, claude code, stacks agent, etc etc etc

2025-05-23 21:12:14 GMT

- reply

No, because relays don't know who sent the message

2025-05-23 20:11:08 GMT

- reply

With nip 17 it's trivially easy to spam someone's DMs, and since sender metadata is hidden, relays can't do anything about it. Clients have to download all DMs regardless of who they're from, then make decisions about whether to show them to the user. Say someone sends 1000 DMs using 1000 different one-off pubkeys. Now you have to sift through 1000 conversations to find out if any are legit. It would be good if clients could just say "found 999 conversations that are likely spam, here's the one good one".

2025-05-23 19:37:30 GMT

- reply

you don't want to see those

2025-05-23 19:37:12 GMT

- reply

I think my problem is that I think by coding. It makes it very uncomfortable to switch to planning mode and let someone else have all the fun of actually building. But I think this is the right way to use it.

2025-05-23 19:06:39 GMT

Seems to me effective vibe coding is less about telling the llm what to do than creating an environment in which it can thrive. Just like any form of life it has to exist within a given context in order to orient itself, otherwise it is without purpose and only represents mere possibility. The job of the vibe coder is to allow the llm to self actualize.
But don't listen to me yet, all my vibez are garbage so far.

2025-05-23 18:12:12 GMT

- reply

I would be very interested. I feel like all you believers are just gaslighting me at this point 😂

2025-05-23 15:32:02 GMT

- reply

@nprofile…vs2j @nprofile…wkgf @nprofile…es5n @nprofile…tvqp you guys keep talking about how great it is, if you have time drop in and give me some tips. I think it might just be that I'm lazy, don't have management skills, and like writing code. But maybe there's hope.

2025-05-23 15:30:32 GMT

- reply

hodlbod learns to vibe code take #87
Join me on zap.stream to watch me figure out this vibe coding thing. Comments, criticisms, suggestions welcome.
https://zap.stream/naddr1qqjrgcf589jkzvpk95cnsdp4956xgdmz94snvwrz95crvvpkxsck2dtrv4nryqg3waehxw309ahx7um5wgh8w6twv5hszxthwden5te0wfjkccte9eekummjwsh8xmmrd9skctcppemhxue69uhkummn9ekx7mp0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qghwaehxw309aex2mrp0yhxummnw3ezucnpdejz7qg3waehxw309ahx7um5wghxcctwvshsz8nhwden5te0dehhxarj94c82c3wwajkcmr0wfjx2u3wdejhgtcpz4mhxue69uhhyetvv9ujumn0wd68ytnzvuhsz9thwden5te0dehhxarj9ehhsarj9ejx2a30qyv8wumn8ghj7un9d3shjtnxda6kuarpd9hzuend9upzpn6956apxcad0mfp8grcuugdysg44eepex68h50t73zcathmfs49qvzqqqrkvu4ftd5f

2025-05-23 15:15:48 GMT

Are there any clients out there that have solved the NIP 17 spam problem from a UX standpoint? It would be nice to separate "requests" into requests from reputable people in your network (based on wot or pow) and requests that are unlikely to be worth your time.