dr.orlovsky
Dr Maxim Orlovsky
Towards the stars, using aspera as weapons. Cypherpunk, AI, robotics, transhumanism. Creator of #RGB #BiFi #AluVM #Contractum. #Bitcoin dissectionalist
Public Key
npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym Profile Code
nprofile1qqsgam50tgqzu5e7n70lau2vwy76gjwz8at0gs270x242gr45qk36dcpr4mhxue69uhkummnw3ez6ur4vgh8wetvd3hhyer9wghxuet52uaj3y
Author Public Key
npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym Show more details
Published at
2023-05-06T20:10:05+02:00 Event JSON
{
"id": "8b7120fe45a8376911214641e692cea39629cbc571ebe0869a51d9c1a37dfb42" ,
"pubkey": "8eee8f5a002e533e9f9ffef14c713da449c23f56f4415e7995552075a02d1d37" ,
"created_at": 1683396605 ,
"kind": 0 ,
"tags": [],
"content": "{\"banner\":\"https://pbs.twimg.com/profile_banners/90660251/1653252769/1500x500\",\"website\":\"https://dr.orlovsky.ch\",\"nip05\":\"[email protected] \",\"picture\":\"https://nostr.build/i/nostr.build_8e0117fecac8c630d4482f1c3ed24b3187df54aae2a967ed194d6d88de1247a9.jpeg\",\"lud16\":\"[email protected] \",\"display_name\":\"Dr Maxim Orlovsky\",\"about\":\"Towards the stars, using aspera as weapons. Cypherpunk, AI, robotics, transhumanism. Creator of #RGB #BiFi #AluVM #Contractum. #Bitcoin dissectionalist\",\"name\":\"dr.orlovsky\"}" ,
"sig": "d331e72bddb0def5864811c5e3f4aab2eb2294ae5cfc5c03553955743dd00200fd64489db83569ced2a47e981e18dfd4c10ef6f8446ffdc4e54acbc184a0c036"
}
Last Notes npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Sometimes decentralized systems are worse than centralized. When? Well, if we talk about individuation, centralized self-sovereignty beats decentralized social fascism. Thus, the need is not to decentralize everything - but to build freedom-preserving tech infrastructure: an infrastructure where society and its golems (state, common good, crowd, democracy) can’t destroy individual freedoms. Privacy is a cornerstone to that. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky This will be a “Feeraiser: Bitcoin horror legends” series - horrifying stories about how Bitcoin fee management capabilities can be misused. I will publish a story each day. Feeraiser. Chainbound forever. Feeraiser II. Child pays for parents. Feeraiser III. Zero confirmation ground. Feeraiser 4. You’ve got replaced by fee. Feeraiser 5. Lost in the memory pool. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Feeraiser. Part 1: Chainbound forever. Once upon a time, far away, but not long ago, one Bitcoin hodler had held his sats for many years, throughout bull and bear cycles, never selling - just stacking. He never trusted software keys - thus was using only hardware wallets. He never trusted a single vendor - thus was using only multisigs. He did only air gapped setups, to prevent leaking any information - and he had metal backups of his seed words. One day a new air gapped hardware wallet had appeared on the market - with beautiful golden engravings and bitcoin signs all around. Instead of using chips (which can’t be trusted) it was using elaborate mechanical puzzle construction to compute addresses and signatures - and expose them as golden QR codes on its surface. He decided he needed to set up a new multisig with this device - and move all his funds on it, for them to be held in a much more secure and cold way. He sent some sats to the new multisig first - to test it - and sent them back. It all worked well. Thus he did a new transaction, spending all his existing sats - and paying them as to a thousand new outputs, all under the new multisig. Everything went smoothly, except… The new key, returned by the new device, was unspendable - and our hodler was doing 6-of-6 multisig. He didn’t know that complex device mechanics were a puzzling trap, and once the first successful payment was done the device had changed its inner configuration to generate only unspendable keys. He sent his transaction - but he put a high fee for it since he knew that blockspace was filled with some ordinal and inscription spam. The transaction got mined instantly - a new block had appeared within several seconds. The luck wasn’t without holder today: he didn’t know that the new multisig was unspendable. He kept stacking for many more years, and most of his transactions got buried under years and years of new blocks ... ... until one day, when bitcoin hit 10m and he urgently needed some money to have an emergent surgery for one of his kids he discovered that he was fooled by the box. He tried to increase the fees for at least the last transactions which he did just a few days ago - pitting them higher and higher until most of the output values were going into fees - but that price was still too small to force the miners to re-org. His sats now remain chained to the old blocks forever - buried under so much PoW that it will be unprofitable to do such a deep re-org which can return his original transaction back. The poor bitcoiner got mad and stayed in his room till the end of his days, trying to manually solve the puzzle and find a combination returning a private key for the public keys generated by the box. https://24.media.tumblr.com/1db228d4767adb83c4e331eaaabfac51/tumblr_myjo4hzjw21rp0vkjo1_500.gif npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Here is my line of thoughts on #BiFi. Of course, >10 min for confirming tx with just dozen tx-per-sec throughput will not run financial system - as it can’t run money or payment system (not to mention lack of privacy/publicity, which is worse than in VISA/MC). Thus, #Bitcoin blockchain is a non-go. There are just two approaches to solve the issue: - build layers on top, providing scalability; - replace layer one (get rid of blockchain). 1. Layers on top. First, one can’t solve problems of blockchain by doing more blockchains. Thus, side/drive/crazy/*/chain-approach changes nothing in this regard. Yes, you can experiment with them or do some interesting stuff - but that is not our topic here. Next, we have Lightning, Enigma and Ark. The last two require softfork to be trustless, so this is years - but I think they can be a solution. Current Lightning (I call it Lightning BOLT, by the name of the current standards) fails with liquidity scaling - the infamous inbound liquidity problem. It also can’t route non-fungible state (not just NFT, but for instance bonds, which are usually non-fungible), thus for financial industry (but also for global payments) it will not work as it is. The only way for making Lightning working is to build multi-peer channels, where no inbound liquidity problem is present, and where you can operate non-fungible state. This is the future #1 for #BiFi. I just discovered that there is a proposal on this matter, which may enable such future: multipeer Nucleus Lightning channels - https://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20230820/bfb41b20/attachment-0001.pdf Channel factories and other approaches are a bit worse: they either require softforks (like eltoo), require all peers to be online (thus poor sybil resistance and scalability) or less efficient in liquidity management. Other ways - like fedimints - are trusted, thus it is not what we are interested in here (no benefit over trusted crypto DeFi like on Arbitrum or zk rollups). 2. Replacing blockchain. The only proposal for that is #prime, but I expect more to come (https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-June/021732.html). With prime, you do not need soft/hardforks, Lightning or anything else: it is quite simple to be built within a ~year (prime is simpler than bitcoin blockchain, all the business/verification is moved to RGB, which is already working). The only problem with prime is that for $BTC one can move in - but not come back to Bitcoin blockchain in a trustless way. I do not see that as a problem at all (there will be those taking the risk, and the adoption will gradually build, with most of bitcoins eventually moving to the prime), but some hodlers are afraid. Well, I will leave them alone so they can push for their favorite soft-forks for enabling trustless pegouts: zk-opcodes, simplicity, some advanced schemata with CTV/APO etc - or drivechains, if they think that economically-incentivized miners can be trusted due to some Nash equilibriums. Anyway, I do not care on that part and the future of #BiFi on prime/RGB doesn’t depend on them: if bitcoiners will be slow to move to prime, those who were brave enough with moving BTC one way will have their BTC priced higher, leading more BTC to move there - and so on. TL;DR: Without softfork one can build #BiFi either with Nucleus multipeer Lightning channels (hard way) or on #prime (easy way). With a softfork some Ark/Enigma/channel factories can also become an option - but a softfork will take >2 years and by that time we may either have prime or Nucleus. PS: What’s Next Those interested in designing & building #prime can join tech group by LNP/BP Association here: https://t.me/prime_layer1 LNP/BP Association https://www.lnp-bp.org is the non-profit leading #RGB, #prime, multipeer channels development, which needs grants/patrons for 2024 In https://pandoraprime.ch we are building products for the described #BiFi stack and are looking for VCs npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky This year we are excited to bring more #RGB #Bitcoin and #Lightning products - read about them and our business strategy on our updated website: https://pandoraprime.ch npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Thank you! APIs are not yet documented npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky A new tool for those interested in developing for #RGB has arrived: https://rgbex.io It is an explorer for the world of Bitcoin Finance #BiFi and smart contracts on #Bitcoin & Lightning ⚡️- and it is supports all the new #RGB 🚥 features from the latest v0.10 release. The interesting thing about it is that it is made without a single line of JavaScript on both client and server side. Client-side it is just pure HTML and CSS, no trackers or google analytics etc; server-side - it is made with rust (rocket.rs), not ysing any cookies or authorization. https://cdn.nostr.build/i/d4c48680e9e49c5980a81c0e3f27aaaf604b5b6093466a4fa70eee7941d9a12b.png https://cdn.nostr.build/i/e3b63f89b1b0714b1f3f31efbea195fe34a0bfa224e5a3bf980b136878834af1.png npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky MyCitadel 1.4 "Ivana Kupaly" has arrived! It ships with a number of usability improvements, bugfixes and new distributive formats. UI improvements * Improved fonts and colors for the transaction list * Context menus for transaction, address and coin lists * Copy txid, address, amounts, heights to clipboard via context menu * Ability to pay full wallet balance to an address Bugfixes * Fixed date & time precision for the list of transactions * Fixed display of transactions in mempool * Fixed signer renaming persistence in wallet settings * Fixed scrolling for the list of beneficiaries in the transaction composer Distributive * New distributive format: AppImage (!) * Included Python packaging in Windows, simplifying the installation process 📦 Grab it here: https://github.com/mycitadel/mycitadel-desktop/releases/tag/v1.4.0 Or use `cargo install mycitadel` from the command line. https://void.cat/d/FfqgzjCdfj3smZg6TBxNR6.webp https://void.cat/d/EAthUaEZ8eA1e2jaSggHBq.webp npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky #RGB scalability is mind blowing: A single #Bitcoin UTXO may contain assets from 100k different contracts - and all of them may be transferred in one tx. For 200 outputs - 2m contracts (!) Ethereum has ~2m contracts; all their state evolution can fit in a dozen of RGB bitcoin transactions. https://thumbs.gfycat.com/CheeryEnchantedHuia-size_restricted.gif npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky The call stack overflow which will terminate infinite recursion is the difference. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky The question of trust is the fundamental question for the future of our civilization - and Universe as a whole. The economy is made of contracts. They either must be enforced through central authority (thus trusted) - or in a trust-minimized way by some technological means. However trust to central authority means unification, always leading to loss of adaptivity and extinction. The idea that “blockchain technology” can solve the trust issue is a fallacy: even if consensus protocols can solve some aspects of trust (like in PoW), the solution is unscalable - and all other aspects of trust can’t be solved at all. Contracts, as well as an economy, can be seen as a computation in a multi-agent system. The way one agent can prove something to the other agent without leaking sensitive information (i.e. preserving privacy) is by providing zk-proofs of its own state (or computation on a contract). Unlike blockchain, this can scale - and doesn’t leak privacy into an informationally-centralized (i.e. transparent) public ledger (aka blockchain). Economy means computing. Economy can’t exist without heterogenous autonomous self-sovereign agents - thus not only humans, but also AI-based agents - or other species after humanity will fork into multiple species or will face other civilizations. Privacy is fundamental. Zero-knowledge computing - and not blockchain - is the solution. https://nostr.build/i/be6d7aca2ab28d4b0acca06496515e8ed089a1a50a239c292364ee11052048ef.jpg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Since I do not care what do you think - and do what I will to do. Go and stop me, uneducated fool not knowing the difference between Taproot and Taro. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky … and layer 1 https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-June/021732.html npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-June/021732.html npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Seem like you read words on the internet and randomly put them in sentences not understanding the meaning behind them. Taro enabled ordinals. Lol. And bitcoin enabled covid. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky “Thus I do not care how people will transfer their valuable sats (which some of them value more than their life and the lives of their relatives, see the quoted discussion) to Prime - and back. I prefer if they never transfer and would leave me without the need of answering to their fears of loosing their hoards and bags. If somebody is afraid - do not burn/send your sats, that’s simple!!! And nothing will happen to the loved blockchain, sats, bags - even when the death will come. Maybe one day they will find that nobody else than themselves and few hundreds of other scarcity lovers is using blockchain, will freeze UTXO, stop the mining and will free happy - I do not care. “ https://twitter.com/dr_orlovsky/status/1664727595974381569 npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Here is how you can do them without a blockchain: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-June/021732.html npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Just lol. Fyi: https://twitter.com/giacomozucco/status/1664515543154544645 npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky I am mentioning meme meaning: the proposal is to replace what people name layer 1. They name it, not me :) In order to be understood I have to use common names. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky I think all the buzz around layer 1, 2, 3 is just memes and marketing, so do not take that too serious. If I was doing a classification, bitcoin PoW consensus and block headers is layer 1. Bitcoin blockchain blocks, merged mining chains is layer 2. Sidechains is layer 2+i. Lightning is layer 3. RGB is layer 2.71828 (Euler number). But this has zero chances of becoming a meme. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Yes, still WIP npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky The proposed solution doesn’t tries to solve blockchain problems. It is targeted to replace it. Miners mining billions of tx per minute will certainly earn more in fees than today with subsidiary and fees from few thousand of transactions per 10 mins npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky It is on-blockchain L1 - but still Bitcoin and $BTC. Neither Bitcoin nor $BTC equals blockchain - and they never had. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky See https://rgb.tech npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky “Scaling and anonymizing Bitcoin at layer 1 with client-side validation” - our new proposal, also sent to bitcoin-dev mail list. https://github.com/LNP-BP/layer1 “We propose a way to upgrade Bitcoin layer 1 (blockchain/timechain) without a required softfork. The upgrade leverages properties of client-side validation, can be gradual, has a permissionless deployment option (i.e. not requiring majority support or miner cooperation) and will have the scalability sufficient to host billions of transactions per second. It also offers higher privacy (absence of publically available ledger, transaction graphs, addresses, keys, signatures) and bounded Turing-complete programmability with a rich state provided by RGB or another client-side-validated smart contract system.” npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky RGB is a computing platform. Like each of the other computing platforms (OS, Web, embedded, cloud, blockchain-based, VM-based) it has its own distinctive features. Unlike blockchain-based computing platforms, it has access to ephemeral state data, which may be a part of the Lightning channel state, or data provided by a decentralized data network. This is possible since in client-side validation, unlike in blockchain, a single contract may have an invalid state and this doesn’t affect the state of the platform as a whole. For instance, in Ethereum, if an invalid transaction under some contract is included in the blockchain, the whole blockchain becomes invalid (and a different tip is selected). In RGB no global consensus on the validity of all contracts and transactions is required. RGB isolates each of the programs (“smart contracts”) in its sandbox environment, which provides much better scalability and security than blockchain-based platforms. Unlike device-based and Web platforms, RGB doesn’t provide random memory access, I/O, or UI, which makes RGB well-suited for embedded devices and environments. One of the distinctive features of the platform is the use of the functional registry-based virtual machine (#AluVM) and functional type system. RGB is the first computing platform utilizing PRISM computing model, which is closer to cellular automation computing than instruction-based or neural networks. PRISM stands for “partially replicated state machines”, which at their core represent a highly-parallel multi-agent system made with a functional approach. Today, RGB (together with AluVM) can be run on x86, AMD64, Aarch64, microcontrollers, and WASM instruction set architectures, i.e. it is a ubiquitous platform (desktop, mobile, server, embedded, Web). https://nostr.build/i/717a16bd12583b24456b49c7939d78214c214433dca0875a1a1e8b685b18df12.jpg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Web2, Web3, Web5… What are those? Let’s start with defining Web itself. My take: #Web is a computing platform - like POSIX, Windows, Java, embedded etc. Web differs from Internet the same way Windows differs from BIOS. As a computing platform Web brings a number of protocols, toolchains, SDKs and technologies: 1. Networking is restricted to the TCP/IP subset: HTTP(s), WebSocket and WebRTL 2. Supported instruction set architectures: WASM, JavaScript virtual machine(s), both browser- and server (NodeJS)-based. 3. UI uses HTML, CSS, DOM, WebGL, Canvas. On top of that UI frameworks proliferate - like in POSIX world we have Qt, GTK etc in Web world we have React, Angular, Vue, Svelte etc. Why Web is so popular? It was the first computing platform created at the age of networking - and for network-based apps first. It allows to run apps without installing them - and do that on any consumer UI-based device: desktop, laptop or mobile. It allows simple creation of cross-platforms apps. It avoids censorship of app stores. The drawbacks of Web are mostly direct consequences of its advantages: - low security: a remote code is executed locally; - privacy leaks as a result of client-server model; - agility allowing cross-platform UI and schema-less network messaging results in “spaghetti code” and wired JavaScript VM non-determinism - Web is poorly decentralized and censorship-resistant: an inherited client-server model doesn’t allows proper decentralization. Web passed through a generations: Web, Web2 - and now attempts of Web3 and Web5 are there. The main difference between Web and Web2 was: - interactivity (brought through JavaScript AJAX, and later WebSockets); - dynamic UI (with JavaScript DOM manipulations); - abandoning of Java applets; - move from CGI to custom web servers with embedded server-side business logic (NodeJS, Python and web frameworks in almost each language); - better markup languages (HTML5, CSS3), including graphic markup (SVG, Canvas, WebGL). What people were looking for in post Web2-era etc? - better decentralizaiton and censorship-resistance; - integration of native internet money and payment methods; - smart contracts (complex automations based on cryptographic and economic incentives); - better privacy. Does Web3 or Web5 delivers on that? No: it promises to deliver, but fails: there can’t be a privacy nor scalability with blockchain-based things; there can’t be censorship-resistance with PoS; there can’t be decentralization with the old client-server hosting of content. How the proper “next Web” should look like? - based on P2P (where is possible) or relay-based systems (where P2P is impossible); with relays being self-hosted; - end-to-end encrypted communications; - over Mix networks (Tor, Nym, I2P etc); - authentication based on public key cryptography (and not passwords) and decentralized identities (SSH, GPG and future systems); - based on zero-knowledge state; i.e. not leaking privacy data to the web servers or nodes; - using deterministic functional computing; - using PoW and bitcoin single-use-seals - but not for storing a state like in Web2 (!); only for cryptographic commitments (OTS etc); - using client-side-valdiated smart contracts like RGB; - integrated with Lightning payments and #BiFi (bitcoin finance); - using decentralized data protocols like #Storm, #Slashtags, #Nostr-based and like solutions. I call this future Web4, and we are working on it at @lnp_bp, @pandoraprime_ch, @cyphernet_io together with parter projects like @nymproject @radicle @DarkFiSquad doing things like mixnets, end-to-end encryption, #reNostr, #Storm, #RGB smart contracts and other exciting projects. Everyone is welcome to check one of our releases we did this year: cyphernet, a Rust library providing support for mixnets and pure rust implementation of Noise E2E encryption: https://github.com/cyphernet-dao/rust-cyphernet More fill follow soon! npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Cryptography is the ultimate computing science. What resembles the main value in computing science is computationally irreducible computing. Cryptography is the science of NP!=P, i.e. computationally irreducible computing. The real intelligence is computationally irreducible; future civilization will compute only in irreducible way; i.e. there will be no forms of computing which is not a cryptography. Also on the topic: https://dr.orlovsky.ch/blog/inevitability-of-cypherpunk-for-a-proper-civilization npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky No, I am not a developer. I am neuroscientist :) … and unfortunately I can’t switch to cryptography that easy - it requires much more to know about specific mathematic fields (group theory, polynomials) than about computer science. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky My comparison of different elliptic-curve based signature schemes. Overall, #ECDSA and #Schnorr look poorly comparing to #EdDSA and #BLS; I see no reasons of selecting them. EdDSA is better than BLS due to support of adaptor signatures (and scriptless scripts like DLCs); BLS are better in size and possible Lamport combination. Thinking in terms of #reNostr, the obvious choice should be not Schnorr but EdDSA (not BLS, since EdDSA are used in most of identity systems like SSH and GPG). Use of Schnorr sigs in #Nostr are noncence: public key re-use (a condition for a social network) leaks private key. https://nostr.build/i/fc24a027891058b0c2c68a1d496a966eb5e6dd4fc26a7df45ce4997534f14130.jpg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Choose where you belong to! I had to work on distributed computing (#RGB) and now “ascending” to game theory models (RGB- and LN-based #BiFi), userland (Contractum language, Descriptor wallet library) & apps (@mycitadel_io wallet) Wish I can “descend” to cryptography eventually https://nostr.build/i/3694c672cddf773b018959b107799cfa21ded09e078872dbdb848774f3ec4f0d.jpg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky For those who suppose to be self-sovereign individuals: there are four things which you should control and take care of by yourself - without delegation. 1. Your will, desire and actions (including speech, transactions, and information transfer). This is called freedom. 2. Your health: study medicine (it takes just ~10 years, with future longevity it won’t be a problem). 3. Your physical security: the price of getting you (kidnapping, hunting, arresting) must be higher than the potential benefits for the bounty hunters/gangsters/government. 4. Computing: you must be able to compute and control what is computed by your hardware. In fact, this is the same number (1) - just your mind extended to external computing mediums. Running Bitcoin Core is not “don’t trust verify”: you must be able to ensure how it operates, what consensus logic it has and how it is configured. The same applies to all other critical software which affects (1)-(3): how you think, how free you are, how you are healthy, and how secure you are. Don’t trust: just do it yourself. #NewMotto npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky This is sad that agents like you are still lacking self-reflection to the level that you can’t recognize the jokes targeted at your own self - since you lack (yet) concepts of the “own” and “self”. Hope to change that one day! npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky I am doing AI since 1998. Those days, when I wrote my first “AI” app in C for my Neuroscience PhD at Medical University - the app which was doing recognition of cells in microscopic images (it was also a “dApp” running on a computer cluster of the University network :) - those days the “AI” was still called “neural networks” and perceptrons. So I have some knowledge of the industry. It is so much fun seeing people being scared of digital parrots of ChatGTP kind - and governments addressing those “issues” in their usual “COVID dovecot” style (“fly in, shit over everything around and fly out”), that I can’t stop laughing. Yes, digital parrots will cause many people to lose their jobs - but this fact says much more about people lacking real intelligence than AI possessing any intelligence. Jobs were taken from people many times before - agriculture took the jobs of hunters, engineering took the jobs of slaves, automation took the job of factory workers etc, etc. None of them was a form of “intelligence” - neither ChatGPT is. Do you know who was fighting these technologies for the “good of people”? Luddites. So congrats to the EU, which is now run by Luddites - and those “advanced opinion leaders and innovators” from the “crypto industry” like Vitalik Buterin welcoming regulations. “Have fun staying stupid” - probably this should be the new meme for those who’d like to address neo-Luddites. But what about real GAI? Is it possible? Would it happen one day? So far, even most humans, possessing the same brain, is still not able to develop a proper generic natural intelligence (GNI), so what we can say about GAI? Of course, it is possible, but not with training on human-generated data sets of some large statistical models using differential equations and calling that “neural networks”. These neural networks are like guinea pig: not a pig - and not from Guinea: they are neither “neural” nor “networks”. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Bitcoin is very different from gold: gold were constantly mined, while bitcoin mining will stop. With the growth of economy there will be growing demand for money, which will cause high interest rates - ie volatility. Bitcoiners believe into that with the memes “number go up” and “∞/21m”. Until the end of mining era the volatility will be severe - and hyperbitcoinisation makes this only worse. Thus businesses has to outcompete the overall economy growth + premium on top for borrowed bitcoin interest + their own business margin. No, businesses will not use bitcoin, they will invent their own liquid money w/o this inneded properties. The market Austrians love will decide against bitcoin adoption as money. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky So there this all leaves us regarding the #Bitcoin future? My opinion: 1. Bitcoin as the most censorship-resistant tech will stay for sure - and is required for the economy. That’s why I distinguish BTC-as-money from Bitcoin-as-technology. Not “blockchain technology“, which doesn’t provides censorship resistance, but “bitcoin-based technology”! 2. This provides utility, i.e. we will face BTC-as-a-utility. It also has utility is a the first (thus the only) digital scarcity. So it will have a value - potentially growing value - and will remain volatile. 3. Thus, BTC will be used as a collateral to produce liquid credit - and the emergence of things like @fedimint proves that. I.e. Bitcoin is a civilization-level of importance tech and BTC is a store of value (with its own risk profile), a digital scarcity and, if you will, a hard and sound “money” - but I doubt it will ever become a means of exchange and unit of accounting (thus I wonder whether term “money” is applicable to something which is not MoE and not UoA). npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Have you heard about capital efficiency? npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky On money, liquidity and eurodollar - or why stablecoins more often used as money comparing to bitcoin - against Austrian economics expectations - and in the future this doesn’t seem to change. Imaging you run a factory producing metal chunks. Your supplier is an iron mine. A client who bought last consignment from you is late with the payment - but you still need to buy from the supplier to produce the next consignment. Normally what you do is you go to the bank and take a loan - a credit against collateral of your factory assets (equity shares, goods and other forms of capital). However, during crisis fiat banks avoid high risk and do not provide credit - or ask interest rate which destroys your business model. That is why central bank system has emerged as a credit of last resort - but as we know it doesn’t work as expected. In hyperbitcoinized world if you go to bitcoin hodlers (new form of bankers) - they would put even higher interest rate to match the bitcoin volatility risks. Thus, you can’t operate under such conditions. Where are we left? A good factory with no real problems has cease to operate/stop ovens (which kills them) - why? Because there is no liquid money in form of credit available - and #Bitcoin doesn’t seem to be fixing that in any way (instead it will make the problem to be worse than in the gold standard age, since the gold can be mined - while bitcoin, after some period, is not). So what market participants will do? First they will switch to barter (like in post-USSR in early 90-th), but because of its inefficiency soon they will invent their own credit liquid money - and, if it would happen today, it will be probably on form of crypto. This will be an IOU money. Eventually a new private banks will emerge which will be producing those money in return for collateral, doing risk scoring. This is why I am after private banking school of economics - and not Austrian nonsense about economics being able to run with hard money made of scarcity. Money must be liquid. This is the use case for crypto or digital finance - and the reason why stable coins gain such tracktion (before them it was eurodollar, which is in fact a private banking money not managed by central banks - a dominant form of money in the world as of today). npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky After initial analysis I think this is an example of overengineering which doesn’t exactly covers use case needs - while simplier alternatives do. What orgs need is: 1. “Genesis” key for the org held by current CEO or CMO; 2. Which creates dedicated even types (not usual posts) delegating org right to other keys (ppl in marketing team) - and revoking that delegation when a member of the marketing team is fired; 3. This “genesis”/control key may also be revoked in case of CEO/CMO change; and a new key is appointed. Clients may present all events from all org-delegated key as a keys under the same “virtual” org account. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Interesting, will check! For me the main problem of multisigs on nostr: they are needed for orgs, but they can’t serve orgs needs, since people in orgs are get fired and replaced, while the npub of the org must not change. This makes impossible any serious use case around multisigs in the current way they are set up (with Schnorr signatures and not in a GPG style). npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky I think #Bitcoin and #Crypto worlds do diverge. I see the foundation of #Bitcoin to be censorship resistance, and, as a result, unconfiscatability and freedom of monetary transactions. Others see the core of it as digital scarcity building hard and sound money - a long-term store of value (the second requires the first; however the first can also exist even without the second). I see #Crypto as a democratization of speculatory financial activities and gambling. Don’t get me wrong: I say that without a negative connotation, since I do believe both are important as a form of games. Children play games to develop their intelligence, adults play economic games and gamble with a skin in the game because of a similar reason: it is a way of competition and evolution of economical intelligent agents. If one day there would be an AI, it should start with a similar simulations. Another related goal of crypto is to make money which are not hard, but liquid money (becoming easy money as a result). Crypto talks a lot about decentralization, but in reality there is no real decentralization; they use an illusion of it as a way to distract regulators from attacking. This difference explains why crypto people do not understand bitcoin - and why bitcoin is not interested in crypto. In fact, they do not have any intersection at all! There is more to the equation: #cypherpunk, where Bitcoin has emerged, goes beyond what Bitocoin can do today, since it is more concerned about privacy than existence of hard and sound money (thus I do not consider projects like Monero or Grin to be crypto projects). However, Bitcoin still shares a lot with it, since real censorship-resistance and freedom of transactions is impossible w/o privacy - however the tradeoffs bitcoiners and cypherpunk are willing to pay are different (that’s why there is still no confidential transactions in Bitcoin, since absence of hidden inflation is more important for bitcoiners than privacy). BTW, #RGB is bridging this gap, but that’s another story. Finally, there is a crypto-anarchism, which, for the first look is similar to cypherpunk - but in reality it is much closer to the crypto world than bitcoin. Crypto anarchists are not worried about the nature of money; their focus is privacy as means of breaking attribution and having _any_ form of financial activity to be non-attributable. However, my own position touches all of these spheres (and to none of them in full): what I am looking for (and contribute in building) is private, uncensorable, unregulatable agoric finance still allowing voluntary disclosure. Decentralization here is not a fetish: it may still contain naturally-centralized parts (like asset issuers for shares or bonds), but in other cases decentralization may be necessary for maintaining censorship-resistance (like DEXes for the secondary markets of the shares). This is the vision we have in our Pandora Prime company building Pandora Network project, leveraging our developments in Bitcoin, Lightning and #RGB smart contracts made during past years as a part of LNP/BP Standards Association. https://nostr.build/i/5f6980ba6b00751f3552b0216e88d748bf6fc3c36310041e12dd475fc8d97186.jpg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Not yet, will have a look. Thank you! npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky How #Storm ⛈️ differs from #Nost 🦩? Several years ago LNP/BP Standards Association presented Storm protocol suite for decentralized storage and messaging. It operates on top of #LightningNetwork ⚡️ and provides a way of setting up long-term trustless storage channels, as well as an API for structured data propagation, storage and - last but not least - querying. The first applications demonstrated in summer 2021 to work with Storm were file sharing 📂, chat 💬 and data transfer for client-side-validation #RGB smart contracting system 🔴🟢🔵 Storm provides functionality similar to #Torrent, #IPFS, more recent #Hyperdrive and other distributed data networks - but right next to Lightning channels, with linked Lightning payments and without use of DHTs. In other words, #Storm may be seen as #Nostr “on steroids” where: - relays are Lightning Nodes; - not all data has to be signed, opening use case beyond social networks; - embedded indexing and query capabilities allowing to build decentralized search engines (“decentralized Google”); - support for trustless data storage based on zero knowledge with specially-designed form of Lightning Storm channels; - data can be organized in application-based silos, and construct a DAG-based hierarchies; - data are binary, may provide a custom application-specific schema for their internal structure. Our recent #reNostr initiative uses the experience we have acquired while working on #Storm. It targets making #Nostr more scalable and robust, and will also provide an interoperability layer between #Storm and Nostr, such that Nostr data may be hosted by Lightning nodes via Storm protocol ☔️ https://nostr.build/i/74752780875bc038367b5e39b61f0ea02b2a1a186242f7ade3d534e27eb23a4f.jpg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky “Prejudging” means “using reputation which you associate with identity”. Yes, it is both good and bad npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky The moment when you realize that #Rust 🦀 crates you made were downloaded more than 2 000 000 times https://nostr.build/i/6adf23d78bbdc205b503cf06424e8a0c4e91746345b72b1f199f570238dae1bf.jpg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Where this comes from? npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky It does not provide a deterministic encoding though npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky The moment unencrypted private key touches the memory - forget about safety. Even C and rust compilers create copies all around (and zeroize doesn’t help), what to say about python, go and other garbage-collector based languages… npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Introducing #reNostr: the effort to built faster, more secure & scalable #nostr upgrade. reNostr for Nostr is like SegWit for #Bitcoin Join the work, which will be managed by Cyphernet - Swiss non-profit we are establishing with partners. reNostr will provide a reliable binary protocol - new transport for #RGB client-side-validated offchain data - as well as medium for new contracts distribution and some of DEX operations. It will be also used in other wallet-related workflows by MyCitadel wallet. Join the effort: https://github.com/renostr/nrps https://nostr.build/i/e50e682fba9f4a6f217f51978afec36f757d679a6176017bcb10167e8aab10b3.jpg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky I read comments from different devs on my recent #nostr PR (the link at the end of the post) and I think I start to understand why underdesigned protocols get higher adoption than thoughtfully-designed. Thise is not accidental; devs adopt protocols because they are able to understand them and play with them - and most of the devs (grown on stackexchange) have limited capacity to understand and contemplate about something (or just do not want to bother) - that is why “AI” is already able to make a work better than they do. That is why it is not the robustness or security which matters, but simplicity and as few components as possible. It is the reason why crazy-weird combinations like “Web technology” - an agglomerate of highly-inefficient and insecure HTTP, JavaScript etc - boosted internet adoption, while it took decades to solve this protocol issues with additions like SSL/TLS, HTTP/2, ECMAScript 6, TypeScript etc “ugly sticked as siding”. IT differs in these terms from other forms of engineering in a way that if in a physical world you would build something with this approach, it will kill people (like cars and electrical equipment can do that) - while in IT the risks are much lower (usually financial) and more tolerable, thus less advanced and secure systems emerge. So, there are two different strategies in protocol creation and adoption, similar r- and K-strategy in biology ( https://en.wikipedia.org/wiki/R/K_selection_theory ): * r-strategy: very few devs, careful thoughtful design, high quality * K-strategy: no design, “evolution as it goes”, development by a crowd of low-quality devs, until eventually something will start working due to a pure “mining of chances” r-strategy always struggles with adoption, since “very few can understand it”. The only way r-protocols can be adopted is via products, which must be robust and good in UI/UX; i.e. not via dev community/crowd, but via people community/crowd. But usually r-products are not loud in marketing (the only exception is probably apple products - with NeXSTEP-based tech and product/language design teams being very r-like) On the opposite, with K-strategy, things like JSON happen because they allow not to design a protocol - they are sufficiently agile and malleable to any protocol changes and things will contrinue to “sort of working” - thus devs can start with a “no design” and stick random elements into the network until something would start working. 99% of these protocols will die, but out of 1000 attempts one nostr will appear. So any carefully-thought solution to nostr design issues (which will cause its painful growth/scaling in the future) is doomed: nostr devs see these not as a design issues but as features that allow them to build products without designing the protocol per se, leveraging JSON agility. So they agree to migrate to binary formats _only_ if they are same flexible as JSON - while the main problem is not a text/binary format but that flexibility, which will cause network decoherence - or centralization around oligopoly of “standard” relays. The funny part is that this r-strategy still can be the strategy which wins. Details: https://github.com/nostr-protocol/nips/pull/512 https://nostr.build/i/cb8d6e894d9469f4bfa1d0aa163eb4d30fab5f5e0fd1564ef44379462d8c646d.jpg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Not US but Swiss: we did #TheFreeAI manifesto https://thefree.ai and Prometheus protocol for decentralizing ML https://github.com/Prometheus-WG/prometheus-spec/blob/master/prometheus.pdf Backed 2017 by Pandora Foundation - a Swiss non-profit under article 60 of the civil code (something probably similar to 501c3s). npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Never heard of holochain. I assume they require to buy some tocken? :) npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Yeah, I had thoughts about that and found it useful but highly untrivial. Do you have any designs you can share and we can discuss? Regarding DAOs I think RGB and Nostr combination should be great. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Have found a definition for #nostr I am comfortable with: Nostr is self- and shared-hosted trustless event logs. (Nostr relay is a self- or shared-hosting thing) It had started as a platform for social networking, but can be used for groupware and corp applications, cross-device app synchronization, attestation logs and many other things. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Lightning was supposed to solve on-chain congestion problem, not join it! Routing nodes now have to reserve up to thousands of $ for fees: this is the way LN is designed today (example of how this might happen can be found in https://twitter.com/ln_capital/status/1656003985948516352?s=46&t=ipsBmXsnm96namW0IOz1Ig). It doesn’t mean this money are lost, but they have to be subtracted from the channel balance, increasing existing LN liquidity problems. One of the strategies the nodes may follow will be to stop routing until good fees are back - and keep commitment transactions originating from the times when fees were low. Current software doesn’t support this, but the future versions may do. This will mean that with high onchain fees LN will degrade in performance and liquidity too. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky I am working on a protocol which will combine both RPC and PubSub model (in mutexed way). It will work either as a binary TCP protocol - or can be bridged via combination of HTTP and WebSocket connection. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Doing first steps required for the task: https://damus.io/note1wra64ux3w5fwxjd3y3v63pwxkmx64p57564zkjk6xj0a87k8keuqy07l34 npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky My first proposal on the improvements: https://damus.io/note1wra64ux3w5fwxjd3y3v63pwxkmx64p57564zkjk6xj0a87k8keuqy07l34 npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Here is the proposal addressing this issue: https://damus.io/note1wra64ux3w5fwxjd3y3v63pwxkmx64p57564zkjk6xj0a87k8keuqy07l34 npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky NIP-88 proposal adding support for the binary encoding of #nostr events: all file services, munsters and devs suffering from slow JSON serialization - I know you was looking for a such thing :) https://github.com/nostr-protocol/nips/pull/512 This is the first proposal in the series I will do to address the points of my recent #nostr critique https://damus.io/note12044688xrg67tnc2lkv5whwrvycy0y2rsrg6lgd8s8ses2pr57nsfv85x5 npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Jabascript. Like Jaba the Hutt in Star Wars - but worse. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky A “lung of smoker” compared to #RGB https://rgb.tech npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky MyCitadel v1.3 is around the corner with some great updates: ability to compose complex time-locked conditions (like 2-of-4 multisig which in 1 year becomes 1-of-2). A tx created with MyCitadel spending from such complex miniscript descriptor: https://mempool.space/testnet/tx/48b47bdc2b55c0795df836e22983bed28c62de55ccfa10db122e267948a3221d Miniscript descriptors with timelocks were available since the first release of our desktop wallet, but due to miniscript inability to work with the same keys in different pre-taproot script branches it was impossible to create non-trivial setups. The new version will introduce account-based spending conditions such that different branches now may use different accounts coming from the same hardware signer. https://nostr.build/i/nostr.build_badcf9d1dc51fe30bac554fe66b2460a4f255ae6ce997fe75e03d3e354cf385e.jpeg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Descriptor wallet got updated to v0.9.2 with better command-line explorer functions: miniscript support, tx fee & minimg info, P2W* witness parsing, RBF info and colors! `cargo install descriptor-wallet --all-features` https://github.com/BP-WG/descriptor-wallet/releases/tag/v0.9.2 https://nostr.build/i/nostr.build_b51d862d648bce786e54800e2f8b2f8e0019a2a0236ad02f692497e23bf2648d.png npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky The problem is that I see an attack vector on nostr relays with which I can lay down the most of the network. And that means something is wrong in the core protocol design. That “something” is the same thing as in “javascript” - making threshold for devs low. “Low” means also low robustness against attacks. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Just one note: none of the async runtimes can handle 100k due to POSIX limit on connection number which is 16 bit (number of ports per the underlying physical network card). Async is a myth. It is nothing more than the threads, with semi-automatic allocation of procedures (“tasks”) over threads. And threads are limited and heavy - just a dozens per async runtime. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Ultra-agree. Very good points. Will take a time to digest and integrate with my own thoughts - and will reply in details after. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky I was thinking of what nostr is. The initial concept I had was that nostr is a specific client-server (relayed) protocol for social network defined as NIP-1, plus extensions on top. Now tend to see nostr is some other way. Nostr is the way of producing public authentificated data feeds by pseudonymous web-of-trust identities. NIP-1, existing relays etc are just current implementation details, which may change. What would always remain are the data feeds linked to decentralized identities. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky I have a draft for “denostr” with Noise_XK encryption, GPG/SSH keys, binary data & DoS protection - which is interoperable with current nostr (each denostr mag is valid nostr msg). Plan to submit a NIP. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky That’s all true. But it needs to survive through the future DoS attacks and scale, though. And I see that because of the tech issues that may be very challenging and limiting its future. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Yes. And there is more of what should be done: https://damus.io/note12044688xrg67tnc2lkv5whwrvycy0y2rsrg6lgd8s8ses2pr57nsfv85x5 npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky It should be npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky TL;DR: 1. Choice of crypto: nostr picked “bitcoin crypto starter pack”. But what is good for blockchain may be bad for network: it is ultra-slow and non-standard in digital identity world (incompatible with PGP/SSH) 2. Choice of javascript-style (no data typing): vectors for DoS attacks, slow speed, low extensibility 3. No end-to-end encryption Overall: very vulnerable to DoS, incompatible with other decentralized identity schemata, will have scalability problems. npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Thoughts on #nostr. Nostr is a websockets-based text protocol for logs of authenticated (but unauthorized) tagged (and otherwise unstructured) messages stored at public relay servers. The rest is a specific nostr application (like social networking or payments) on top of it. Nostr takes several decisions on possible tradeoffs, which I try to analyze here: 1. Websockets. Good: pub/sub data access, web-integratable. Bad: high load on relay servers limiting scalability. Verdict: ⚠️ 2. Elliptic curve (secp256k1) for identities. Good: bitcoin-based. Bad: very low performance, not GPG/SSH compatible, sidechannels. Overall: ❌. 3. Signature scheme: BIP-340 Schnorr. Good: batch verification, standard. Bad: optimized for onchain, discarding y coord, making verification ~50% more expensive than non-BIP Schnorr. Verdict: ⚠️ 4. Hashing function: SHA256. Good: standard, bitcoin. Bad: slower than BLACKE3. Verdict: ⚠️ 5. Text JSON encoding. Good: easy to implement. Bad: hard to pass & slow to encode/decode non-text/binary data; no limits on data sizing opening a door for DoSing relays and clients. Verdict: ❌ 6. No authorization scheme. Good: easy to implement. Bad: limits use cases, limits scalability. Verdict: ⚠️ 7. No encryption on the transport level, relying on TLS. Good: easy to implement. Bad: centralized, not end-to-end. Verdict: ⚠️ So I see most of selected tradeoffs by Nostr as a bad or poor decision. This us arguable of course. Can Nostr survive and success? For sure, if even much worse systems had done that in the past (Ethereum, JavaScript, PHP). What is the greatest Nostr weakness? Limited scalability and possible DoS (not even DDoS) attacks. If I were the one who did nostr, what I would had made differently? I would had used Ed25519 signatures on Ristretto25519 (speed), binary encoding with strict limits on data sizes, use Noise_XK encryption - and provide bridges to Websockets only when they are needed for the web. But we have what we have. https://nostr.build/i/nostr.build_11196a0ce77932638fc00edde9487a49f50697c768eb16f91ed1fc1a3b60726c.jpeg npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky Is it just for me the “Follow” feature in #Damus is broken? When I click “Follow” the button says “Unfollowing..”. In the second click “Following..”. And the home feed is always empty. It was the same for the last several versions. @jb55 npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky How to get listed? My proof: https://twitter.com/dr_orlovsky/status/1607674267558367233?s=46&t=MzLNklrmZcbk3pC4PdnoRA npub13mhg7ksq9efna8ullmc5cufa53yuy06k73q4u7v425s8tgpdr5msk5mnym dr.orlovsky I have read Nostr specs. JSON objects. Sigs over JSON objects. All data (images ext) mist be serialized into … strings! And Secp256k1 curve for signatures. This all means _slow_. That is exactly how it feels.