Last Notes
GM folks! GIMP 3.0 is fresh out of the oven and PhotoGIMP (a project proudly led by 🇧🇷🇧🇷🇧🇷 devs) is already here to make it more accessible for Photoshop users. Give it a try and support OSS!
https://github.com/Diolinux/PhotoGIMP
#gm #foss #opensource #tech #gimp #artstr
Hello from nak fork - trying to alternate NIP-46 remote-signer-pubkey, please ignore this message
GM Maria, have a great Tuesday!
@nprofile…78kd I assume that you are behind the service. It looks like it is already down unfortunately. SSL certificate issues, NIP-05 validation problems, etc. Not bashing by the way - things do go wrong. Plus... I’ve faced attacks in the past just for offering free software and services on Nostr. Imagine if I were actually charging for it.
Unfortunate timing for sure. Hopefully, this is just maintenance window or an infrastructure issue rather than a targeted attack.
I hope you’re right. It’s always good to be positive.
That said, smart, capable, hard-working couples aren’t having nearly enough children (and yes, I admit I’m part of the problem here). Not many children will be born in a safe, stimulating environment that’s well-equipped for them to do their exploring.
I’m a firm believer in humanity’s capacity to adapt, self-correct, and overcome. Still, our current trajectory is a bit scary.
I'm not op, but fiatjaf has posted this in one of the comments in this chain.
#nevent1q…nzep
No, you won’t lose your account or profile. On Nostr, your account is a key pair: your npub (which is public, in your case, @nprofile…gquv) and your nsec (which should be known only to you, think of it as a password of sorts).
Your Lightning address is completely unrelated to your Nostr identity. You can create one on WoS, Coinos, etc., and associate it with your account.
You don’t need to pay for Primal, and you don’t need to pay for Alby Hub’s cloud account.
In fact, I’d even argue that, at least in the beginning, you shouldn’t pay for anything. Only pay for a service when, and if, it starts adding value to you. For your first experiments zapping on Nostr, a free wallet that provides a Lightning address (so others can zap you and you can zap them back) is more than enough.
For sure! And I didn’t mean to diminish the difficulty of the task. By "trivial," I just meant that Khatru has built-in functionality to read auth credentials, as well as to reject events and filters. Since you're working with my Dockerfile, you already have an easy way to compile and build, so all the pieces are in place. :)
Have a look at the cookbook above and the `main.go` file in SW2 (see how utxo has rejected events? You can do sometning similar for filters, but using NIP-42 auth to obtain the pubkey as per the cookbook). If you still have any doubts, feel free to ask away!
GM Beave. I'm very happy for you. Keep working on these overpowered charisma stats and who knows, Ms. Doe may eventually take notice 🤣. Enjoy your new work schedule and good luck with the trailer!
Got it, thanks. I'll give it a read and do some more practical research. I admit that I've played with impressive demos and not much else.
But I think I’ve sidetracked the post by even mentioning IPFS. My main idea was to implement Nostr Notes + Blossom media sync through torrents. Have, say, Khatru/Haven expose a torrent with a file structure similar to what you did for nak/FUSE, plus all my Blossom blobs. I can then expose a magnet link with a BEP-39 update URL.
We could even have a specific event on Nostr for folks to discover my Nostr/Blossom content index URL. For lack of a better name, let's call it master outbox. Anybody else can use this torrent to sync and seed my notes and media.
This doesn’t need to be a massive centralised index like Bluesky. Instead, each user publishes their content to whatever relay they want, chooses one as their current master outbox, and other relays and even clients (through WebTorrent) can perform full or partial syncs using the torrent/magnet link. Wouldn't this be useful at all? Sure Negentropy can be used for more complex gathering of notes spread across relays. But for simple sync it feels like this would be an efficient way of doing things.
The 40, 82 and 833 are all split payments from the split payment that you have set above. The 50 sats is from my previous split payment
Or... Just... Don't go there? 🤣
Thanks for your service Fishcake. Moderating bigger Blossom and NIP-96 instances is already a lot of work. Doing that plus dealing with notes from real people who are willing to attack your service (and you personally) every time moderation doesn’t go their way is almost impossible. I’ve seen so many instance mods put in serious effort to keep Mastodon instances alive, only to eventually give up because of constant attacks, doxxing, smear campaigns, threats to their families, and all sorts of nonsense.
I have no illusion that some owner / admin moderation is needed at both the relay and media server levels, but when Nostr grows past the "manageable" 20K daily active users and heads toward 200K or even 2M+ users, decentralised moderation (beyond just reports) is going to need some real attention.
I think we need something like Stack Exchange, where a certain number of reports trigger a media/post review. That review could then be handled either by consensus among a few "reputable" users or by a single "highly reputable" user (where reputation is defined by a mix of relay/media server trust and npub metrics). Maybe even add some perks for voluntary moderation to sweteen the deal, i.e., some sats, bigger upload limits, Nostr badges, etc. Gamifying moderation has its own issues, but at scale, it tends to work pretty well.
I was thinking about this the other day. Someone could scan kind 10000 events (Mute List / NIP-51) across relays, filter the results for a certain pubkey, extract the respective event authors and Bob's your uncle. There’s still an encrypted "private" mute list stored in ".content", but I guess that extracting the list of people publicly muting someone with a 20 line script is already a good start.
Thank you. Yes, I'm struggling to optimise things with Cloudflare. Some Nostr clients are fetching the same endpoints over and over again (think NIP-05 and Blossom endpoints). When I look at the client code it's usually pretty standard JavaScript fetch request with cache: "default". This should all be hitting the cache, so I really don't understand why I'm getting so many requests.
Good Night Nostr.
https://youtu.be/6usx5vS238Y?si=JsWi2-gT6UfiLiQ6
Not really 🤣. I think that YOU have a strong case to make it obsolete. Again, I respect your "dark patterns/totalitarianism" position, but it's not mine at all. All tools, including public follow lists, can be used for good or for evil. I think that public following, despite its downsides, is a fundamental way to drive discoverability in decentralised social media. I want to fix follow lists, not get rid of them.
That said, I will defend everyone's right to use encrypted kind 30000 sets, special relays, algorithms, and any number of other tools, including those I'm not particularly keen on (I have my own views on bad incentives). I'm also more than happy to discuss and explain my views to others, as long as they don't try to impose theirs by force (e.g., "let's deprecate follow lists by force now" or "let's impose algorithms," etc.).
To be even more candid: I actually like the fact that everything on Nostr is supposed to be a signed attestation. This includes making your follow list public (as you are doing right now by following the projects and devs working with you). Benefiting someone or some project with social media visibility through Nostr network effects should be intentional. Not following anyone publicly is also an intentional attestation of your beliefs. It has its pros and cons, as I pointed out in my first reply.
I don’t need to agree with you to interact or even collaborate on things we both believe in. Heck, there are plenty of points where I strongly disagree with fiatjaf and utxo, yet here I am contributing code to Haven, Khatru, etc. I may change my mind about some things, they may change theirs about other things, or none of us may change our minds at all, and that's absolutely fine. In my books: being opinionated is good; public discussions are good, cult-like assimilation and closed-doors decision imposed top down are bad.
Thanks again for the NIP-05 domain blocking stuff. It made it possible to use the Global feed again without all the bots, plus the hentai and porn-spamming bridges running at full throttle. (The funny thing is, I’m on the Fediverse as well and never get these directly there).
We need a new Carl Sagan. We are long overdue a 2nd edition of The Demon-Haunted World ( https://en.wikipedia.org/wiki/The_Demon-Haunted_World )
You can run 𝚐𝚒𝚝 𝚌𝚘𝚖𝚖𝚒𝚝 -𝚜 and join the fun side of the Force 🤓😎. Next, try a slightly more complex step: sign a commit or release tag with PGP :).
Unfortunately, IME, chances are that this isn’t an accidental / peering problem. A lot of ISPs are blacklisting domains that have been classified as "malicious" or "phishing" by somewhat trigger happy security companies.
Also, even before checking with your ISP, assuming that you don't have a dedicated firewall or internet security software, do have a look at your router admin console if you have access to it. Nowadays, most routers have built-in home network security functionality. For example, Asus routers have "AiProtection", Netgear routers have "Armor", TP-Link has "HomeShield" and so on. I believe most of them have their security services enabled by default out of the box.
They all essentially defer to a "select" group of security companies to identify threats (Trend Micro, Bitdefender, etc.), and these companies often copy each other’s homework. So, it would be interesting to check if jellyfish.land is not being flagged as a "malicious website" and blocked by one of these mechanisms.
Look at the date of the post 🤣
The bill was actually higher than that 🤣. This is what the company saved monthly by using self-hosted runners and moving some of the storage and packages respectively to S3 and ECR. I'm not counting GitHub Enterprise, Copilot, Codespaces, etc. Although, to be fair, runners (by far), storage and data transfer made the bulk of the cost.
https://docs.github.com/en/billing/managing-billing-for-your-products/managing-billing-for-github-actions/about-billing-for-github-actions
https://docs.github.com/en/billing/managing-billing-for-your-products/managing-billing-for-github-packages/about-billing-for-github-packages
~10°, sunny and dry. The perfect weather.
Can you expand on why IPFS doesn’t work or point me to an article where I can understand its issues?
I wasn’t thinking of anything as ambitious as replacing Nostr relays, clients or Blossom servers. Just sharing events and blossom vlobs as a signed torrent with an "update URL", allowing both clients and relays to sync, seed, list or navigate my stuff to your heart’s content. Relays would still be there to serve all of this over WebSockets, and Blossom would still be there to serve media over HTTP, etc. In other words, I’m not thinking of throwing away the existing protocol and sending Nostr back to day zero, just checking if we can't solve sync, specially between relays, in an easier and likely more efficient way.
I’m pretty sure you’re pulling my leg about the April Fool’s joke (come on, they even added a Rickrolling link to the repo). Still, as LinkedIn has often proved to me, there’s always a percentage of people who take everything at face value.
So, for anyone thinking the Scala compiler is actually being rewritten in Go:
https://www.linkedin.com/posts/scala-space_we-are-not-rewriting-scala-3-to-go-duh-activity-7313139847701966849-ZLmD
I'm not affiliated with WoS or any other Lightning payment provider. But yes, it works, and no, you don’t need non-custodial wallets just to send and receive a few thousand sats per month on Nostr. Most folks doing this are wasting both time and sats. NWC is interesting, but my practical experience with it was... meh... at best.
No outbox as Outbox not working on Android? Not visible to the network? The root relay is the Outbox relay. I'm serving notes and media from Haven right now (not on Android though).
This and Amethyst "hidden words" filter is a great recipe for a healthier Nostr experience.
Sounds like a great application for IPFS! To be fair, Blossom blobs are hash based, and @nprofile…wj75 has also been asking around about "Negentropy." On top of that, if clients follow BUD-03 as intended, they should be able to recover the media from any of the servers in a user list: https://github.com/hzrd149/blossom/blob/master/buds/03.md
However, your idea of leveraging IPFS sounds very promising. The client wouldn’t need to implement fallback logic or fetch the media elsewhere, users wouldn’t have to carefully manage redundancy by mirroring blobs and managing multiple blossom servers, and a simple "just download and seed my stuff" approach is certainly a great way to do things.
I’d definitely like to try what you’re building (or planning to build) once it’s out there. And if it can be made Blossom-compatible, that would be even better. I know that despite both systems using SHA-256 hashes by default, they aren’t exactly compatible OOH. IPFS uses CID versioning, supports multiple ways of encoding hashes and even multiple hash algorithms. But given that IPFS has some flexibility built-in and Blossom is an emerging standard, I think there are ways to accommodate this.
You can bridge your stuff to GitHub automatically. But more than that… please just refuse to work for any company that uses "GitHub contributions" as a metric or requirement for anything. I've been in this unfortunate position before, and it makes any dev want to pull what's left of their hair out.
One way to start is by zapping, boosting, and otherwise supporting other developers who are building and running amazing projects on Nostr. Here are a few unsung heroes I know of—they all deserve some sats for driving the ecosystem forward. I’m sure you know of many others, so feel free to tag them below and let’s start zapping! @nprofile…xttw, @nprofile…ukyd, @nprofile…4zgq, @nprofile…6eg4, @nprofile…yens, @nprofile…t6n9
GM, folks! Just putting this out there. I was thinking, while we have a few NIPs and torrent-based tools on Nostr, there are some quick wins to be had by tapping into the torrent ecosystem.
With so many people building HTTP views, bridge APIs to Nostr WebSockets, storage APIs (e.g., Blossom), and streaming tools... FFS @nprofile…dlnm is even exposing a FUSE interface that can be mounted with nak (just for laughs) to give you Nostr as a filesystem abstraction. So why aren't we leveraging WebTorrent and IPFS to make our lives easier?
I’m not saying we should abandon what we have. Just that we could use what’s already out there pragmatically.
For example, I keep hearing about Negentropy, which is great and all, but… Why can't your client or relay just join the swarm and sync all the notes and Blossom blobs associated with my pubkey? Maybe we could even expose all of this over IPFS and boom, you’ve got "Negentropy" and a cool alternative to njump.me. It doesn’t get much more bandwidth-efficient and P2P than that.
@
[email protected] 🔗 https://neuromatch.social/users/jonny/statuses/114245524577616333
-
> we whipped up a bittorrent swarm that has 200TB of proven storage in like a month by cobbling together everyone's random hard drives. storing 200TB on s3 would cost at least $4.5k per month and would cost $10,000 to download it one time.
#gm #nostr #torrent #blossom #ipfs #growNostr #devstr
Elon sad noises... Ok, I'll bite the shitposting trap 🤣
Satellites are vital for scientific research in certain fields, as well as for defense, disaster management, space exploration, navigation, and even some valid cases of communication. We certainly don’t need a satellite constellation as massive as Starlink, companies are using satellite-based internet as a crutch instead of developing proper infrastructure.
That said, we do need alternatives to GPS that aren’t controlled by a single country. So... maybe drastically reduce the US and Musk’s stake in the game? Getting rid of satellites entirely would set back human development. Getting rid of some of Musk’s satellites might actually be a good idea, considering the amount of space junk they’re creating for very little value.
@nprofile…ky6k, to be absolutely fair, I know you have other ways to keep up with people (I use encrypted lists and custom feeds myself). But the policy of not following folks has consequences for the wider network.
For example, if I follow you, WoT relays won’t be able to translate my trust in you into trust for the people you follow. So none of the good folks you trust would be able to write to my relay. Also, curious users won’t be able to find me or other smaller accounts by checking who you follow. In an unintended way, this contributes to Nostr’s centralisation around celebrity accounts that you are fighting against.
Don’t get me wrong. I totally get what you’re doing here and understand that public follow lists have their downsides. But they also have their benefits. And only following accounts that are equally willing to follow others publicly sounds like a very fair quid pro quo policy in my book.
LinkedIn CxO | Serial Entrepreneur | AI Expert advertising his last magical vibe coded product.
https://haven.accioly.social/f2b7a06093159f2ec1f78dd1fa9c217063b60d924c3956f45a9511c95a58346b.mp4
via @davidaugust
https://mastodon.online/@davidaugust/114236433226999789
#memestr
Have you played with any of the tools? Any recommendations? Someone has recommended NostrGit and ngit-cli to me, but I haven't had time to play with it yet.
I get where you’re coming from. I’ve tested BEP-39 in real use cases, and I was impressed by it. From keeping a folder full of Markdown files in symc to ensuring I always download the latest episode of my legally licensed, totally fine-to-download favourite show, things just show up automatically in my torrent client without hassle. The update URL just points to the latest version of a torrent file and from there things just work.
Having said that, update cadence could be parameterised as well. Think njump. It’s smart enough to fetch my notes individually, but it doesn’t need a real-time view of my latest notes. So both the master "relay/tracker" and clients could pace themselves according to their own needs.
I really like your idea of storing a copy of someone's kind-10002 events on DHT! Probably also kind-10050 and maybe other discoverability-related notes. That’s an awesome idea.
On a similar front, despite my dislike for anything that relies on DNS, NIP-05 nostr.json could also hold a copy of all this. Kind of like what you did with the relays array, but on steroids. In other words, NIP-05 identity servers would function similarly to WKD for GPG. If you know someone’s nip05 identifier, you can retrieve all the info you need from there, no need for a second pass on a relay.
Screenshots
Website: https://jellyfish.land/ on Firefox Android
https://haven.accioly.social/01063ef715e9e3a014fadab7c7a973141cc2552315ca5ab8371e5e80bfb2e345.png
Amethyst NIP-05:
https://haven.accioly.social/c1f5bd3fe2ee0af1f93bf5cde5f7e5e6a481dd59dc0104f42ac775ccb0abea57.png
Nostrudel NIP-05:
https://haven.accioly.social/1620ad074a39405c55c6374c34cd8a0ed3efc90a46a2c81938cd5815b6e0dd59.png
Resharing here on Nostr as I came across one or two Scala enthusiasts (we are a dying breed) around here:
> Are you an open source Scala maintainer? The Scala Center is preparing to participate in Google Summer of Code 2025 (GSoC), and we’re on the lookout for projects to include in this year’s program. Deadline is February 7. read on: https://www.scala-lang.org/blog/2025/01/28/gsoc-projects.html
-
@
[email protected] 🔗 https://fosstodon.org/users/scala_lang/statuses/113908197271531256
#scala #devstr
Good Morning Nostr. 👋☕️ https://image.nostr.build/0ec85adb1c5847350266b44552bd0c86e2b8d1acbc3f776daf1c6655ff653918.jpg
#GM #GoodMorning
My wife uses the Google search bar on Android for everything. Of course, web pages open in Chrome, but you won’t find a browser in her dock or on her home screen. If you ask her what browser she’s using, she’ll say, “Google”. Which is… correct. Concerningly correct.
Unpleasant disclaimer: If a spam message reaches one of my Personal or WoT relays because an account I’m connected with follows bot accounts, I’ll unfollow it. If I see it following multiple spam bots, I’ll also block it. Even if it’s otherwise a legitimate and nice user.
There are much bigger WoT relays that take a more lenient approach toward users following spam bots. Some relay admins maintain lists of users who follow bots to avoid breaking existing WoT networks. Fair play to those doing this for the good of the larger Nostr community. Unfortunately, I don’t have the time or resources to do the same. Plus, I have a much smaller Nostr network, so my relays aren’t exactly vital Nostr infrastructure.
So, if you were unfollowed or blocked, my apologies. No hard feelings or "power tripping" on my side. It’s just the nature of how WoT works, everyone has to stay vigilant to make it work.
#nostr #apam #bots #WoT
Test. Changing khatru http response codes for missing Auth header. Can I upload with noStrudel now?
https://haven.accioly.social/6b67ff9bf63c8d659039d94f2a5bd00dbfd6499a3e362e20a5ae65215ad6dd0d.png
Correct. I mean, the webview is running in Chrome, at least on my phone, but it is indeed a webview.
https://haven.accioly.social/0000db864da5404173d70bad0aa17b989c229c7874606fab859cd20309d0945d.png
By the way, @nprofile…dlnm, @nprofile…6u4e, can you please have a look at this? https://github.com/fiatjaf/khatru/issues/36#issuecomment-2745311203
I kinda need to make a decision about splitting the Blossom database from Outbox relay database.
I'm working on adding "redirect" support to Khatru's Blossom server so that folks can upload and serve content directly from public buckets, CDNs, etc. If we really need to separate the Blossom database from the Outbox database in Haven, I’d rather do it now and bundle all breaking changes together.
I'll also be opening a separate PR to add support for serving NIP-05 nostr.json to Khatru with proper support for "name" queries, as well as CORS, reasonable caching policies, ETags, etc. So hopefully, between the Payments relay, NIP-05, enhanced cloud support for Blossom and Backups (as well as the new official binaries), Haven users will have a good reason to go through the trouble of upgrading despite any breaking changes.
Nostr Wonderland - https://video.nostr.build/747c31d19475877d0eb9693e0bbae77f08f67a633cf2a188ce34ea95728fea22.mp4
We all do what we gotta do and act according to our beliefs. I don’t use Meta products either, but I don’t think following lists are what’s broken with Facebook, Instagram, etc.
As for other ways to figure out who you trust for WoT, have you even tried it? Devs are more than welcome to contribute to Haven or any other WoT-capable relay, but I really wonder what their attack plan would be. There’s too much noise in Nostr lists and sets to extract a good signal. Plus, many clients encrypt list/set entries (as intended).
Doing it any other way (e.g., scanning all of your notes to infer your levels of trust in others) just puts an unnecessary burden on both my relay and yours for a very niche use case that could easily be exploited. For example, what if I baited you into rage replying to me 30 times? Am I now trustworthy? And then what’s next? ML sentiment analysis to determine if our interactions are worth "trustworthy" points?
All of this to accommodate a few people that aren’t willing to follow others... On a decentralised social media protocol with primitives for following others. Sounds like a not worth the effort / never going to be implemented kind of thing.
IMO, publicly following someone is a statement of trust, like signing someone else’s PGP key. I’m happy enough to interact with people who aren’t willing to sign my PGP key, but I’m personally not willing to sign theirs. This is core value for value, in this case, public attention of trust for public attention of trust.
