Follow

follow me on nostr.com :

fd3fdb0d0d8d6f9a7667b53211de8ae3c5246b79bdaf64ebac849d5148b5615f

read about the nostr protocol here here:

github.com/fiatjaf/nostr

@jb55 boosted this both because its cool and to remind me to try it.

@harding @jb55 I recall this from previous Twitter purge thought it most interesting and then lost what it was. Will test on nostr own instance and see if feasible running on my own

@livestradamus @harding @jb55 It's non-repudiable. This will likely make it unattractive for "some" people.

@livestradamus @harding @jb55 There's no way to assert in the future you didn't say that thing. Even Signal doesn't do that.

@midnightmagic @livestradamus @jb55 yeah, but Signal is a chat app used for private communication, nostr is for public microblogging. Non-reputibility would be a liability for nostr.

@harding @livestradamus @jb55 :-/ Yeah I'm aware of that. Point is, even DKIM verifiability is a liability for using gmail. Publishing with a signature means you can never delete your drunk blog. It would be easy to post in a way which is repudiable—it is only a benefit to the readers, not the publisher.

@midnightmagic @livestradamus @jb55 doesn't really matter anyway. As long as your posts are public, a bunch of people will post hash commitments to your posts to opentimestamps, creating a believable set of attestations. In that case, it's better for publishers to cut out the middlemen and bake non-reputibility into the protocol so there's no risk the timestampers will collude to damage to publisher's reputation.

@midnightmagic @livestradamus @jb55 in short, cryptographic non-reputibiliity > implict trust in archive.org.

@harding @livestradamus @jb55 No, this is wrong. This is only a benefit to the readers (including attackers.) This is just putting more risk on the publishers, which means ultra-high quality posts are going to avoid it. Publisher-desired no -repudiability can just post a signed message. With nostr they have no choice—nostr forces them to key manage themselves, which is an endless failure.

@harding @livestradamus @jb55 Hash commitments are "stuff I promise I witnessed, no really," and not "the person with control of this key definitely published this." It's not a good idea to publish in a way that your words could be used against you forever, because nobody is perfect, and sometimes Snowden doesn't want to leave evidence on his computer that he was the leaker.

@midnightmagic @livestradamus @jb55 I agree that's what hash commitments are, which is exactly the problem with them. If you don't build non-repudibility into the protocol, third-parties will create their own non-repuditiation systems on top of the protocol, and those third-party systems will be corruptible.

I'd rather have a system where people are verifying my signature on my posts than a system where people are asking trusted third-parties to attest to the contents of my posts.

@harding @livestradamus @jb55 A huge amount of things that would otherwise have been said, won't be under a no-opt-in pure non-repudiable publishing infrastructure. That's fine that you're onboard with it: I personally know extremely high-signal individuals that won't use non-repudiable publishing and will just stay silent instead.

@jb55 I love these little protocols and projects.

Sign in to participate in the conversation
Bitcoin Mastodon

Bitcoin Maston Instance