follow me on https://nostr.com :
fd3fdb0d0d8d6f9a7667b53211de8ae3c5246b79bdaf64ebac849d5148b5615f
read about the nostr protocol here here:
@livestradamus @harding @jb55 It's non-repudiable. This will likely make it unattractive for "some" people.
@midnightmagic please explain @harding @jb55
@livestradamus @harding @jb55 There's no way to assert in the future you didn't say that thing. Even Signal doesn't do that.
@midnightmagic @livestradamus @jb55 yeah, but Signal is a chat app used for private communication, nostr is for public microblogging. Non-reputibility would be a liability for nostr.
@harding @livestradamus @jb55 :-/ Yeah I'm aware of that. Point is, even DKIM verifiability is a liability for using gmail. Publishing with a signature means you can never delete your drunk blog. It would be easy to post in a way which is repudiable—it is only a benefit to the readers, not the publisher.
@midnightmagic @livestradamus @jb55 doesn't really matter anyway. As long as your posts are public, a bunch of people will post hash commitments to your posts to opentimestamps, creating a believable set of attestations. In that case, it's better for publishers to cut out the middlemen and bake non-reputibility into the protocol so there's no risk the timestampers will collude to damage to publisher's reputation.
@midnightmagic @livestradamus @jb55 in short, cryptographic non-reputibiliity > implict trust in archive.org.
@harding @livestradamus @jb55 No, this is wrong. This is only a benefit to the readers (including attackers.) This is just putting more risk on the publishers, which means ultra-high quality posts are going to avoid it. Publisher-desired no -repudiability can just post a signed message. With nostr they have no choice—nostr forces them to key manage themselves, which is an endless failure.
@harding @livestradamus @jb55 Hash commitments are "stuff I promise I witnessed, no really," and not "the person with control of this key definitely published this." It's not a good idea to publish in a way that your words could be used against you forever, because nobody is perfect, and sometimes Snowden doesn't want to leave evidence on his computer that he was the leaker.
@midnightmagic @livestradamus @jb55 I agree that's what hash commitments are, which is exactly the problem with them. If you don't build non-repudibility into the protocol, third-parties will create their own non-repuditiation systems on top of the protocol, and those third-party systems will be corruptible.
I'd rather have a system where people are verifying my signature on my posts than a system where people are asking trusted third-parties to attest to the contents of my posts.
@harding @livestradamus @jb55 A huge amount of things that would otherwise have been said, won't be under a no-opt-in pure non-repudiable publishing infrastructure. That's fine that you're onboard with it: I personally know extremely high-signal individuals that won't use non-repudiable publishing and will just stay silent instead.
@jb55 I love these little protocols and projects.
@jb55 boosted this both because its cool and to remind me to try it.