My Love Hate Relationship With Nostr
So Nostr, all my friends know I like talking about it, but they don't know why so let's make that clear
For those that don't know Nostr stands for "Notes and Other Stuff Transmitted through Relays", Nostr is a social media protocol that can is moldable into any social media experience. Any type of social media app you can imagine from real time chat, forums, media sharing, gated communities etc. etc. it can can be built using Nostr as a base.
Here are the things I like about Nostr:
- Digital Sovereignty
- Impersonation Proof, Data Integrity, Data Provenance, via Digital Signatures
- Privacy via Encryption
- Separation of Identity and Medium
- Same digital identity across many apps
- Is infinitely extensible via new "event kinds" and the tagging system
- Federation
- RBAC(Rule Based Access Control)
- Potential for Crypto Currency Integration
Digital Sovereignty
To put things simply, the internet is just someone eases computer and that other person can technically do whatever they want with it. All data you put out there on the internet from your browsing history, likes, posts, photos etc. etc. are just sitting on someone else's computer.
There's nothing stopping the person who stores your data from changing it. They own your account and your data and therefore have no problem impersonating you and rewiring the the data on your account, data integrity. This means the people who store your data can change it, rewriting the history of group chats, make it look like your account was used to do illegal things, make backdated posts to ruin your character etc. etc.
Since your data is stored on someone else's computer there is no privacy, whomever owns that computer can read your messages.
The use of Encryption, specifically Cryptography, and Digital Signatures help solve the problems of data integrity, impersonation, and privacy.
Digital Signatures basically provide you a special Wax Seal you can use every single time you interact on social media. If you don't know what a Wax Seal is let me explain, if you do continue to the next paragraph. Back in the days before electricity people sent letters, these things made out of trees with characters of made of this esoteric material called ink written on them. Anyways if you wanted to communicate with people securely you would seal an envelope with the written letter using wax and then make an impression in the way using a wax seal. It was extremely difficult to replicate the impression of a someone eases wax seal therefore if the wax seal matched who was sending the letter the message could be trusted.
The Digital Signature, think digital Wax Seal, comes in the shape of a magic number known as a Private Key which can be backed up using 12 random words known as a mnemonic. The Private Key works just like the Wax Seal in the image above, if someone steals it they can impersonate you. Nobody is impersonating that Digital Wax Seal unless they steal it therefore if you use it every time you interact online nobody can pretend to be you. It can make social media like Nostr a bit slower but it's worth it.
A Wax Seal produces a pretty symbol made of wax, A Digital Signature produces a a big random number known as a Public Key that people use to verify your identity. Data such as name and description can be easily added to a Public Key so people can find you.
There is also the Web of Trust which can be used to verify people. Seeing who follows, interacts, and messages who can be used to help validate if someone is trustworthy or an impersonator.
For privacy there is this magic thing called Asymmetric Encryption. It work's as a special magic box that people can place messages in that nobody else can open. Asymmetric Encryption has two parts, the Public Key, that people use to place messages in the box, and the Private Key that you and only you use to read the secret messages in the box.
You can also use that Wax Seal to share a Public Key so people know they are sending messages to you and only you.
Nostr supports both Digital Signatures to stop impersonation and Asymmetric Encryption to help with privacy.
There is a problem with Nostr's Privacy. The message content itself is secure and nobody can read it. But people can see the size, length, of a message, and who the the message is being sent to someone and when. This is known as Metadata and Edward Snowden says this data is more important than the content of the message itself. Therefore Nostr is not actually a secure medium to communicate anonymously without people listening to you.
Separation of Identity and Medium
The internet is made of up many different experiences. There's
- The content curation of Reddit,
- The image collecting of Pinterest
- The live action of Twitch
- The channels of Youtube
- The shitposts of Twitter
- The reviews on Goodreads, Google Maps, and Rotten Tomatoes
- The friends and family you know on Facebook and Instagram
- The community engagement tooling of Discord
- etc. etc.
The data in each of these Platforms is siloed.
Even though you may login to each of these platforms with the same Email address, they each provide you a unique "Identity". Even though I created a Reddit and Pinterest account with paul@mememaps.net other people can't discover one account from the other. If I have a banger post on Reddit, I need to repost it using something like a screenshot, on Pinterest.
Via Nostr you may use the same account across many different apps (Mediums). Each medium, content curation, image collecting, live action etc. etc. manage different very differently. That's why each of these "Mediums" have a different website, app, and culture.
Via Nostr you can get the same variety of mediums but you can use the same identity across all of them and interoperate the data amounts mediums to create new mediums.