The latest Twitter challenger takes decentralization a step further
Notes and Other Stuff, a.k.a Nostr is the latest decentralized microblogging protocol to take aim at centralized social media platforms. It’s like a decentralized Twitter.
Contrast with Mastodon, where the decentralization is achieved via a federation of nodes (but each node is effectively centrally controlled), Nostr decentralizes right down to the user level. You generate a keypair, and with that you can move freely between any client, now and future. (Don’t worry, we still like Mastodon, and continue to sponsor the project)
Nostr is rising fast within the Bitcoin community, particularly among the Lightning dev community. But it has no blockchain, there is no native crypto token, it’s not p2p. It plays well with Lightning, which a Layer 2 on Bitcoin that enables off-chain operations. The reason that crowd is taking to this so rapidly, is because there is a hope that it can pave the way for micropayments (charging a few satoshis to relay a message, for example). Among other things, that would change the economics of spam, which is why I’m a supporter.
Messages are transported via relays. Everybody runs a client, or multiple clients. You just need to put your pubkey in any additional clients. Anybody can run a relay – we’ve been running one at wss://nostr.easydns.ca.
The entire space is still pretty raw, the UX’s aren’t anywhere close to Twitter yet, but there’s an enthusiasm there I can appreciate.
Some browser clients where you can generate a keypair and start exploring:
Setting up a NIP-05 Identifier on Nostr
When you generate a keypair, you wind up with an identifier that looks pretty unwieldly. Mine is:
npub1elwpzsul8d9k4tgxqdjuzxp0wa94ysr4zu9xeudrcxe2h3sazqkq5mehan
It’s your public key. But there is a Nostr Improvement Proposal (NIP-05) for tying an identifier to it that ends up looking very much like an email address (hold that thought).
It took me awhile to set that up, and there were a few “gotchas” along the way. This article over at The Bitcoin Manual was what I was working off of, but I missed a couple of things:
NIP-05 uses a “well known URL” to hold a json formatted file with your Nostr metadata that you want to tie to your human readable Nip05 id (in my case I’m using markjr@bombthrower.com ),
The json file has the format:
{
names": {
"<name>": "<pubkey>"
}
}
And you put that file at the well-known location:
https://bombthrower.com/.well-known/nostr.json
You can see mine if you click the above link:
{
"names": {
"markjr": "cfdc11439f3b4b6aad060365c1182f774b524075170a6cf1a3c1b2abc61d102c"
}
}
The other thing to know is that if you originally generated your keypair using a site like Astral, then it’ll be in “Damus” format and you need to convert your pubkey to hex before you put it in the json file, you can do that with the Damus key utility.
There’s one more thing you need to do before this will work (and it’s not mentioned in the other article).
You need to enable Cross-Origin Resource Sharing (CORS) on your web server.
On nginx it’s:
add_header Access-Control-Allow-Origin *;
On apache, in your main config:
Header set Access-Control-Allow-Origin "*"
Or if your .htaccess overrides allow it:
Header add Access-Control-Allow-Origin "*"
If you’re on one of our easyWeb hosting packages, then it’s in your Plesk settings under “Apache and nginx settings”. I’m actually not sure if you can enable it via cPanel but you could try it via .htaccess. If not, contact support and we can switch you onto one of the Plesk servers.
You can test whether it’s enabled using a server header utility that checks for CORS headers
Once you have all this in place, you can go back to your client (like Astral.ninja) and update your settings.
In a particularly obtuse act, I kept putting the well-known URI in the “NIP-05 Identifier” field, I did this over and over again for what seemed like a long time.
Put your actual identifier there, like markjr@bombthrower.com. *sigh*
Once it’s all set up, you’ll have something even more coveted and elite than a Twitter blue-check, a “Nip-05 Verified” badge:
“I recently discovered Nostr, and I’m here to fix it” – some tech CEO.
If you’ve been following this far, and you’re into DNS like I am, you immediately see an issue here. It’s that to use identifiers are logically structured like email addresses (<user>@<hostname>), sooner or later you’re probably going to wish you had an additional level of abstraction or indirection at the hostname level.
This is why we have MX records. Without them, we’d be forced to run email MTAs on the same host as the web server for hostname and that can cause problems, especially at scale.
Not everybody has access to the webserver at the hostname component of their email address (or nip05 id), it would be nice if you could somehow signal a URI you do have access to and put your json payload there. You could use third-party webhosts or subdomain servers.
I know I’d love to setup a nip05 for my main easydns.com address, but had I logged into the server and simply enabled CORS, the ops team would have had something to say about it.
So… I’ve been banging the drum to whoever will listen (and that’s not many) that using DNS TXT records to signal this would be very useful. I wrote an article about using DNS for asserting crypto addresses for Bitcoin Magazine last year, before Nostr was a thing, but the same principle applies here:
1/
A thread directed at #Nostr devs, especially people involved with NIP-05 implementationsThe problem arises when you want to use an identifier like an email address to point at your pubkey or other meta-data…
— Mark Jeftovic, The ₿itcoin Capitalist (@StuntPope) January 6, 2023
There’s a similar issue with LUD-16 specification with Lightning, where I have been trying to make the same case for using DNS TXT records to signal ln payment urls, it also uses the same well-known/<file> convention.
This isn’t suggesting to get rid of the well-known file URI – you could specify it in the TXT record itself, or clients could look there first and then check DNS if they don’t find it (or vice versa) – similar to how in the absence of an MX record, MTAs will attempt delivery to the A record of the hostname in the email.
Closing Thoughts
The speed at which Nostr is spreading is astonishing, there are probably a few drivers behind it.
These include:
- Elon Musk’s takeover of Twitter and some his rather arbitrary moves
- The revelationsof government, intelligence agency and Big Pharma interference with the platform emerging from the #TwitterFiles
- Attention garnered from ex-Twitter CEO Jack Dorsey endorsing it and making a 14 BTC donation to fund development
- Bitcoin could be coming out of its crypto winter
These factors may have combined to provide a uniquely formed catalyst for this rapidly spreading protocol.
You can follow me on Nostr:
- npub1elwpzsul8d9k4tgxqdjuzxp0wa94ysr4zu9xeudrcxe2h3sazqkq5mehan
- markjr@bombthrower.com
Further Reading:
- The Nostr on Github
- How to Get Your Nostr Account NIP-05 Verified via The Bitcoin Manual
- Take Control Of Your Social Media Presence with Mastodon (don’t worry, we still like Mastodon).
- Simplifying Bitcoin Addressing using DNS same approach, incidentally, which could…
- Solve the fake Twitter account problem (including proof-of-concept Chrome plugin)
They don’t use TXT records because “it has to run in TheBrowser(tm)” has been drilled into peoples’ heads.
Browsers can’t do arbitrary DNS lookups. In fact browsers behind an HTTP(S) proxy can’t do any DNS lookups at all.
I don’t personally support any of the above requirements. But they are the reason you’re hitting brick walls here. “Must Run In Browser” is also why WebTorrent exists as a completely separate protocol suite from BitTorrent, and a whole bunch of other duplicative or suboptimal design decisions on today’s Internet.