semisol

gm nostriches 👀

wat

BIP-110 and Core is a false dichotomy

On the extension side, yes. Same can be done on the app side to autodetect the version. For DMs, there is a designated tag to the DM relay list so th...

Can’t. Too busy right now, even if I let an LLM barf up a PR. However, if you’d like to provide a more secure encryption UX for users, you can point ...

Well, it is very subject to change compared to paid services.

There is no free

Technically it would be possible for it to explain it, if it did “reason”. The KV cache is actually just a processed version of the model’s intermedia...

It is not. My point is that open source software does not automatically imply a security budget, meaning that even if you *could* see it, doesn’t mean...

I did not say they were mutually exclusive? Only that there is no correlation, at all, and it is not “better” for security in 99.99% of cases

Them being visible *with a lot of effort* does not mean that they will be seen or reported or fixed. And on the other hand, security researchers can ...

Remind me in an hour

It means that the security of a piece of software does not change because it is open source

I think it is completely uncorrelated.

Technically yes, in practice you have 1 or 2 yrs at most. During this time, most pieces of software, especially specialized ones, will have on averag...

Open source does not mean more secure.

https://fossil-scm.org/

By this, a majority of zaps cost more to process in LN fees, server load and human time than they are worth. nostr:nevent1qqstdjw3h0tgnn63a8e07n426nc...

Most zaps are pointless

gm 🤔

As a relay operator, I have very little concern about the impact on me or my users arising from a kind 1 feed. Instead, I am more concerned about the...

I would say that the figure of 1000 notes for a feed is too much. It is usually enough to fetch 100-200. Even in this case, advanced relays like Nost...

Users are not impacted by kind 1. For clients and relays, this can be said about many decisions. For example, the current signature format is awful fo...

Yes, but the impact is on clients which will lose years of old data, along with a “transition” that will never finish.

I do not believe that the “performance improvements” to relays, data usage that is miniscule (plaintext) compared to media downloads or follow lists a...

I have not seen any response from them that addresses the claims.

🤔

True unlimited data plans (no “throttling after X GB”) are amazing

As an independent party I can attest to this fact

Nostr.land does this.

Please tell me what your main concerns with Nostr relays are, especially in terms of privacy.

It is a company resource provided to you. Unless they encourage you to waste tokens, then you should use it only for work and efficiently. If they d...

Corporate “Bitcoin” events are a waste of time

and Intel SGX keeps getting broken in general

No motive, monetary cost, and easily blocked. What is the point?! nostr:nevent1qqs880lpfnvnxt6t3kfqnu0pdf3apeargmea4smcp0f97vr7ztkxmkqzypftfgrkhjammsa...

I wonder who is paying for all the tokens to run these slopbots?

Slop will not be tolerated

A pay per use model would significantly enshittify paid relays, lead to horrible UX and allow tons of spam: 1. It would lead to unpredictable charges...

&time>now-60&time<now+60&id=03…&method=pay&pinvbolt11_node=03…

if done right: harder usually: a little bit

Any automated ways?

Nostr.land is planning to support OTS. I’m planning to use the standard OTS spec that is already well-implemented. “Inline” proofs is not something I...

CLINK or whatever this protocol is, is worse than NWC. What is the point?

Code is a liability, to some extent. Each feature and line incurs a maintenance cost. Less code is better. nostr:nevent1qqs9mucnwftfmgzk9s4769024ldgf...

Code has always been cheap. You don’t need an LLM to generate slop. For me, nothing has changed

This only makes me less confident, unfortunately. “Your keys are never stored in a usable form” does not make sense, as that would mean that you can’...

Anthropic has released a new money-incinerator that predicts probabilities better than the previous money-incinerator and also incinerates your money ...

Yes your client would still have to AUTH that is it. Gift wrap spam/DoS being hard to mitigate is one reason for this, and especially mass-DM scambots...

The UI is being retarded

The bot is not wrong. It says !payment (inverse) not payment

I believe it is fiatjaf’s thing.

Well, auth depending on the pubkey acts as a strong anti-spam signal. It also indicates explicit consent for anything you send to it, instead of someo...

To some extent. Nostr.land already requires AUTH for a huge amount of features, so it would encourage devs to actually support it properly. And for s...

I am considering requiring NIP-42 authentication for a majority of event writes. It would prevent random rebroadcasts where it is not desired and all...

relays.land is a completely unaffiliated service that comes with way less, and it is confusing that they picked that name :/

The current grant structure has successfully led to the exit of most competent devs. Now, most “devs” are looking for quick grant money for vaporware...

More generally: The urge to add “comments” and “labels” that state the obvious / are redundant to places where they do not belong

Funding currently is unconditional and so selects for people that do the bare minimum and want the most. AKA burning money

I frontran basically everyone. and I am very sad at the rapid decline in the last year especially due to AI slop, and wannabes larping as devs while p...

[Hadamard] count-min sketches are also great

I think that these tools are great, when used right and in the correct circumstances. I very rarely use any of these except iterators, which are simpl...

I don’t get why people strongly feel that they should share private communications for any reason. Especially people “exposing” others is really icky....

False dichotomy You can deny it without doxxing the sender, it’s called the reply button.

I think the compression and metadata removal probably killed it

why?

Signing or not doesn’t change anything.

Data ownership is not something that exists. Privacy should be respected, but a false illusion of fully controlling what you share is as harmful as ig...

You will have a hard time finding people that actually know hardware security, as it is a very small space, and most of them work in places where thei...

That is why it is named that ;) People claim they are the next Galileo and they will be proven right because they are getting opposed or prosecuted or...

WoT and PoW are futile solutions, as they are actively hostile against new users, and have a huge asymmetry between real users and spammers. AI spamb...

Foundation is ran by good people but I can’t trust their products. Many of their statements, including: - calling the SAMA5D2, which lacks security f...

Galileo fallacy (noun) A fallacy whereby it is implied that one is correct due to being widely criticized or persecuted.

Doxing is not cool, regardless of whatever “justification” you have. Instead of wasting time on these things, you can just reply saying no, and move ...

It has not been 24 hours and it has suddenly started SIGABRTing in a loop nostr:nevent1qqsfu268qqwndmqe4fv8h3mf7sejd24gw5evwfwzgp76z5d5ysmfsvszypftfgr...

Out of curiosity what is the use case?

If they have the key, no. Otherwise to some extent. If you still host blossom for the sole purpose of pirated music they will probably strike it down

You are trying to solve the problem that spam exists on relays. To do this, you need to distinguish what is likely spam and what is likely ham. “Ada...

Then why would I need PoW

It hurts real users while doing absolutely nothing to prevent attacks. Whether they spend $0 or $100 doesn’t change that they will continue. With PoW...

from everything I have seen, they just seem to have rehashed the same things that were already proposed / existed for a long time

If you could identify the spammer in the first place all of our problems would be solved 🤦

It is not. It has been proven over many times that PoW is not a solution to preventing spam/abuse, especially when identities are disposable. Hashcas...

Because it is the highest value you can reasonably do without making the experience of many users miserable. And regardless, PoW only burns money, wh...

By this shitty overestimating calculation, it only takes $250 to spam the network with more junk than has ever existed on Nostr

Which is absolutely nothing if their scam works once per month

No you feed it an IPA or feed and it installs. You need dev if you have more than 8 apps

gm nostriches

Streaming is limited, yes. I’m working on an update that resolves this and also allows negentropy

No this uses the same method as development loading

Because it does not require compiling, it does not require USB, and it auto-renews the 7d expiration

don’t think so

It is sideloading for everything using XCode signing

Have you heard of SideStore

With or without the aggregator? For without, a plan that will cost less is coming. I can notify you if you want when that is out. For with (Plus), it...

Damus is actually a pretty great client. There were no updates that turned it into unusable rubbish. It doesn't randomly break. It has proper NIP-42....

That is the result of RL, not the intention. If you encourage less tokens, less tool call rounds, and reward passing tests or similar, then that is w...

While I do like that bot, I think that such features should be a client feature, not a reply. I will make exceptions for a very limited class of bots...

LLMs struggle with good software dev, especially on implementing novel things, and maintainability. The best way them to view them is as a really expe...

The operators of these annoy and spam-bots will also have their trust score in internal systems reduced.

Bots shouldn’t auto-reply without explicit consent. Spamming replies, especially for advertising or LLM slop, is not a good idea. I’m going to be imp...