The player is loading ...
Sept. 3, 2024
NOSTRIGA: VERIFIABLE REPUTATION - WEBS OF TRUST
Discussion on the power of key reputation systems and webs of trust using nostr in front of a live audience at Nostriga in Riga.
Video: https://www.youtube.com/watch?v=LE731vXoUOU
ODELL on Nostr: https://primal.net/odell
Pablo on Nostr: https://primal.net/pablof7z
Stuart Bowman on Nostr: https://primal.net/p/npub1lunaq893u4hmtpvqxpk8hfmtkqmm7ggutdtnc4hyuux2skr4ttcqr827lj
hzrd on Nostr: https://primal.net/p/npub1ye5ptcxfyyxl5vjvdjar2ua3f0hynkjzpx552mu5snj3qmx5pzjscpknpr
pip on Nostr: https://primal.net/p/npub176p7sup477k5738qhxx0hk2n0cty2k5je5uvalzvkvwmw4tltmeqw7vgup
website: https://citadeldispatch.com
nostr live chat: https://citadeldispatch.com/stream
nostr account: https://primal.net/odell
youtube: https://www.youtube.com/@citadeldispatch
stream sats to the show: https://www.fountain.fm/
(00:00) Introduction and Setting the Stage
(00:41) Webs of Trust: Concept and Importance
(04:02) Social Graph vs. Web of Trust
(10:12) Challenges and Practical Applications
(18:03) Building Trust in Nostr Clients
(24:02) Bootstrapping Trust for New Users
(29:08) Blossom and Media Authenticity
(37:01) Final Thoughts and Future Outlook
Chapters
00:00 - Introduction and Setting the Stage
00:41 - Webs of Trust: Concept and Importance
04:02 - Social Graph vs. Web of Trust
10:12 - Challenges and Practical Applications
18:03 - Building Trust in Nostr Clients
24:02 - Bootstrapping Trust for New Users
29:08 - Blossom and Media Authenticity
37:01 - Final Thoughts and Future Outlook
Transcript
WEBVTT
NOTE
Transcription provided by Podhome.fm
Created: 8/24/2024 2:57:26 PM
Duration: 2547.066
Channels: 1
1
00:00:00.240 --> 00:00:00.740
Thanks.
2
00:00:01.120 --> 00:00:01.620
Preston.
3
00:00:03.199 --> 00:00:03.699
Yo.
4
00:00:04.960 --> 00:00:06.980
Let's get this energy up in here.
5
00:00:10.480 --> 00:00:11.780
It's just me and Pablo.
6
00:00:13.775 --> 00:00:14.275
Hazard,
7
00:00:14.655 --> 00:00:16.515
Stuart, where are you? Oh, there you go.
8
00:00:17.455 --> 00:00:22.415
How does the team is coming to? Who's joining us? It's the guy who wrote the,
9
00:00:23.295 --> 00:00:27.555
Do we need another chair? Yeah. Can someone get us another chair and a beer?
10
00:00:30.820 --> 00:00:33.559
I've been told there's no beer in this venue right now,
11
00:00:34.340 --> 00:00:35.480
which is a miss.
12
00:00:40.739 --> 00:00:41.239
Awesome.
13
00:00:41.620 --> 00:00:44.145
So guys, we're gonna be talking about webs of trust.
14
00:00:46.525 --> 00:00:53.425
Something that I'm particularly pretty excited about. I think everyone on stage is is pretty excited about this element of Noster.
15
00:00:54.364 --> 00:00:55.505
Before we start,
16
00:00:56.010 --> 00:01:04.430
we got a nice packed house here and a beer walking up to me, which is all can you open it for me? I don't have a bottle opener. Does anyone have a bottle opener they could bring me?
17
00:01:06.330 --> 00:01:07.230
Thank you, guys.
18
00:01:07.690 --> 00:01:08.670
It's still very,
19
00:01:09.355 --> 00:01:13.215
we're very early days in this conference. We're working on the logistics here.
20
00:01:13.835 --> 00:01:19.455
Can I get a show of hands of anybody in this room that did not use Nostra before this week?
21
00:01:21.479 --> 00:01:27.659
Okay. So we got a couple new people here. I think Miles just did that with his bare hands, by the way, over there. Thanks, Miles.
22
00:01:28.119 --> 00:01:32.540
I think we're gonna keep this it's gonna it's gonna be a more technical conversation, I think.
23
00:01:32.920 --> 00:01:36.060
I was trying to decide if we should go high level or not. So, I mean,
24
00:01:36.395 --> 00:01:38.335
we can start with high level. Pablo,
25
00:01:39.035 --> 00:01:41.615
what is webs of trust? Why should people care?
26
00:01:42.635 --> 00:01:43.535
Alright. So
27
00:01:43.995 --> 00:01:46.655
web of trust is basically the concept of,
28
00:01:47.915 --> 00:01:48.415
inferring
29
00:01:48.715 --> 00:01:50.895
who should you be listening to,
30
00:01:51.580 --> 00:01:53.440
from activity from the network.
31
00:01:53.900 --> 00:01:55.040
So if you
32
00:01:55.580 --> 00:01:57.680
like, I'm friends with Matt. So Yes.
33
00:01:58.780 --> 00:02:00.560
That's awesome. Alright. Good.
34
00:02:01.100 --> 00:02:05.520
So I'm friends with Matt. And maybe Matt is having a conversation with someone
35
00:02:06.285 --> 00:02:24.410
that I don't know. But the fact that Matt follows them, the fact that Matt is having a conversation with them, then that means that maybe this person is is definitely not not spam. There would be probably no reason for for for Matt to follow a spam account. So I can infer, without knowing anything from this pub key, I can infer
36
00:02:24.790 --> 00:02:31.370
that, that it's not spam that I should listen to what this pub key is saying, at least briefly, and maybe consider
37
00:02:31.910 --> 00:02:33.210
following them. So
38
00:02:34.275 --> 00:02:34.775
traditionally,
39
00:02:35.235 --> 00:02:38.455
we've had a top down approach to,
40
00:02:39.475 --> 00:02:40.935
who should you listen to?
41
00:02:41.555 --> 00:02:49.540
What is spam and what is not? And web of trust particularly becomes very, very useful to discern what is not spam and what is spam,
42
00:02:50.000 --> 00:02:51.620
or what likely is spam.
43
00:02:52.800 --> 00:02:54.260
And typically, it's been,
44
00:02:55.280 --> 00:02:57.300
Elon Musk just KYC ing people,
45
00:02:58.400 --> 00:03:04.545
and just letting in a bunch of bots anyway. But it's been very top down. You ask API. Twitter.com
46
00:03:05.085 --> 00:03:08.225
what content should I get from searching for something,
47
00:03:08.525 --> 00:03:09.745
or if you go to global,
48
00:03:11.005 --> 00:03:12.385
what content should I receive.
49
00:03:13.165 --> 00:03:13.485
But,
50
00:03:14.125 --> 00:03:15.840
but it's a very top down approach.
51
00:03:16.400 --> 00:03:18.900
World of Trust has a very interesting
52
00:03:19.280 --> 00:03:21.780
feature, which is very similar to cryptography
53
00:03:22.319 --> 00:03:24.900
in which it's very easy to compute
54
00:03:25.440 --> 00:03:31.405
world of trust, but it's really expensive to to cheat a way of trust. It it was very hard
55
00:03:31.705 --> 00:03:32.105
for,
56
00:03:32.505 --> 00:03:33.485
a spam account
57
00:03:33.785 --> 00:03:39.405
to get Matt and myself and Sue and a bunch of other people to follow that account.
58
00:03:40.425 --> 00:03:43.750
It's very, very hard to to to do that. But,
59
00:03:44.209 --> 00:03:44.709
but
60
00:03:45.170 --> 00:03:57.829
me seeing, okay, who does Matt follow? Who does does the do the people that I follow? Who do they follow? It's super cheap. It's super easy to to to that. Do we only have 2 mics up here? Really? Do you guys not have mics?
61
00:03:58.584 --> 00:03:59.885
Can we have some mics?
62
00:04:01.065 --> 00:04:02.925
You wanna expand? Thanks, Preston.
63
00:04:03.705 --> 00:04:06.125
And I think there's one right behind you, Preston. Yeah.
64
00:04:07.145 --> 00:04:09.645
Awesome. That was turned on. This was fine.
65
00:04:10.025 --> 00:04:17.070
Yeah. I mean, as far as an overview, I don't think I have anything to add what you could Maybe maybe you wanna add something? Yeah. You got some?
66
00:04:17.610 --> 00:04:24.270
Yeah. Just to so everyone can follow along, I think it's good to give some initial definitions. So,
67
00:04:25.130 --> 00:04:26.350
I often talk about
68
00:04:26.945 --> 00:04:29.605
social graph instead of web of trust just because
69
00:04:30.065 --> 00:04:31.685
when we talk about web of trust,
70
00:04:32.145 --> 00:04:33.765
it's obvious that it's
71
00:04:34.305 --> 00:04:38.245
you're talking about trusting some other people. But social graph is
72
00:04:38.785 --> 00:04:41.045
more general terms, which just
73
00:04:43.000 --> 00:04:44.940
use how people are connected on,
74
00:04:45.400 --> 00:04:54.940
and then you can use that for many different things. One thing is what Pablo mentioned, which is anti spam measures or anti denial of service attacks measures, for example.
75
00:04:55.845 --> 00:04:58.264
Just to give a brief definition, like,
76
00:04:58.565 --> 00:05:00.664
okay, what is a social graph? 1st,
77
00:05:01.205 --> 00:05:05.384
the second part graph is a mathematical structure, which is pretty simple.
78
00:05:05.685 --> 00:05:06.425
It's just
79
00:05:06.965 --> 00:05:07.465
nodes,
80
00:05:08.085 --> 00:05:10.425
and then how they are connected by edges.
81
00:05:10.840 --> 00:05:13.660
So a social graph is a graph where,
82
00:05:14.199 --> 00:05:19.180
nodes and edges represent social things. So for example, social entities like people
83
00:05:19.560 --> 00:05:20.300
and social
84
00:05:21.080 --> 00:05:22.940
relationship like who follows who.
85
00:05:23.595 --> 00:05:27.215
And just by looking those simple things, you can pretty easily
86
00:05:27.675 --> 00:05:28.175
discern,
87
00:05:28.794 --> 00:05:29.775
what is not
88
00:05:30.634 --> 00:05:37.535
spam because it's very expensive, as Pablo said. It's very expensive or difficult to get follows from people,
89
00:05:39.009 --> 00:05:41.990
from real people, from people that have a reputation.
90
00:05:43.410 --> 00:05:43.810
And,
91
00:05:44.610 --> 00:05:45.590
yeah, you can
92
00:05:46.130 --> 00:05:52.065
I prefer to talk about the social graph instead of web of trust because the context is do matter a lot?
93
00:05:52.525 --> 00:05:53.585
So it's not
94
00:05:54.045 --> 00:05:59.825
necessary that we talk about trust. So for example, when you can use social graph to do recommendation,
95
00:06:00.685 --> 00:06:11.240
but that doesn't necessarily mean that there is trust involved other than you trust that the recommendation are not impersonating. So, like, I get Lee Holden as a recommendation.
96
00:06:12.500 --> 00:06:21.875
The only trust is that Lee that is the is not an impersonator, is the real Lee Holden. But other than that, there is not much to it.
97
00:06:22.815 --> 00:06:24.335
So Yeah. That's that's a good,
98
00:06:25.135 --> 00:06:29.555
I like that name versus, like, web of trust because it's not really a trust relationship,
99
00:06:30.175 --> 00:06:32.035
especially since, like, a lot of
100
00:06:32.900 --> 00:06:49.275
trust isn't like this thing you can easily measure and put into a graph, whereas the, kind of social graph is a lot more because It's more open. Yeah. Yeah. Yeah. Web of trust prescribes how you you should use it whereas whereas social graph is is like a tool that you can use in multiple ways.
101
00:06:49.655 --> 00:06:51.195
And I would argue that,
102
00:06:52.615 --> 00:07:00.480
it can it can be used for to improve or solve many different problems. 1 is anti spam. Another is, like, recommendation and content discovery.
103
00:07:01.660 --> 00:07:03.200
Another could be,
104
00:07:03.740 --> 00:07:04.560
anti impersonation.
105
00:07:05.020 --> 00:07:21.505
So how do you know that Matt Odell is the real Matt Odell, or is that m pub not another m pub? How do you know from 50 different Czech m pub which is the real one? Well, the impersonators haven't started using caps yet. I noticed that. That's very easy. They're all still lowercase.
106
00:07:24.365 --> 00:07:33.289
Stuart, do you have anything to add? Yeah. I I really like that distinction between the web of trust and social graph. I think that's really important to keep in mind because,
107
00:07:33.750 --> 00:07:40.569
like, the web of trust is a web of trust. Or, like, it will okay. Let's say the following list of Nostra, who you're paying attention to
108
00:07:41.135 --> 00:07:49.235
is it's it is a web of trust, but it's it's like a narrower web of trust that you're trusting them not to spam you. You're trusting them with your attention.
109
00:07:49.695 --> 00:07:54.420
And I think it gets down to a really, practical question of, like, temptation to
110
00:07:54.960 --> 00:08:02.660
wanna be like, a web of trust for following, a web of trust for hosting your data, a web of trust for couch surfing, a web of trust for, you know, all these different use cases. But I feel like
111
00:08:03.040 --> 00:08:03.540
that
112
00:08:09.655 --> 00:08:19.675
leads it it just makes things really complicated. And so I think there's some it's important to realize that, like, the web of not spam is a foundational web of trust because it is the thing
113
00:08:20.295 --> 00:08:32.540
that collapses the infinite space of pub keys into a finite reality of pub keys that are real. Because in your you're, you know, paying attention to them in some sense, and so they're not they're not bots. They're not real.
114
00:08:33.500 --> 00:08:34.000
So,
115
00:08:35.015 --> 00:08:37.035
yeah. It's I think there's something very
116
00:08:38.295 --> 00:08:42.875
kind of poetic almost about the idea that asymmetric key crypto
117
00:08:43.895 --> 00:08:45.115
can be used to
118
00:08:45.415 --> 00:08:46.795
obfuscate and encrypt
119
00:08:47.430 --> 00:08:57.530
or sign and verify, and that maps directly onto the concept of a private sphere and a public sphere. You can't have a private sphere without encryption, without privacy, and you can't have a public sphere without,
120
00:08:59.030 --> 00:09:01.050
you know, some type of notion of authenticity,
121
00:09:01.755 --> 00:09:04.895
which is digital signatures. So the web of trust
122
00:09:05.275 --> 00:09:08.175
is like the web of not spam is sort of like the
123
00:09:09.035 --> 00:09:10.335
base asset.
124
00:09:11.275 --> 00:09:12.095
The foundational
125
00:09:12.715 --> 00:09:19.510
pool of social capital that is sort of like necessary to construct more, you know, like like more niche like
126
00:09:19.970 --> 00:09:29.270
ideas about who to trust for what thing and that kinda gets into social graph territory. But anyways, I just think that distinction is, like, super brilliant and good to keep in mind. So Yeah. I like what you say there about,
127
00:09:30.885 --> 00:09:34.005
the like, not fragmenting the social graph,
128
00:09:34.645 --> 00:09:35.145
because
129
00:09:35.685 --> 00:09:46.025
there's a temptation there, like, fragmenting. Let's say, like, this is the a social graph for stores that I trust, for vendors that I trust, for restaurants I trust, and whatnot, or even banks I trust.
130
00:09:46.380 --> 00:09:46.880
And
131
00:09:47.580 --> 00:09:51.020
that would be useful in, like, many contexts, but one thing we have to
132
00:09:51.660 --> 00:09:53.120
we can't forget is that
133
00:09:54.140 --> 00:09:58.365
that data never becomes stale. It never gets constantly updated. And
134
00:09:58.845 --> 00:10:06.865
one benefit we have with the, kind of you might say, like, nostril social web of trust or social graph, whatever it is we're calling it,
135
00:10:07.805 --> 00:10:09.105
is that at least,
136
00:10:10.524 --> 00:10:19.850
has some kind of cadence to getting updated. Like, if the the user's browsing their social media app and they see something they don't like, they unfollow the person, or they remove them from that thing.
137
00:10:20.230 --> 00:10:20.730
And
138
00:10:21.269 --> 00:10:27.370
if the the users if we don't have a mechanism for the user to regularly, you might say, prune their social graph,
139
00:10:27.725 --> 00:10:30.465
then all we're doing is kind of building up bad data.
140
00:10:31.485 --> 00:10:43.779
And so that as far as, like, not fragmenting it, like, I think that's a commonly overlooked thing. It's like, not only do you have to build the social graph, but you also have to make sure the social graph is pruned. Yeah. Because there has to be, like, a common denominator between use cases,
141
00:10:44.080 --> 00:10:47.060
and not spam is that common denominator. Right?
142
00:10:47.520 --> 00:10:56.675
But don't you trust different people for different things? Like, is it inherently fragmented, though? Well, I think the the not spam part is not necessarily fragmented.
143
00:10:57.134 --> 00:11:00.834
It's that the social graph is a kind of that's where the, like, the annotation
144
00:11:01.214 --> 00:11:03.074
sort of should take place of
145
00:11:03.774 --> 00:11:05.615
the the groups. Yeah. I I I think there's,
146
00:11:06.894 --> 00:11:09.074
there's a belief that you can have,
147
00:11:09.450 --> 00:11:10.670
a very explicit
148
00:11:11.050 --> 00:11:11.550
fragmentation
149
00:11:12.090 --> 00:11:17.390
where you say, I explicitly trust Matt with regards to the Bitcoin topic
150
00:11:17.770 --> 00:11:20.110
on a scale of 0.97,
151
00:11:20.970 --> 00:11:25.255
and that's just not how people work. Like, our brains don't work that way.
152
00:11:26.835 --> 00:11:30.855
So you can you can infer kind of weights in this way,
153
00:11:31.315 --> 00:11:34.455
on on certain topics by analyzing activity.
154
00:11:35.120 --> 00:11:43.779
Like, I listen to our HR. So, like, that that could be an activity that can go into, okay, how much do I trust Mari and Matt with regards to to the Bitcoin topic?
155
00:11:44.960 --> 00:11:48.820
So I I think that's where the fragmentation idea comes from where
156
00:11:49.595 --> 00:12:05.570
people are not going to go out of their way to create all these attestations of and and wait on on on topics because, yeah, they'll go stale. Like, maybe I'll say, yeah, I try stew on this topic this amount, and that changes, but I never update my my attestation.
157
00:12:06.110 --> 00:12:10.850
Yeah. That's the I think that's exactly what to remember. It's like the best example of this would be like a,
158
00:12:11.230 --> 00:12:20.905
attestation or a web of trust for something like journalism. Like, how much do I think this person is truthful? Or do do I think they're lying or something like that? And it sounds really useful.
159
00:12:21.445 --> 00:12:24.105
But we just have to be careful of the fact that
160
00:12:24.485 --> 00:12:26.505
if we make that any explicit data,
161
00:12:27.045 --> 00:12:40.560
we can definitely you know, you can create apps to generate that those, social graphs and generate those trust scores. But we also have to be careful that we those things have to be updated or maintained. Otherwise, we just generate everyone gets a 5 star rating, and it never, you know,
162
00:12:40.940 --> 00:12:46.320
the review never gets updated. That that's why those of the station must be the byproduct of actual interaction.
163
00:12:46.875 --> 00:12:55.935
It it it's gotta be inferred from something that I'm doing on my daily life, not going out of my way to score my friends on how much I like them that day.
164
00:12:56.475 --> 00:13:04.680
Yeah. Exactly. And it becomes extremely complex as if you were to do this trust at the station. I think there is a NIP, like NIP Yeah. NIP 87,
165
00:13:04.980 --> 00:13:06.280
89. Don't remember.
166
00:13:06.820 --> 00:13:07.320
And,
167
00:13:07.780 --> 00:13:11.560
yeah, if you do it once, like, okay. Trust Pablo about inclining
168
00:13:11.860 --> 00:13:15.320
on a scale from 1 to 100, like, 89 or something.
169
00:13:15.755 --> 00:13:16.255
But
170
00:13:16.635 --> 00:13:21.535
then once I do this for 100 people, then it becomes difficult because,
171
00:13:22.715 --> 00:13:37.480
I want those ratings to be, like, consistent with each other because I trust him more than Odell in climbing. It becomes super complex. So, yeah, I totally agree that it should be a byproduct of user actions. Which one is, like, follow? Another is mute. Another is zap.
172
00:13:38.019 --> 00:13:40.740
With zap, it's a is a bit tricky because you
173
00:13:41.415 --> 00:13:44.235
to to say that it it is a signal,
174
00:13:44.615 --> 00:13:56.589
you have to be sure that the sender and the recipient are not colluding, for example. They are not the same person. Otherwise, there is no economic value moving. Or aren't zaps just not verifiable? So
175
00:13:57.209 --> 00:14:00.589
we shouldn't have really put too much stock in them anyway. Not subs are, though.
176
00:14:01.290 --> 00:14:03.149
Very true. Such subs are.
177
00:14:05.050 --> 00:14:20.045
I mean, I guess you could use, like, a web of trust to decide if zaps are worth it or not to count just webs on top. Like, there is no web of trust. Right? It's webs. There's many different webs. Right. 1 there is just one mempool. It's Wiz's mempool. But
178
00:14:22.779 --> 00:14:30.880
okay. I mean, where do you guys wanna go with this conversation? I'm I'm you guys are like prolific here. I'm just I I feel like the entertainer. I feel like this graph,
179
00:14:31.260 --> 00:14:34.560
whatever we're calling it, is like maybe the most important,
180
00:14:36.675 --> 00:14:44.135
kind of thingy that's being sort of the art it's like an artifact that's being precipitated by all the activity on the Gnostr network. Like,
181
00:14:45.395 --> 00:14:47.415
like which I think that's what you like that
182
00:14:47.715 --> 00:14:51.975
what you said just a second ago about, like, demonstrating trust. I think it's actually kind of like a pretty deep point
183
00:14:52.560 --> 00:14:53.060
because
184
00:14:54.000 --> 00:14:55.860
you you actually have to like do stuff
185
00:14:56.480 --> 00:14:57.220
to demonstrate
186
00:14:57.920 --> 00:14:59.060
trust. Otherwise,
187
00:15:00.720 --> 00:15:03.220
like like what does it mean to trust someone? Like,
188
00:15:03.600 --> 00:15:06.740
you you like if if we were not all like scrolling on our phones
189
00:15:07.265 --> 00:15:22.820
experiencing the possibility of getting spam, why would we follow anyone? Or what do we mean? Or we can take a survey but then like like you're saying like it just is static at that point. So like if the trust is kind of like a reflection of some type of action. So all this action that's occurring, it is precipitating
190
00:15:23.200 --> 00:15:23.940
this type
191
00:15:24.880 --> 00:15:28.020
of web of trust in the world which is like,
192
00:15:28.720 --> 00:15:34.580
I I think it's I I sometimes I say I think I don't know if this I think this makes sense to say that the web of trust is deflationary
193
00:15:35.360 --> 00:15:40.945
in a sense, where like if you have an artifact like perfect example of this is the ogcowsurfing.org,
194
00:15:42.285 --> 00:15:45.825
which is now being built on No Striff, fun fact, which I'm like excited about but,
195
00:15:46.765 --> 00:15:57.540
that was a perfect example of a bunch of people who did a bunch of stuff that was risky, which was stayed at each other's houses and then they created like a digital representation of that and it was this big data set and it was economically deflationary
196
00:15:58.160 --> 00:16:00.740
because people could go to a city and stay for free.
197
00:16:01.520 --> 00:16:02.020
And
198
00:16:02.640 --> 00:16:08.334
like what's really optimistic about Nostra is that this web of trust that's being precipitated is similarly deflationary
199
00:16:08.714 --> 00:16:09.535
but it is
200
00:16:09.995 --> 00:16:10.495
unkillable.
201
00:16:10.875 --> 00:16:11.935
It's like a ratchet.
202
00:16:12.315 --> 00:16:14.175
It just keeps growing. So like,
203
00:16:14.555 --> 00:16:20.105
you know, I you you can probably apply that notion of deflation to like social stuff too, like you don't have to be as worried that people are gonna rip you off. So you could, you know, so so I think that's like that's what
204
00:16:21.170 --> 00:16:28.070
worried that people are gonna rip you off. So you could, you know, so so I think that's like that's what Nostra is doing is like this web of trust is exportable from Nostra.
205
00:16:28.530 --> 00:16:37.805
It is not something that is only relevant to Nostra. It's relevant to the world, you know. It's quite quite interesting. I mean I feel like that's the key. Right? Is like webs of trust is not a new
206
00:16:38.185 --> 00:16:38.685
concept.
207
00:16:39.305 --> 00:16:44.205
No. 1000 years ago. The the biggest issue historically has been creating a robust,
208
00:16:45.305 --> 00:16:45.805
distributed,
209
00:16:46.345 --> 00:16:53.660
censorship resistant one. Like, all the successful ones have always been incredibly centralized. Things like eBay reviews or Airbnb reviews
210
00:16:54.120 --> 00:16:55.420
or Uber. Right?
211
00:16:55.880 --> 00:16:57.260
But actually having it
212
00:16:57.880 --> 00:17:00.460
distributed and not controlled by a single entity
213
00:17:00.954 --> 00:17:04.735
is the key here, and Nasr unlocks that. And I think what a lot of people,
214
00:17:06.075 --> 00:17:07.535
fail to realize is
215
00:17:08.235 --> 00:17:18.830
there's a lot of it it kind of feels like blocked like the whole blockchain thing all over again. I mean, I I know a lot of us are Bitcoiners, so we look at things with a bias, but it's like, I don't like Bitcoin,
216
00:17:19.529 --> 00:17:31.389
I like Blockchain. Right? And it's like you need the token. The token needs to exist for the Bitcoin system to work. And with Nasr, like, everyone's like not everyone, but there's a lot of people that fade the social media aspect,
217
00:17:32.545 --> 00:17:34.485
but say I will want the other stuff.
218
00:17:34.785 --> 00:17:44.880
And the social media aspect is the bootstrapping mechanism that even makes this possible because it's incredibly boring to, like, build out a distributed web of trust or multiple webs of trust
219
00:17:46.000 --> 00:17:50.180
just to do that. But it's not boring to shitpost or post memes or,
220
00:17:51.040 --> 00:17:53.060
you know, rage at someone online.
221
00:17:54.480 --> 00:17:55.860
Like, that's the cool part.
222
00:17:58.304 --> 00:18:02.565
So in practice, let's let's try and take, like,
223
00:18:02.865 --> 00:18:05.205
pull back a little bit. Let's let's go to,
224
00:18:05.585 --> 00:18:07.924
like, how how this would actually work,
225
00:18:08.625 --> 00:18:15.340
practically speaking. And and that I mean, we've we've already kind of mentioned it with with spam. We've already kind of mentioned it with impersonators.
226
00:18:16.280 --> 00:18:20.860
But, like, if you were we'll we'll go to you, Pablo. Like, if you if you were gonna, like, build a client,
227
00:18:21.880 --> 00:18:26.539
that tried to stop spam from happening and you were gonna use a web of trust,
228
00:18:26.914 --> 00:18:40.855
how how does that look on the user side? Like, how does the user interact with that, and how do you remove yourself from the equation of being the developer choosing, you know, having too much control? Because one man's spam could be another man's censorship. Right?
229
00:18:41.960 --> 00:18:47.820
I mean, the what I what I include in every single client that I that I build is, when you log in,
230
00:18:48.360 --> 00:18:52.540
it fetches the people that you follow. It fetches your the people that you mute,
231
00:18:52.840 --> 00:19:00.035
and it fetches the follows of the people that you follow and the mute of people that you mute. And I then just compute a score.
232
00:19:00.655 --> 00:19:06.115
For all the puppies that I know, it typically, like, a normal account ends up with, like,
233
00:19:06.415 --> 00:19:07.955
between 20, 25,
234
00:19:08.575 --> 00:19:12.150
30,000 puppies that that I've scored in some way.
235
00:19:13.030 --> 00:19:24.970
And then I can just go to global and and I can look at all the notes, all the events that are coming in. I I can just filter out the ones that fall off of this way of trust.
236
00:19:26.265 --> 00:19:27.165
So for example,
237
00:19:27.705 --> 00:19:32.525
one of of the clients that I wrote where this was super relevant was, WikiPhreeda,
238
00:19:32.825 --> 00:19:34.045
which is like a Wikipedia,
239
00:19:34.985 --> 00:19:37.165
implementation of of Nostr, where
240
00:19:38.185 --> 00:19:47.140
for ideological reasons but also for technical reasons, there cannot be a canonical entry. You cannot go to what is the entry for Riga,
241
00:19:47.840 --> 00:19:48.340
because
242
00:19:49.120 --> 00:19:51.765
who should I ask? What where is the entry for Riga?
243
00:19:52.325 --> 00:19:55.465
You have competing entries for Riga. So
244
00:19:56.325 --> 00:19:59.225
there might be 20, 50 different,
245
00:19:59.765 --> 00:20:00.265
entries
246
00:20:00.725 --> 00:20:01.625
for Riga,
247
00:20:02.005 --> 00:20:05.625
and I sort them by by the proximity
248
00:20:06.440 --> 00:20:09.740
of the of the people that have written the the entry.
249
00:20:10.440 --> 00:20:14.380
And there can be explicit at the stations because I have the concept of forks.
250
00:20:14.920 --> 00:20:15.580
So maybe
251
00:20:15.960 --> 00:20:20.220
I go and I see that Matt wrote something, Audriga, and I want to make a modification.
252
00:20:20.680 --> 00:20:21.820
I fork his
253
00:20:22.255 --> 00:20:22.755
entry,
254
00:20:23.294 --> 00:20:26.674
and I can change it. So maybe he says, oh, Pablo's entry is better.
255
00:20:27.375 --> 00:20:30.034
So I'm going to point my entry to Pablo's.
256
00:20:30.335 --> 00:20:32.515
So now my entry would have my
257
00:20:32.895 --> 00:20:37.090
score and Matt's score. So if you follow both of us,
258
00:20:37.950 --> 00:20:40.770
it's it it might rank higher because of that.
259
00:20:41.390 --> 00:20:46.450
But someone else might come in. They are whatever, into Cardano or whatever,
260
00:20:46.830 --> 00:21:00.805
and they will have a very different world of trust. And they might see a different view of of Riga, and they might see a different view of of all these different entries. So as a developer, I don't have a say on what content you're going to see,
261
00:21:01.265 --> 00:21:07.980
how things are going to to look, what things are going to be spam. It's it's all going to be from your point of view.
262
00:21:10.520 --> 00:21:18.620
Yeah. I don't like, honestly, that score. Is it correct me if I'm wrong, but it is is it is similar to the the.
263
00:21:19.355 --> 00:21:22.575
Right? It's Kinda similar. You you mean the the display?
264
00:21:23.355 --> 00:21:24.715
The the score behind,
265
00:21:25.035 --> 00:21:39.710
left next to the entry in Wiki Free. Yeah. Yeah. The the score is displayed for dividing reasons, but I I disagree, and I actually also told to Huddl about that. I don't think scores because they are you see a number next to an entry, and
266
00:21:40.809 --> 00:21:41.789
that number means
267
00:21:42.169 --> 00:21:49.645
basically nothing. So And how should you display it? What's that? How how what's a better way to display it? Yeah. I would dis because a number is,
268
00:21:50.205 --> 00:21:55.985
summarizing that people to a number, and it is a bit prescriptive and not descriptive.
269
00:21:56.445 --> 00:21:58.910
So it's it is simpler to view my,
270
00:21:59.710 --> 00:22:03.170
my mind in another example, which is like anti impersonation.
271
00:22:03.550 --> 00:22:09.570
So I click on the profile. It it is, Lynn Alden, or that that's a display name.
272
00:22:09.995 --> 00:22:17.615
And then I would like to see the faces of the people I follow that also follow that AMP hub. And not But it's, like, a bunch of impersonators
273
00:22:19.195 --> 00:22:24.655
of the people you follow are all following the impersonator. Like, it's just impersonators following impersonators.
274
00:22:25.220 --> 00:22:29.080
No. No. Because it's, it's based on on me, basically. So
275
00:22:29.380 --> 00:22:30.040
I follow
276
00:22:30.420 --> 00:22:34.600
you, and you follow that and Pub, and so I see your profile there. Oh, okay.
277
00:22:34.980 --> 00:22:36.680
And this this way so,
278
00:22:37.060 --> 00:22:45.455
this is, I think, better because in some context, your opinion might be worth more or less than some other opinion. So for example,
279
00:22:45.755 --> 00:22:51.855
we might be talking instead of profiles. We might be talking about apps. For example, a great example is Zapstore,
280
00:22:52.235 --> 00:23:02.770
and Zapstore shows faces of the people you follow that also follow the signer of the app. So for example, if from those faces I see, let's say, MBK, and we are talking about,
281
00:23:04.030 --> 00:23:05.870
or Craig Roe, and we are talking about,
282
00:23:06.590 --> 00:23:18.285
Bitcoin Wallet, his opinion, in my mind, will wait more. But there is no way to, like, quantify that with a number or at least the client that doesn't know which opinion I have of those people.
283
00:23:18.825 --> 00:23:24.870
But there is no need to summarize that. We can just show the faces, and I intuitively would know who to look for
284
00:23:25.350 --> 00:23:39.850
without having to summarize that into one number. You just have to see faces, and I think it's more natural. And, also, it ties more in what people are used to do, like, in mid space. So, for example, when you don't know nothing about something, maybe about cars,
285
00:23:40.625 --> 00:23:42.885
you have no idea, like,
286
00:23:44.065 --> 00:23:51.125
yeah, maybe it comes to your mind that you have 3 friends that know about cars more than you do, but you don't think any numbers. You're thinking,
287
00:23:52.065 --> 00:23:55.205
what people should I ask for better advice or better,
288
00:23:56.580 --> 00:23:58.360
yeah, information about the topic.
289
00:23:59.140 --> 00:23:59.960
And so,
290
00:24:01.220 --> 00:24:05.220
yeah, that makes sense to me. I mean, we see that in a lot of centralized apps do the
291
00:24:05.780 --> 00:24:09.640
like, Twitter has that where you see the little pictures, and it's very intuitive.
292
00:24:10.465 --> 00:24:13.924
What are your thoughts on I it's kinda interesting. Right? Because there's
293
00:24:14.705 --> 00:24:15.184
there's
294
00:24:15.505 --> 00:24:21.825
and maybe it's also a product of the fact that Noster is so early, and it's so young in it in its life, but,
295
00:24:23.500 --> 00:24:27.520
there's a balance between how do you technically make something possible,
296
00:24:27.900 --> 00:24:35.440
how do you give a user sovereignty and and power over their own, situation, and then how do you display it to them in a
297
00:24:36.034 --> 00:24:36.534
relatively
298
00:24:36.835 --> 00:24:43.654
little friction way? Because if you add any kind of friction, if you add power user things right in front of someone's face in the beginning,
299
00:24:44.355 --> 00:24:47.174
they probably just won't even use the tool in the first place.
300
00:24:47.475 --> 00:24:49.475
But I'm curious. So what's your opinion on
301
00:24:51.850 --> 00:25:01.950
you know, in a perfect world and we're way down the line, it's like everyone already has, like, their social graph and stuff on Noster, and and it's a different situation. But as new people are joining,
302
00:25:02.250 --> 00:25:05.950
how do you how do we attempt to mitigate the impersonator problem,
303
00:25:07.215 --> 00:25:11.315
for that new person who's joining? Like, they they don't have a social graph yet.
304
00:25:12.655 --> 00:25:19.235
Yeah. This is a good question. Like, the bootstrapping problem if you're new and you come in and you don't know who to trust at the beginning
305
00:25:19.615 --> 00:25:20.275
at first.
306
00:25:21.760 --> 00:25:23.299
What you can use
307
00:25:23.760 --> 00:25:24.260
is
308
00:25:25.280 --> 00:25:30.740
some well, obviously, you're never going to use, followers count because that can be faked.
309
00:25:31.600 --> 00:25:32.100
So
310
00:25:32.559 --> 00:25:37.815
there can be for I I like the idea, for example, of proof of work keys as a first introductory
311
00:25:38.755 --> 00:25:40.455
step, but not necessarily in
312
00:25:40.915 --> 00:25:43.175
that way because proof of work keys are,
313
00:25:43.955 --> 00:25:47.015
the UX around them is terrible because you have
314
00:25:48.115 --> 00:25:50.295
identity creation. You have to commit energy
315
00:25:50.675 --> 00:25:54.029
to create that key that starts with a certain number of zeros.
316
00:25:54.570 --> 00:25:57.149
So that UX is terrible, but
317
00:25:57.610 --> 00:26:06.110
what it shows is that there are certain AMP apps that have more skin in the game, that verifiable skin in the game, and that is a good place for
318
00:26:06.495 --> 00:26:09.955
initial bootstrapping. So if you know nothing about who to trust,
319
00:26:10.975 --> 00:26:14.355
you can start, assigning some low level of trust
320
00:26:14.655 --> 00:26:18.115
of people that have skin verifiable skin in the game in
321
00:26:18.575 --> 00:26:21.235
in terms of these proof of work keys, for example.
322
00:26:21.890 --> 00:26:26.870
I I have a very pragmatic approach. I just use my pub key. It's, like, literally
323
00:26:27.490 --> 00:26:30.149
You use someone else's pub key? No. Literally mine.
324
00:26:30.450 --> 00:26:39.755
Like But I mean, obviously, you do. So if someone creates a new pub key They use your They pub. They it doesn't it doesn't have any followers. Yeah. So it just fetches
325
00:26:40.055 --> 00:26:47.880
my word of trust and uses my word of trust. Because I, like, I know that, like, they're already using my software. I know that I'm not fake.
326
00:26:48.500 --> 00:26:49.800
Like, I'm not spamming.
327
00:26:50.660 --> 00:26:58.120
So just that. It's it's, like, a very, very trivial approach. You know what'd be cool? Is is if you could create an invite link
328
00:26:58.995 --> 00:27:01.735
to Nostr that was based on your social graph.
329
00:27:02.275 --> 00:27:09.335
So you could be like, hey, like, Nostr, that you should join Nostr, and then you just send them a link and it's like it imports your followers.
330
00:27:10.195 --> 00:27:15.400
That'd be cool. I think isn't like Manny working on something like that? Meet Me on Nostr?
331
00:27:16.100 --> 00:27:21.000
Yeah. There are there are 2 two projects that I know of that are working on that. That's that's 1,
332
00:27:21.380 --> 00:27:36.225
Nostr dot me. It's it's also has like the same idea where, like, you set up the profile for Right. And you can, like, leave You even pick the relays and everything. Everything. Yeah. Yeah. The cool part with, like, the invite idea is that,
333
00:27:36.845 --> 00:27:37.825
you only need
334
00:27:38.365 --> 00:27:44.780
one connection before you start building your own social graph. Like, it is a little bit further removed. But if I only followed like Pablo,
335
00:27:45.480 --> 00:27:52.380
then at least when I compute my social graph, it will be one person, Pablo, plus all of his followers. So
336
00:27:53.320 --> 00:28:00.585
it scales really quickly, even with just one person. And then, so maybe that's like maybe that one person is just a friend that introduces you to Noester
337
00:28:00.885 --> 00:28:03.925
and they have at least a few followers. And, like, at least you start
338
00:28:04.725 --> 00:28:11.010
you just have to go a few more layers out on the web of trust to get a decent number of, like, reputable people, you might say, or not
339
00:28:13.090 --> 00:28:13.590
spammers.
340
00:28:14.210 --> 00:28:16.310
Yeah. That makes sense to me. So,
341
00:28:17.970 --> 00:28:25.030
Stewart and Hazard, you guys have been working on Blossom. Right? So Blossom is this this idea of of of trying to,
342
00:28:26.195 --> 00:28:32.455
tackle the the media problem from different angles, whether that's it could be any file, but, like, video,
343
00:28:32.915 --> 00:28:33.415
photos.
344
00:28:35.395 --> 00:28:41.880
We we're we're entering this world where you're gonna have more and more AI deep fakes, where you have more and more situations where,
345
00:28:43.060 --> 00:28:47.320
you don't know what's real. We're already kinda there in just like this post truth environment.
346
00:28:48.500 --> 00:28:50.360
So, I mean, I guess we'll we'll
347
00:28:50.980 --> 00:28:52.920
throw it over, to you, Stuart.
348
00:28:54.554 --> 00:28:56.975
The like, how do you think about webs of trust
349
00:28:57.355 --> 00:29:05.375
mixed in with something like blossom in terms of people because I think that's something that people can actually tangibly realize as a benefit
350
00:29:05.755 --> 00:29:12.060
early on, like, in the next 6 months to 12 months. Like, how is this is it is this video of Donald Trump real or not?
351
00:29:12.680 --> 00:29:14.540
Yeah. So so I think that, like,
352
00:29:15.000 --> 00:29:18.220
Nostra is a very weird, special, exceptional,
353
00:29:19.560 --> 00:29:20.780
instance where
354
00:29:21.485 --> 00:29:23.265
we have the opportunity to build
355
00:29:24.125 --> 00:29:25.105
data infrastructure
356
00:29:25.405 --> 00:29:27.265
on top of a social graph,
357
00:29:28.045 --> 00:29:38.380
and that's very backwards to normally how it goes when you try to create some type of network, particularly a peer to peer network, is you usually start with, like, you know, like, data infrastructure, like IPFS.
358
00:29:38.760 --> 00:29:43.980
But the problem with IPFS is that it's not a social network. There's no notion of identity of, like, credibility.
359
00:29:44.679 --> 00:29:58.995
And so it doesn't work because everyone connects to everyone, and and it's just slow, and it's unworkable. So noster is a weird thing where we've kind of, like, memed into existence a social graph sort of thing. So, like, it's enough now that we can build
360
00:29:59.855 --> 00:30:01.875
we can kind of leverage that to decide
361
00:30:02.390 --> 00:30:05.450
or, like, you know, to make possible certain things such as,
362
00:30:06.150 --> 00:30:13.130
like, if you want to host and precache people's data. Like so the thing that me and satellite, me and Hazard have been working on is
363
00:30:13.430 --> 00:30:16.970
I'm gonna I don't wanna just tell you guys. So we we've been building this, like,
364
00:30:17.655 --> 00:30:25.675
like, satellite.earth has just been a web client for a long time, but we're doing, like, a new thing that's like a desktop app. So the idea is is a bunch of edge devices
365
00:30:26.615 --> 00:30:30.395
that act as kind of like a deep web of Nostra,
366
00:30:32.690 --> 00:30:35.350
and each person's node, as it were,
367
00:30:35.809 --> 00:30:44.710
pulls in, scrapes and caches the data that you care about which is by default the data that's in your that you the people you follow. So blobs and events.
368
00:30:45.045 --> 00:30:48.185
So the kind of the high level view of this is
369
00:30:48.485 --> 00:30:49.785
you have clients
370
00:30:50.325 --> 00:30:57.705
the way I'm thinking about is you have like clients like, you know, like mobile apps or whatever like, Oracle or Primal or something. They are, clients of relays
371
00:30:58.279 --> 00:31:00.460
and their clients of Blossom servers
372
00:31:00.919 --> 00:31:03.260
for events and blobs respectively.
373
00:31:04.120 --> 00:31:04.620
But
374
00:31:05.480 --> 00:31:08.140
the question is, I think, is worth asking,
375
00:31:08.520 --> 00:31:09.580
what are Relay's
376
00:31:10.335 --> 00:31:10.835
clients
377
00:31:11.294 --> 00:31:18.674
of? What are blossom servers clients of? Like, where do they get data from? It would be cool if they could be a client of a deeper layer
378
00:31:19.135 --> 00:31:29.529
because right now the only the only the only way like, CDN blossom servers or events or relays get events is the only way they get data is if people blast data at them. So
379
00:31:29.909 --> 00:31:34.409
that kind of works, but it would be real it would be really nice if you could sort of, like,
380
00:31:34.789 --> 00:31:37.610
pull data up from a deeper layer
381
00:31:38.070 --> 00:31:56.130
and put it on a Relay or a blossom server to blast it to clients. And that way clients don't have to do with crazy peer to peer stuff. But that wouldn't have been possible to do that without this web of trust because if you didn't have a notion of people who weren't spam, you couldn't have this nice thing of edge nodes that automatically pulled stuff in because you'd be pulling
382
00:31:56.750 --> 00:31:59.090
in giga terabytes of garbage constantly.
383
00:31:59.470 --> 00:32:16.055
So that's a very concrete example, actually, I think. And, yeah. Blossom is you you talk about it, Hazard. You know more than me. I mean, there's, like, implementation side of it, which is more technical, but I'd say, like, the core of the Blossom idea or the idea of my my goal with Blossom was just,
384
00:32:16.695 --> 00:32:37.254
when you start signing hashes of the files. But the file no matter how the file gets to you, like, it can come over HTTP. It can come over torrents. It can come over IPFS. It can come over anything. But we need a unified hash, and we need to sign the hash in the note. Because otherwise, if you don't sign it, you don't know what you're getting. Yeah. And that that that unified hash is effectively an interface.
385
00:32:37.715 --> 00:32:40.294
It's an interface to blobs that apps that encapsulates
386
00:32:40.674 --> 00:32:54.200
the insane complexity of peer to peer stuff. And that is why, like, it's, like, super smart not to start with the peer to peer stuff, but, like, some notion of federation like Mastodon has is pretty cool as long as clients don't have to interact with it. You know?
387
00:32:54.740 --> 00:32:59.480
As long as it's like hidden under this little layer of the blossom spec and no and in IP01.
388
00:32:59.780 --> 00:33:21.730
Yeah. And the cool part is like to bring it back to, like, Webber Trust is it's kind of the same thing with a Webber Trust and a social graph is because you can't connect to the entire Internet, because you can't plug into the entire Internet, you need a starting point to know, like, what do I actually not what do I want to plug into, because that's the user's decision. But what do I plug into for the user? What is the user's
389
00:33:22.190 --> 00:33:27.810
starting point for what they find valuable? And that maps onto a whole bunch of stuff, like event transmission,
390
00:33:29.425 --> 00:33:37.445
or like blob storage, file storage, or even just like recommendations or anything else like that. So where do you if you can't plug into the entire internet, where do you start?
391
00:33:41.440 --> 00:33:42.900
But so you have
392
00:33:43.600 --> 00:33:56.515
with the with the hash, the hash is is to be able to validate integrity of a file, basically. Right? So you have this hash, and you're able to see if it's changed over time. The signature is essentially an attestation
393
00:33:57.055 --> 00:34:01.235
by a specific end pub or whatever saying, this is the file.
394
00:34:02.015 --> 00:34:03.795
And then on top of that,
395
00:34:04.575 --> 00:34:05.635
there is presumably,
396
00:34:06.095 --> 00:34:13.400
there could be many people that are just changing that file and then resigning it themselves with a different hash because they changed the file.
397
00:34:13.700 --> 00:34:17.400
So then you would you would need some kind of web of trust that's like,
398
00:34:18.420 --> 00:34:32.884
this is like the actual this one is the real one, and this one's the modified one. Right? The cool part with the hashes is, I mean, you can't unless you find a hash collision, you can't fake the hash. So Right. What you get, as long as you can get it, is what you're looking for.
399
00:34:34.305 --> 00:34:37.365
The way the web of trust were maps onto this is
400
00:34:37.984 --> 00:34:39.204
how do you get it?
401
00:34:39.579 --> 00:34:43.920
That's the difficult part. Because again, like, if you have this file identifier, if you have this
402
00:34:44.220 --> 00:34:46.960
this unknown file that you want, so let's say it's like a
403
00:34:47.339 --> 00:34:49.040
10 gigabyte movie or something,
404
00:34:51.099 --> 00:34:55.075
like, how do you find it? It's on the Internet. You can't plug into the entire Internet.
405
00:34:55.375 --> 00:34:55.875
So
406
00:34:56.655 --> 00:35:01.714
I found, like so if I it came from you or it came from a podcast or it came from somebody one of somebody I follow.
407
00:35:02.655 --> 00:35:09.500
As I mentioned before, like, the web of trust kind of signaling where you start plugging in, it can do the same for fetching data.
408
00:35:09.800 --> 00:35:18.620
Similar to how we fetch events where you just you're like, I'm looking for this file. I have no idea where it is. So instead of searching the entire world, I can start with my web of trust.
409
00:35:19.000 --> 00:35:25.385
And even better if I knew who the file was from, but I can start with my web of trust, and that narrows down, you might say, like, the search space
410
00:35:25.765 --> 00:35:29.305
for trying to find that one hash or that one file. It narrows it down considerably
411
00:35:29.924 --> 00:35:34.025
than trying to, like, you know, start pinging every single file server on the internet.
412
00:35:35.190 --> 00:35:41.770
So so just to give more perspective, this maps into the the outbox model because it's the same idea of,
413
00:35:42.150 --> 00:35:48.010
I want to see your Stu's notes, to which really should I talk to to get his notes.
414
00:35:48.470 --> 00:35:50.525
For this is, I know that
415
00:35:51.224 --> 00:35:52.444
that that has our published
416
00:35:52.744 --> 00:35:54.845
file with this hash ID.
417
00:35:55.145 --> 00:36:09.560
From what from what blossom server should I get it? I will query for the list of blossom servers that he uses. And now instead of having to just randomly query a bunch of different servers for this hash ID, I go to one of these 3,
418
00:36:10.340 --> 00:36:12.680
blossom servers that he uses. And
419
00:36:13.140 --> 00:36:14.265
one cool thing is,
420
00:36:15.625 --> 00:36:17.964
you uploaded, a file to
421
00:36:18.265 --> 00:36:20.365
to, one of your Blossom servers.
422
00:36:21.144 --> 00:36:22.525
He wrote a blog post
423
00:36:23.224 --> 00:36:30.460
linking to that file, explicitly linking HTTP blah blah blah, linking to that file. And that that blossom server, he deleted the blossom server.
424
00:36:30.760 --> 00:36:37.100
So now that that that blog post that he wrote now has a missing file. It the the link is broken.
425
00:36:38.280 --> 00:36:49.715
But now you can query for the blossom list that he uses and you can fix the the link. And it it when you do it for the first time, it's like it's magical. Within a second,
426
00:36:50.015 --> 00:36:51.475
you see you get a 404
427
00:36:51.855 --> 00:37:00.490
or whatever. Like, you cannot connect to the server. And you go to the next server, query for the same hash ID, and you get the file. And it's super magical.
428
00:37:01.030 --> 00:37:01.530
Beautiful.
429
00:37:01.990 --> 00:37:02.870
Guys, we have,
430
00:37:03.750 --> 00:37:21.455
a few minutes left. Let's, just wrap it up with some final thoughts. We'll start with you, Stuart, and move down this way. Well, to wrap it up, I I like to think of Nostra as like the hydra, like the mini headed snake. You know what I mean? Like, you chop off one head and like a 1,000 more just like pop up. I think that's what is
431
00:37:22.555 --> 00:37:23.855
kind of, you know,
432
00:37:24.460 --> 00:37:27.280
the model that we should use to think about resilience
433
00:37:27.740 --> 00:37:28.480
is that
434
00:37:29.020 --> 00:37:30.160
there has to be
435
00:37:31.020 --> 00:37:32.000
some sort of
436
00:37:32.700 --> 00:37:38.720
base level from which all these snakes spring up, like whack a mole. You know, so like like Pirate Bay in 2010
437
00:37:39.265 --> 00:37:42.305
during the golden era of getting their domain name,
438
00:37:42.785 --> 00:38:02.230
deleted by the government over and over and over again was the fact that they just had a giant database of torrent files and those torrent files were just metadata that referred to a bunch of stuff. So as long as it exists on one person's computer, it can always, like, spring up and you can upload it very quickly to as many blossom servers and as many relays as you want. So,
439
00:38:03.885 --> 00:38:07.985
Yeah. Gnostr is fundamentally an unkillable, un undeletable medium
440
00:38:08.445 --> 00:38:11.345
and the rest the other problem is,
441
00:38:11.725 --> 00:38:18.865
just how to deliver that data. But fundamentally, I I'm extremely bullish on Gnostr because I sort of suspect that in, like, the
442
00:38:19.280 --> 00:38:20.180
kind of like,
443
00:38:21.520 --> 00:38:29.300
post truth era of not really being sure what's real, the ability just simply being able to digitally sign something at all
444
00:38:30.079 --> 00:38:31.540
and refer to
445
00:38:31.920 --> 00:38:33.060
some type of
446
00:38:33.815 --> 00:38:35.835
source of signal about whether or not
447
00:38:36.215 --> 00:38:43.915
this is real is going to move probably move the needle more than anything else. Especially, you know, like, when AI impersonation becomes like more widespread,
448
00:38:44.455 --> 00:38:46.715
you know, people are going to like can absolutely
449
00:38:47.095 --> 00:38:57.480
freak out when you see, like, a video of yourself or something on the Internet, and it's, like, how do you know? So, like, the this this digital signature thing is, like, a safe harbor in that storm,
450
00:38:57.859 --> 00:38:58.099
and,
451
00:38:59.220 --> 00:39:02.119
that that's probably gonna drive a lot of people in Austria, I think, personally.
452
00:39:03.165 --> 00:39:03.665
Yeah.
453
00:39:05.245 --> 00:39:18.430
Yeah. Yeah. That that part is super important. Like, knowing not not what's real because that's too much, but knowing who said what. That that's good enough for most things, and I would say that the fact that we are moving towards
454
00:39:18.890 --> 00:39:21.150
I think we are moving towards a world in which,
455
00:39:21.849 --> 00:39:27.550
as Odell says often, like, the post truth world where you don't you don't have to have consensus
456
00:39:27.930 --> 00:39:30.750
of what's real. You kinda come to
457
00:39:31.425 --> 00:39:31.905
your,
458
00:39:32.305 --> 00:39:35.685
understanding of what is real, what is truth, what is
459
00:39:36.145 --> 00:39:42.485
coherent with your vision and that of your community. And, yeah, the social graph is is a tool that we can use,
460
00:39:42.785 --> 00:39:44.305
very, very powerful, and,
461
00:39:45.279 --> 00:40:06.425
we no one was able to use such a tool before because it was only developers of the comp of social companies that have the ability to use it. So, obviously, with the such a power comes also the responsibility that we can do and should do should build something which is better and more sane than the world we are living, and this comes from,
462
00:40:07.525 --> 00:40:09.385
establishing principle that
463
00:40:09.765 --> 00:40:23.050
makes sense in the context of the post truth world where you don't go out and tell others what they should believe, but you give them tools so that they can decide for themselves what to believe, what to think, what to what to,
464
00:40:23.590 --> 00:40:24.090
yeah,
465
00:40:25.030 --> 00:40:25.850
what to think.
466
00:40:27.670 --> 00:40:28.550
Yeah. Like, that's
467
00:40:29.595 --> 00:40:37.535
I don't think I can extend that. Like, the only thing I gotta say is is that, we built there has been a lot of crazy experimentation
468
00:40:37.835 --> 00:40:39.295
done in the
469
00:40:39.675 --> 00:40:45.980
past. I mean, I for me, I've only been here, like, a year or 2, but supposedly, there's a lot of crazy stuff being built before that.
470
00:40:46.440 --> 00:40:56.620
I remember the early clients, but there's a lot of crazy experimentation being done. There's a lot of even the cryptographic stuff will work that's being used on the network. It's crazy that users are actually using cryptographic keys on the Internet now.
471
00:40:56.920 --> 00:40:59.475
But I think the craziest part is, like, we
472
00:41:00.495 --> 00:41:03.635
we finally have an open social graph on the Internet.
473
00:41:04.015 --> 00:41:05.155
We finally have
474
00:41:05.855 --> 00:41:15.610
data that nobody owns that is extremely valuable, and that applies to so much more than social. Like, maybe it's not a trust, as you said. Maybe it's not it's not strictly trust,
475
00:41:15.990 --> 00:41:25.770
but it's a starting point that can that can start like I said, in the era of where, like, the AI is just gonna start flooding the Internet with so much either misinformation or just
476
00:41:26.070 --> 00:41:28.010
noise, it's a starting point
477
00:41:28.674 --> 00:41:34.934
to start browsing the internet again instead of trying to filter all the noise out. And that's going to be it's going to be huge.
478
00:41:36.355 --> 00:41:38.755
Yeah. To to to that point, I I think the,
479
00:41:40.035 --> 00:41:49.020
navigating the Internet via will of trust will be it's kinda why it's titled like this, the the talk. It it will be the only way of making sense of things because as
480
00:41:49.400 --> 00:41:53.960
like, AI is such a perfect forcing forcing function to to adopt these,
481
00:41:54.520 --> 00:41:55.260
these schemes.
482
00:41:56.375 --> 00:42:00.315
It it it there will be no other way. It it simply will not make sense
483
00:42:00.775 --> 00:42:09.115
to consume data that is not signed. Like like, in 50 years, they would be like, what do you mean the Internet was not signed? Like, what the fuck are you talking about?
484
00:42:11.069 --> 00:42:14.690
Damn right. Thank you all. Can we get a huge round of applause for these gentlemen?
NOTE
Transcription provided by Podhome.fm
Created: 8/24/2024 2:57:26 PM
Duration: 2547.066
Channels: 1
1
00:00:00.240 --> 00:00:00.740
Thanks.
2
00:00:01.120 --> 00:00:01.620
Preston.
3
00:00:03.199 --> 00:00:03.699
Yo.
4
00:00:04.960 --> 00:00:06.980
Let's get this energy up in here.
5
00:00:10.480 --> 00:00:11.780
It's just me and Pablo.
6
00:00:13.775 --> 00:00:14.275
Hazard,
7
00:00:14.655 --> 00:00:16.515
Stuart, where are you? Oh, there you go.
8
00:00:17.455 --> 00:00:22.415
How does the team is coming to? Who's joining us? It's the guy who wrote the,
9
00:00:23.295 --> 00:00:27.555
Do we need another chair? Yeah. Can someone get us another chair and a beer?
10
00:00:30.820 --> 00:00:33.559
I've been told there's no beer in this venue right now,
11
00:00:34.340 --> 00:00:35.480
which is a miss.
12
00:00:40.739 --> 00:00:41.239
Awesome.
13
00:00:41.620 --> 00:00:44.145
So guys, we're gonna be talking about webs of trust.
14
00:00:46.525 --> 00:00:53.425
Something that I'm particularly pretty excited about. I think everyone on stage is is pretty excited about this element of Noster.
15
00:00:54.364 --> 00:00:55.505
Before we start,
16
00:00:56.010 --> 00:01:04.430
we got a nice packed house here and a beer walking up to me, which is all can you open it for me? I don't have a bottle opener. Does anyone have a bottle opener they could bring me?
17
00:01:06.330 --> 00:01:07.230
Thank you, guys.
18
00:01:07.690 --> 00:01:08.670
It's still very,
19
00:01:09.355 --> 00:01:13.215
we're very early days in this conference. We're working on the logistics here.
20
00:01:13.835 --> 00:01:19.455
Can I get a show of hands of anybody in this room that did not use Nostra before this week?
21
00:01:21.479 --> 00:01:27.659
Okay. So we got a couple new people here. I think Miles just did that with his bare hands, by the way, over there. Thanks, Miles.
22
00:01:28.119 --> 00:01:32.540
I think we're gonna keep this it's gonna it's gonna be a more technical conversation, I think.
23
00:01:32.920 --> 00:01:36.060
I was trying to decide if we should go high level or not. So, I mean,
24
00:01:36.395 --> 00:01:38.335
we can start with high level. Pablo,
25
00:01:39.035 --> 00:01:41.615
what is webs of trust? Why should people care?
26
00:01:42.635 --> 00:01:43.535
Alright. So
27
00:01:43.995 --> 00:01:46.655
web of trust is basically the concept of,
28
00:01:47.915 --> 00:01:48.415
inferring
29
00:01:48.715 --> 00:01:50.895
who should you be listening to,
30
00:01:51.580 --> 00:01:53.440
from activity from the network.
31
00:01:53.900 --> 00:01:55.040
So if you
32
00:01:55.580 --> 00:01:57.680
like, I'm friends with Matt. So Yes.
33
00:01:58.780 --> 00:02:00.560
That's awesome. Alright. Good.
34
00:02:01.100 --> 00:02:05.520
So I'm friends with Matt. And maybe Matt is having a conversation with someone
35
00:02:06.285 --> 00:02:24.410
that I don't know. But the fact that Matt follows them, the fact that Matt is having a conversation with them, then that means that maybe this person is is definitely not not spam. There would be probably no reason for for for Matt to follow a spam account. So I can infer, without knowing anything from this pub key, I can infer
36
00:02:24.790 --> 00:02:31.370
that, that it's not spam that I should listen to what this pub key is saying, at least briefly, and maybe consider
37
00:02:31.910 --> 00:02:33.210
following them. So
38
00:02:34.275 --> 00:02:34.775
traditionally,
39
00:02:35.235 --> 00:02:38.455
we've had a top down approach to,
40
00:02:39.475 --> 00:02:40.935
who should you listen to?
41
00:02:41.555 --> 00:02:49.540
What is spam and what is not? And web of trust particularly becomes very, very useful to discern what is not spam and what is spam,
42
00:02:50.000 --> 00:02:51.620
or what likely is spam.
43
00:02:52.800 --> 00:02:54.260
And typically, it's been,
44
00:02:55.280 --> 00:02:57.300
Elon Musk just KYC ing people,
45
00:02:58.400 --> 00:03:04.545
and just letting in a bunch of bots anyway. But it's been very top down. You ask API. Twitter.com
46
00:03:05.085 --> 00:03:08.225
what content should I get from searching for something,
47
00:03:08.525 --> 00:03:09.745
or if you go to global,
48
00:03:11.005 --> 00:03:12.385
what content should I receive.
49
00:03:13.165 --> 00:03:13.485
But,
50
00:03:14.125 --> 00:03:15.840
but it's a very top down approach.
51
00:03:16.400 --> 00:03:18.900
World of Trust has a very interesting
52
00:03:19.280 --> 00:03:21.780
feature, which is very similar to cryptography
53
00:03:22.319 --> 00:03:24.900
in which it's very easy to compute
54
00:03:25.440 --> 00:03:31.405
world of trust, but it's really expensive to to cheat a way of trust. It it was very hard
55
00:03:31.705 --> 00:03:32.105
for,
56
00:03:32.505 --> 00:03:33.485
a spam account
57
00:03:33.785 --> 00:03:39.405
to get Matt and myself and Sue and a bunch of other people to follow that account.
58
00:03:40.425 --> 00:03:43.750
It's very, very hard to to to do that. But,
59
00:03:44.209 --> 00:03:44.709
but
60
00:03:45.170 --> 00:03:57.829
me seeing, okay, who does Matt follow? Who does does the do the people that I follow? Who do they follow? It's super cheap. It's super easy to to to that. Do we only have 2 mics up here? Really? Do you guys not have mics?
61
00:03:58.584 --> 00:03:59.885
Can we have some mics?
62
00:04:01.065 --> 00:04:02.925
You wanna expand? Thanks, Preston.
63
00:04:03.705 --> 00:04:06.125
And I think there's one right behind you, Preston. Yeah.
64
00:04:07.145 --> 00:04:09.645
Awesome. That was turned on. This was fine.
65
00:04:10.025 --> 00:04:17.070
Yeah. I mean, as far as an overview, I don't think I have anything to add what you could Maybe maybe you wanna add something? Yeah. You got some?
66
00:04:17.610 --> 00:04:24.270
Yeah. Just to so everyone can follow along, I think it's good to give some initial definitions. So,
67
00:04:25.130 --> 00:04:26.350
I often talk about
68
00:04:26.945 --> 00:04:29.605
social graph instead of web of trust just because
69
00:04:30.065 --> 00:04:31.685
when we talk about web of trust,
70
00:04:32.145 --> 00:04:33.765
it's obvious that it's
71
00:04:34.305 --> 00:04:38.245
you're talking about trusting some other people. But social graph is
72
00:04:38.785 --> 00:04:41.045
more general terms, which just
73
00:04:43.000 --> 00:04:44.940
use how people are connected on,
74
00:04:45.400 --> 00:04:54.940
and then you can use that for many different things. One thing is what Pablo mentioned, which is anti spam measures or anti denial of service attacks measures, for example.
75
00:04:55.845 --> 00:04:58.264
Just to give a brief definition, like,
76
00:04:58.565 --> 00:05:00.664
okay, what is a social graph? 1st,
77
00:05:01.205 --> 00:05:05.384
the second part graph is a mathematical structure, which is pretty simple.
78
00:05:05.685 --> 00:05:06.425
It's just
79
00:05:06.965 --> 00:05:07.465
nodes,
80
00:05:08.085 --> 00:05:10.425
and then how they are connected by edges.
81
00:05:10.840 --> 00:05:13.660
So a social graph is a graph where,
82
00:05:14.199 --> 00:05:19.180
nodes and edges represent social things. So for example, social entities like people
83
00:05:19.560 --> 00:05:20.300
and social
84
00:05:21.080 --> 00:05:22.940
relationship like who follows who.
85
00:05:23.595 --> 00:05:27.215
And just by looking those simple things, you can pretty easily
86
00:05:27.675 --> 00:05:28.175
discern,
87
00:05:28.794 --> 00:05:29.775
what is not
88
00:05:30.634 --> 00:05:37.535
spam because it's very expensive, as Pablo said. It's very expensive or difficult to get follows from people,
89
00:05:39.009 --> 00:05:41.990
from real people, from people that have a reputation.
90
00:05:43.410 --> 00:05:43.810
And,
91
00:05:44.610 --> 00:05:45.590
yeah, you can
92
00:05:46.130 --> 00:05:52.065
I prefer to talk about the social graph instead of web of trust because the context is do matter a lot?
93
00:05:52.525 --> 00:05:53.585
So it's not
94
00:05:54.045 --> 00:05:59.825
necessary that we talk about trust. So for example, when you can use social graph to do recommendation,
95
00:06:00.685 --> 00:06:11.240
but that doesn't necessarily mean that there is trust involved other than you trust that the recommendation are not impersonating. So, like, I get Lee Holden as a recommendation.
96
00:06:12.500 --> 00:06:21.875
The only trust is that Lee that is the is not an impersonator, is the real Lee Holden. But other than that, there is not much to it.
97
00:06:22.815 --> 00:06:24.335
So Yeah. That's that's a good,
98
00:06:25.135 --> 00:06:29.555
I like that name versus, like, web of trust because it's not really a trust relationship,
99
00:06:30.175 --> 00:06:32.035
especially since, like, a lot of
100
00:06:32.900 --> 00:06:49.275
trust isn't like this thing you can easily measure and put into a graph, whereas the, kind of social graph is a lot more because It's more open. Yeah. Yeah. Yeah. Web of trust prescribes how you you should use it whereas whereas social graph is is like a tool that you can use in multiple ways.
101
00:06:49.655 --> 00:06:51.195
And I would argue that,
102
00:06:52.615 --> 00:07:00.480
it can it can be used for to improve or solve many different problems. 1 is anti spam. Another is, like, recommendation and content discovery.
103
00:07:01.660 --> 00:07:03.200
Another could be,
104
00:07:03.740 --> 00:07:04.560
anti impersonation.
105
00:07:05.020 --> 00:07:21.505
So how do you know that Matt Odell is the real Matt Odell, or is that m pub not another m pub? How do you know from 50 different Czech m pub which is the real one? Well, the impersonators haven't started using caps yet. I noticed that. That's very easy. They're all still lowercase.
106
00:07:24.365 --> 00:07:33.289
Stuart, do you have anything to add? Yeah. I I really like that distinction between the web of trust and social graph. I think that's really important to keep in mind because,
107
00:07:33.750 --> 00:07:40.569
like, the web of trust is a web of trust. Or, like, it will okay. Let's say the following list of Nostra, who you're paying attention to
108
00:07:41.135 --> 00:07:49.235
is it's it is a web of trust, but it's it's like a narrower web of trust that you're trusting them not to spam you. You're trusting them with your attention.
109
00:07:49.695 --> 00:07:54.420
And I think it gets down to a really, practical question of, like, temptation to
110
00:07:54.960 --> 00:08:02.660
wanna be like, a web of trust for following, a web of trust for hosting your data, a web of trust for couch surfing, a web of trust for, you know, all these different use cases. But I feel like
111
00:08:03.040 --> 00:08:03.540
that
112
00:08:09.655 --> 00:08:19.675
leads it it just makes things really complicated. And so I think there's some it's important to realize that, like, the web of not spam is a foundational web of trust because it is the thing
113
00:08:20.295 --> 00:08:32.540
that collapses the infinite space of pub keys into a finite reality of pub keys that are real. Because in your you're, you know, paying attention to them in some sense, and so they're not they're not bots. They're not real.
114
00:08:33.500 --> 00:08:34.000
So,
115
00:08:35.015 --> 00:08:37.035
yeah. It's I think there's something very
116
00:08:38.295 --> 00:08:42.875
kind of poetic almost about the idea that asymmetric key crypto
117
00:08:43.895 --> 00:08:45.115
can be used to
118
00:08:45.415 --> 00:08:46.795
obfuscate and encrypt
119
00:08:47.430 --> 00:08:57.530
or sign and verify, and that maps directly onto the concept of a private sphere and a public sphere. You can't have a private sphere without encryption, without privacy, and you can't have a public sphere without,
120
00:08:59.030 --> 00:09:01.050
you know, some type of notion of authenticity,
121
00:09:01.755 --> 00:09:04.895
which is digital signatures. So the web of trust
122
00:09:05.275 --> 00:09:08.175
is like the web of not spam is sort of like the
123
00:09:09.035 --> 00:09:10.335
base asset.
124
00:09:11.275 --> 00:09:12.095
The foundational
125
00:09:12.715 --> 00:09:19.510
pool of social capital that is sort of like necessary to construct more, you know, like like more niche like
126
00:09:19.970 --> 00:09:29.270
ideas about who to trust for what thing and that kinda gets into social graph territory. But anyways, I just think that distinction is, like, super brilliant and good to keep in mind. So Yeah. I like what you say there about,
127
00:09:30.885 --> 00:09:34.005
the like, not fragmenting the social graph,
128
00:09:34.645 --> 00:09:35.145
because
129
00:09:35.685 --> 00:09:46.025
there's a temptation there, like, fragmenting. Let's say, like, this is the a social graph for stores that I trust, for vendors that I trust, for restaurants I trust, and whatnot, or even banks I trust.
130
00:09:46.380 --> 00:09:46.880
And
131
00:09:47.580 --> 00:09:51.020
that would be useful in, like, many contexts, but one thing we have to
132
00:09:51.660 --> 00:09:53.120
we can't forget is that
133
00:09:54.140 --> 00:09:58.365
that data never becomes stale. It never gets constantly updated. And
134
00:09:58.845 --> 00:10:06.865
one benefit we have with the, kind of you might say, like, nostril social web of trust or social graph, whatever it is we're calling it,
135
00:10:07.805 --> 00:10:09.105
is that at least,
136
00:10:10.524 --> 00:10:19.850
has some kind of cadence to getting updated. Like, if the the user's browsing their social media app and they see something they don't like, they unfollow the person, or they remove them from that thing.
137
00:10:20.230 --> 00:10:20.730
And
138
00:10:21.269 --> 00:10:27.370
if the the users if we don't have a mechanism for the user to regularly, you might say, prune their social graph,
139
00:10:27.725 --> 00:10:30.465
then all we're doing is kind of building up bad data.
140
00:10:31.485 --> 00:10:43.779
And so that as far as, like, not fragmenting it, like, I think that's a commonly overlooked thing. It's like, not only do you have to build the social graph, but you also have to make sure the social graph is pruned. Yeah. Because there has to be, like, a common denominator between use cases,
141
00:10:44.080 --> 00:10:47.060
and not spam is that common denominator. Right?
142
00:10:47.520 --> 00:10:56.675
But don't you trust different people for different things? Like, is it inherently fragmented, though? Well, I think the the not spam part is not necessarily fragmented.
143
00:10:57.134 --> 00:11:00.834
It's that the social graph is a kind of that's where the, like, the annotation
144
00:11:01.214 --> 00:11:03.074
sort of should take place of
145
00:11:03.774 --> 00:11:05.615
the the groups. Yeah. I I I think there's,
146
00:11:06.894 --> 00:11:09.074
there's a belief that you can have,
147
00:11:09.450 --> 00:11:10.670
a very explicit
148
00:11:11.050 --> 00:11:11.550
fragmentation
149
00:11:12.090 --> 00:11:17.390
where you say, I explicitly trust Matt with regards to the Bitcoin topic
150
00:11:17.770 --> 00:11:20.110
on a scale of 0.97,
151
00:11:20.970 --> 00:11:25.255
and that's just not how people work. Like, our brains don't work that way.
152
00:11:26.835 --> 00:11:30.855
So you can you can infer kind of weights in this way,
153
00:11:31.315 --> 00:11:34.455
on on certain topics by analyzing activity.
154
00:11:35.120 --> 00:11:43.779
Like, I listen to our HR. So, like, that that could be an activity that can go into, okay, how much do I trust Mari and Matt with regards to to the Bitcoin topic?
155
00:11:44.960 --> 00:11:48.820
So I I think that's where the fragmentation idea comes from where
156
00:11:49.595 --> 00:12:05.570
people are not going to go out of their way to create all these attestations of and and wait on on on topics because, yeah, they'll go stale. Like, maybe I'll say, yeah, I try stew on this topic this amount, and that changes, but I never update my my attestation.
157
00:12:06.110 --> 00:12:10.850
Yeah. That's the I think that's exactly what to remember. It's like the best example of this would be like a,
158
00:12:11.230 --> 00:12:20.905
attestation or a web of trust for something like journalism. Like, how much do I think this person is truthful? Or do do I think they're lying or something like that? And it sounds really useful.
159
00:12:21.445 --> 00:12:24.105
But we just have to be careful of the fact that
160
00:12:24.485 --> 00:12:26.505
if we make that any explicit data,
161
00:12:27.045 --> 00:12:40.560
we can definitely you know, you can create apps to generate that those, social graphs and generate those trust scores. But we also have to be careful that we those things have to be updated or maintained. Otherwise, we just generate everyone gets a 5 star rating, and it never, you know,
162
00:12:40.940 --> 00:12:46.320
the review never gets updated. That that's why those of the station must be the byproduct of actual interaction.
163
00:12:46.875 --> 00:12:55.935
It it it's gotta be inferred from something that I'm doing on my daily life, not going out of my way to score my friends on how much I like them that day.
164
00:12:56.475 --> 00:13:04.680
Yeah. Exactly. And it becomes extremely complex as if you were to do this trust at the station. I think there is a NIP, like NIP Yeah. NIP 87,
165
00:13:04.980 --> 00:13:06.280
89. Don't remember.
166
00:13:06.820 --> 00:13:07.320
And,
167
00:13:07.780 --> 00:13:11.560
yeah, if you do it once, like, okay. Trust Pablo about inclining
168
00:13:11.860 --> 00:13:15.320
on a scale from 1 to 100, like, 89 or something.
169
00:13:15.755 --> 00:13:16.255
But
170
00:13:16.635 --> 00:13:21.535
then once I do this for 100 people, then it becomes difficult because,
171
00:13:22.715 --> 00:13:37.480
I want those ratings to be, like, consistent with each other because I trust him more than Odell in climbing. It becomes super complex. So, yeah, I totally agree that it should be a byproduct of user actions. Which one is, like, follow? Another is mute. Another is zap.
172
00:13:38.019 --> 00:13:40.740
With zap, it's a is a bit tricky because you
173
00:13:41.415 --> 00:13:44.235
to to say that it it is a signal,
174
00:13:44.615 --> 00:13:56.589
you have to be sure that the sender and the recipient are not colluding, for example. They are not the same person. Otherwise, there is no economic value moving. Or aren't zaps just not verifiable? So
175
00:13:57.209 --> 00:14:00.589
we shouldn't have really put too much stock in them anyway. Not subs are, though.
176
00:14:01.290 --> 00:14:03.149
Very true. Such subs are.
177
00:14:05.050 --> 00:14:20.045
I mean, I guess you could use, like, a web of trust to decide if zaps are worth it or not to count just webs on top. Like, there is no web of trust. Right? It's webs. There's many different webs. Right. 1 there is just one mempool. It's Wiz's mempool. But
178
00:14:22.779 --> 00:14:30.880
okay. I mean, where do you guys wanna go with this conversation? I'm I'm you guys are like prolific here. I'm just I I feel like the entertainer. I feel like this graph,
179
00:14:31.260 --> 00:14:34.560
whatever we're calling it, is like maybe the most important,
180
00:14:36.675 --> 00:14:44.135
kind of thingy that's being sort of the art it's like an artifact that's being precipitated by all the activity on the Gnostr network. Like,
181
00:14:45.395 --> 00:14:47.415
like which I think that's what you like that
182
00:14:47.715 --> 00:14:51.975
what you said just a second ago about, like, demonstrating trust. I think it's actually kind of like a pretty deep point
183
00:14:52.560 --> 00:14:53.060
because
184
00:14:54.000 --> 00:14:55.860
you you actually have to like do stuff
185
00:14:56.480 --> 00:14:57.220
to demonstrate
186
00:14:57.920 --> 00:14:59.060
trust. Otherwise,
187
00:15:00.720 --> 00:15:03.220
like like what does it mean to trust someone? Like,
188
00:15:03.600 --> 00:15:06.740
you you like if if we were not all like scrolling on our phones
189
00:15:07.265 --> 00:15:22.820
experiencing the possibility of getting spam, why would we follow anyone? Or what do we mean? Or we can take a survey but then like like you're saying like it just is static at that point. So like if the trust is kind of like a reflection of some type of action. So all this action that's occurring, it is precipitating
190
00:15:23.200 --> 00:15:23.940
this type
191
00:15:24.880 --> 00:15:28.020
of web of trust in the world which is like,
192
00:15:28.720 --> 00:15:34.580
I I think it's I I sometimes I say I think I don't know if this I think this makes sense to say that the web of trust is deflationary
193
00:15:35.360 --> 00:15:40.945
in a sense, where like if you have an artifact like perfect example of this is the ogcowsurfing.org,
194
00:15:42.285 --> 00:15:45.825
which is now being built on No Striff, fun fact, which I'm like excited about but,
195
00:15:46.765 --> 00:15:57.540
that was a perfect example of a bunch of people who did a bunch of stuff that was risky, which was stayed at each other's houses and then they created like a digital representation of that and it was this big data set and it was economically deflationary
196
00:15:58.160 --> 00:16:00.740
because people could go to a city and stay for free.
197
00:16:01.520 --> 00:16:02.020
And
198
00:16:02.640 --> 00:16:08.334
like what's really optimistic about Nostra is that this web of trust that's being precipitated is similarly deflationary
199
00:16:08.714 --> 00:16:09.535
but it is
200
00:16:09.995 --> 00:16:10.495
unkillable.
201
00:16:10.875 --> 00:16:11.935
It's like a ratchet.
202
00:16:12.315 --> 00:16:14.175
It just keeps growing. So like,
203
00:16:14.555 --> 00:16:20.105
you know, I you you can probably apply that notion of deflation to like social stuff too, like you don't have to be as worried that people are gonna rip you off. So you could, you know, so so I think that's like that's what
204
00:16:21.170 --> 00:16:28.070
worried that people are gonna rip you off. So you could, you know, so so I think that's like that's what Nostra is doing is like this web of trust is exportable from Nostra.
205
00:16:28.530 --> 00:16:37.805
It is not something that is only relevant to Nostra. It's relevant to the world, you know. It's quite quite interesting. I mean I feel like that's the key. Right? Is like webs of trust is not a new
206
00:16:38.185 --> 00:16:38.685
concept.
207
00:16:39.305 --> 00:16:44.205
No. 1000 years ago. The the biggest issue historically has been creating a robust,
208
00:16:45.305 --> 00:16:45.805
distributed,
209
00:16:46.345 --> 00:16:53.660
censorship resistant one. Like, all the successful ones have always been incredibly centralized. Things like eBay reviews or Airbnb reviews
210
00:16:54.120 --> 00:16:55.420
or Uber. Right?
211
00:16:55.880 --> 00:16:57.260
But actually having it
212
00:16:57.880 --> 00:17:00.460
distributed and not controlled by a single entity
213
00:17:00.954 --> 00:17:04.735
is the key here, and Nasr unlocks that. And I think what a lot of people,
214
00:17:06.075 --> 00:17:07.535
fail to realize is
215
00:17:08.235 --> 00:17:18.830
there's a lot of it it kind of feels like blocked like the whole blockchain thing all over again. I mean, I I know a lot of us are Bitcoiners, so we look at things with a bias, but it's like, I don't like Bitcoin,
216
00:17:19.529 --> 00:17:31.389
I like Blockchain. Right? And it's like you need the token. The token needs to exist for the Bitcoin system to work. And with Nasr, like, everyone's like not everyone, but there's a lot of people that fade the social media aspect,
217
00:17:32.545 --> 00:17:34.485
but say I will want the other stuff.
218
00:17:34.785 --> 00:17:44.880
And the social media aspect is the bootstrapping mechanism that even makes this possible because it's incredibly boring to, like, build out a distributed web of trust or multiple webs of trust
219
00:17:46.000 --> 00:17:50.180
just to do that. But it's not boring to shitpost or post memes or,
220
00:17:51.040 --> 00:17:53.060
you know, rage at someone online.
221
00:17:54.480 --> 00:17:55.860
Like, that's the cool part.
222
00:17:58.304 --> 00:18:02.565
So in practice, let's let's try and take, like,
223
00:18:02.865 --> 00:18:05.205
pull back a little bit. Let's let's go to,
224
00:18:05.585 --> 00:18:07.924
like, how how this would actually work,
225
00:18:08.625 --> 00:18:15.340
practically speaking. And and that I mean, we've we've already kind of mentioned it with with spam. We've already kind of mentioned it with impersonators.
226
00:18:16.280 --> 00:18:20.860
But, like, if you were we'll we'll go to you, Pablo. Like, if you if you were gonna, like, build a client,
227
00:18:21.880 --> 00:18:26.539
that tried to stop spam from happening and you were gonna use a web of trust,
228
00:18:26.914 --> 00:18:40.855
how how does that look on the user side? Like, how does the user interact with that, and how do you remove yourself from the equation of being the developer choosing, you know, having too much control? Because one man's spam could be another man's censorship. Right?
229
00:18:41.960 --> 00:18:47.820
I mean, the what I what I include in every single client that I that I build is, when you log in,
230
00:18:48.360 --> 00:18:52.540
it fetches the people that you follow. It fetches your the people that you mute,
231
00:18:52.840 --> 00:19:00.035
and it fetches the follows of the people that you follow and the mute of people that you mute. And I then just compute a score.
232
00:19:00.655 --> 00:19:06.115
For all the puppies that I know, it typically, like, a normal account ends up with, like,
233
00:19:06.415 --> 00:19:07.955
between 20, 25,
234
00:19:08.575 --> 00:19:12.150
30,000 puppies that that I've scored in some way.
235
00:19:13.030 --> 00:19:24.970
And then I can just go to global and and I can look at all the notes, all the events that are coming in. I I can just filter out the ones that fall off of this way of trust.
236
00:19:26.265 --> 00:19:27.165
So for example,
237
00:19:27.705 --> 00:19:32.525
one of of the clients that I wrote where this was super relevant was, WikiPhreeda,
238
00:19:32.825 --> 00:19:34.045
which is like a Wikipedia,
239
00:19:34.985 --> 00:19:37.165
implementation of of Nostr, where
240
00:19:38.185 --> 00:19:47.140
for ideological reasons but also for technical reasons, there cannot be a canonical entry. You cannot go to what is the entry for Riga,
241
00:19:47.840 --> 00:19:48.340
because
242
00:19:49.120 --> 00:19:51.765
who should I ask? What where is the entry for Riga?
243
00:19:52.325 --> 00:19:55.465
You have competing entries for Riga. So
244
00:19:56.325 --> 00:19:59.225
there might be 20, 50 different,
245
00:19:59.765 --> 00:20:00.265
entries
246
00:20:00.725 --> 00:20:01.625
for Riga,
247
00:20:02.005 --> 00:20:05.625
and I sort them by by the proximity
248
00:20:06.440 --> 00:20:09.740
of the of the people that have written the the entry.
249
00:20:10.440 --> 00:20:14.380
And there can be explicit at the stations because I have the concept of forks.
250
00:20:14.920 --> 00:20:15.580
So maybe
251
00:20:15.960 --> 00:20:20.220
I go and I see that Matt wrote something, Audriga, and I want to make a modification.
252
00:20:20.680 --> 00:20:21.820
I fork his
253
00:20:22.255 --> 00:20:22.755
entry,
254
00:20:23.294 --> 00:20:26.674
and I can change it. So maybe he says, oh, Pablo's entry is better.
255
00:20:27.375 --> 00:20:30.034
So I'm going to point my entry to Pablo's.
256
00:20:30.335 --> 00:20:32.515
So now my entry would have my
257
00:20:32.895 --> 00:20:37.090
score and Matt's score. So if you follow both of us,
258
00:20:37.950 --> 00:20:40.770
it's it it might rank higher because of that.
259
00:20:41.390 --> 00:20:46.450
But someone else might come in. They are whatever, into Cardano or whatever,
260
00:20:46.830 --> 00:21:00.805
and they will have a very different world of trust. And they might see a different view of of Riga, and they might see a different view of of all these different entries. So as a developer, I don't have a say on what content you're going to see,
261
00:21:01.265 --> 00:21:07.980
how things are going to to look, what things are going to be spam. It's it's all going to be from your point of view.
262
00:21:10.520 --> 00:21:18.620
Yeah. I don't like, honestly, that score. Is it correct me if I'm wrong, but it is is it is similar to the the.
263
00:21:19.355 --> 00:21:22.575
Right? It's Kinda similar. You you mean the the display?
264
00:21:23.355 --> 00:21:24.715
The the score behind,
265
00:21:25.035 --> 00:21:39.710
left next to the entry in Wiki Free. Yeah. Yeah. The the score is displayed for dividing reasons, but I I disagree, and I actually also told to Huddl about that. I don't think scores because they are you see a number next to an entry, and
266
00:21:40.809 --> 00:21:41.789
that number means
267
00:21:42.169 --> 00:21:49.645
basically nothing. So And how should you display it? What's that? How how what's a better way to display it? Yeah. I would dis because a number is,
268
00:21:50.205 --> 00:21:55.985
summarizing that people to a number, and it is a bit prescriptive and not descriptive.
269
00:21:56.445 --> 00:21:58.910
So it's it is simpler to view my,
270
00:21:59.710 --> 00:22:03.170
my mind in another example, which is like anti impersonation.
271
00:22:03.550 --> 00:22:09.570
So I click on the profile. It it is, Lynn Alden, or that that's a display name.
272
00:22:09.995 --> 00:22:17.615
And then I would like to see the faces of the people I follow that also follow that AMP hub. And not But it's, like, a bunch of impersonators
273
00:22:19.195 --> 00:22:24.655
of the people you follow are all following the impersonator. Like, it's just impersonators following impersonators.
274
00:22:25.220 --> 00:22:29.080
No. No. Because it's, it's based on on me, basically. So
275
00:22:29.380 --> 00:22:30.040
I follow
276
00:22:30.420 --> 00:22:34.600
you, and you follow that and Pub, and so I see your profile there. Oh, okay.
277
00:22:34.980 --> 00:22:36.680
And this this way so,
278
00:22:37.060 --> 00:22:45.455
this is, I think, better because in some context, your opinion might be worth more or less than some other opinion. So for example,
279
00:22:45.755 --> 00:22:51.855
we might be talking instead of profiles. We might be talking about apps. For example, a great example is Zapstore,
280
00:22:52.235 --> 00:23:02.770
and Zapstore shows faces of the people you follow that also follow the signer of the app. So for example, if from those faces I see, let's say, MBK, and we are talking about,
281
00:23:04.030 --> 00:23:05.870
or Craig Roe, and we are talking about,
282
00:23:06.590 --> 00:23:18.285
Bitcoin Wallet, his opinion, in my mind, will wait more. But there is no way to, like, quantify that with a number or at least the client that doesn't know which opinion I have of those people.
283
00:23:18.825 --> 00:23:24.870
But there is no need to summarize that. We can just show the faces, and I intuitively would know who to look for
284
00:23:25.350 --> 00:23:39.850
without having to summarize that into one number. You just have to see faces, and I think it's more natural. And, also, it ties more in what people are used to do, like, in mid space. So, for example, when you don't know nothing about something, maybe about cars,
285
00:23:40.625 --> 00:23:42.885
you have no idea, like,
286
00:23:44.065 --> 00:23:51.125
yeah, maybe it comes to your mind that you have 3 friends that know about cars more than you do, but you don't think any numbers. You're thinking,
287
00:23:52.065 --> 00:23:55.205
what people should I ask for better advice or better,
288
00:23:56.580 --> 00:23:58.360
yeah, information about the topic.
289
00:23:59.140 --> 00:23:59.960
And so,
290
00:24:01.220 --> 00:24:05.220
yeah, that makes sense to me. I mean, we see that in a lot of centralized apps do the
291
00:24:05.780 --> 00:24:09.640
like, Twitter has that where you see the little pictures, and it's very intuitive.
292
00:24:10.465 --> 00:24:13.924
What are your thoughts on I it's kinda interesting. Right? Because there's
293
00:24:14.705 --> 00:24:15.184
there's
294
00:24:15.505 --> 00:24:21.825
and maybe it's also a product of the fact that Noster is so early, and it's so young in it in its life, but,
295
00:24:23.500 --> 00:24:27.520
there's a balance between how do you technically make something possible,
296
00:24:27.900 --> 00:24:35.440
how do you give a user sovereignty and and power over their own, situation, and then how do you display it to them in a
297
00:24:36.034 --> 00:24:36.534
relatively
298
00:24:36.835 --> 00:24:43.654
little friction way? Because if you add any kind of friction, if you add power user things right in front of someone's face in the beginning,
299
00:24:44.355 --> 00:24:47.174
they probably just won't even use the tool in the first place.
300
00:24:47.475 --> 00:24:49.475
But I'm curious. So what's your opinion on
301
00:24:51.850 --> 00:25:01.950
you know, in a perfect world and we're way down the line, it's like everyone already has, like, their social graph and stuff on Noster, and and it's a different situation. But as new people are joining,
302
00:25:02.250 --> 00:25:05.950
how do you how do we attempt to mitigate the impersonator problem,
303
00:25:07.215 --> 00:25:11.315
for that new person who's joining? Like, they they don't have a social graph yet.
304
00:25:12.655 --> 00:25:19.235
Yeah. This is a good question. Like, the bootstrapping problem if you're new and you come in and you don't know who to trust at the beginning
305
00:25:19.615 --> 00:25:20.275
at first.
306
00:25:21.760 --> 00:25:23.299
What you can use
307
00:25:23.760 --> 00:25:24.260
is
308
00:25:25.280 --> 00:25:30.740
some well, obviously, you're never going to use, followers count because that can be faked.
309
00:25:31.600 --> 00:25:32.100
So
310
00:25:32.559 --> 00:25:37.815
there can be for I I like the idea, for example, of proof of work keys as a first introductory
311
00:25:38.755 --> 00:25:40.455
step, but not necessarily in
312
00:25:40.915 --> 00:25:43.175
that way because proof of work keys are,
313
00:25:43.955 --> 00:25:47.015
the UX around them is terrible because you have
314
00:25:48.115 --> 00:25:50.295
identity creation. You have to commit energy
315
00:25:50.675 --> 00:25:54.029
to create that key that starts with a certain number of zeros.
316
00:25:54.570 --> 00:25:57.149
So that UX is terrible, but
317
00:25:57.610 --> 00:26:06.110
what it shows is that there are certain AMP apps that have more skin in the game, that verifiable skin in the game, and that is a good place for
318
00:26:06.495 --> 00:26:09.955
initial bootstrapping. So if you know nothing about who to trust,
319
00:26:10.975 --> 00:26:14.355
you can start, assigning some low level of trust
320
00:26:14.655 --> 00:26:18.115
of people that have skin verifiable skin in the game in
321
00:26:18.575 --> 00:26:21.235
in terms of these proof of work keys, for example.
322
00:26:21.890 --> 00:26:26.870
I I have a very pragmatic approach. I just use my pub key. It's, like, literally
323
00:26:27.490 --> 00:26:30.149
You use someone else's pub key? No. Literally mine.
324
00:26:30.450 --> 00:26:39.755
Like But I mean, obviously, you do. So if someone creates a new pub key They use your They pub. They it doesn't it doesn't have any followers. Yeah. So it just fetches
325
00:26:40.055 --> 00:26:47.880
my word of trust and uses my word of trust. Because I, like, I know that, like, they're already using my software. I know that I'm not fake.
326
00:26:48.500 --> 00:26:49.800
Like, I'm not spamming.
327
00:26:50.660 --> 00:26:58.120
So just that. It's it's, like, a very, very trivial approach. You know what'd be cool? Is is if you could create an invite link
328
00:26:58.995 --> 00:27:01.735
to Nostr that was based on your social graph.
329
00:27:02.275 --> 00:27:09.335
So you could be like, hey, like, Nostr, that you should join Nostr, and then you just send them a link and it's like it imports your followers.
330
00:27:10.195 --> 00:27:15.400
That'd be cool. I think isn't like Manny working on something like that? Meet Me on Nostr?
331
00:27:16.100 --> 00:27:21.000
Yeah. There are there are 2 two projects that I know of that are working on that. That's that's 1,
332
00:27:21.380 --> 00:27:36.225
Nostr dot me. It's it's also has like the same idea where, like, you set up the profile for Right. And you can, like, leave You even pick the relays and everything. Everything. Yeah. Yeah. The cool part with, like, the invite idea is that,
333
00:27:36.845 --> 00:27:37.825
you only need
334
00:27:38.365 --> 00:27:44.780
one connection before you start building your own social graph. Like, it is a little bit further removed. But if I only followed like Pablo,
335
00:27:45.480 --> 00:27:52.380
then at least when I compute my social graph, it will be one person, Pablo, plus all of his followers. So
336
00:27:53.320 --> 00:28:00.585
it scales really quickly, even with just one person. And then, so maybe that's like maybe that one person is just a friend that introduces you to Noester
337
00:28:00.885 --> 00:28:03.925
and they have at least a few followers. And, like, at least you start
338
00:28:04.725 --> 00:28:11.010
you just have to go a few more layers out on the web of trust to get a decent number of, like, reputable people, you might say, or not
339
00:28:13.090 --> 00:28:13.590
spammers.
340
00:28:14.210 --> 00:28:16.310
Yeah. That makes sense to me. So,
341
00:28:17.970 --> 00:28:25.030
Stewart and Hazard, you guys have been working on Blossom. Right? So Blossom is this this idea of of of trying to,
342
00:28:26.195 --> 00:28:32.455
tackle the the media problem from different angles, whether that's it could be any file, but, like, video,
343
00:28:32.915 --> 00:28:33.415
photos.
344
00:28:35.395 --> 00:28:41.880
We we're we're entering this world where you're gonna have more and more AI deep fakes, where you have more and more situations where,
345
00:28:43.060 --> 00:28:47.320
you don't know what's real. We're already kinda there in just like this post truth environment.
346
00:28:48.500 --> 00:28:50.360
So, I mean, I guess we'll we'll
347
00:28:50.980 --> 00:28:52.920
throw it over, to you, Stuart.
348
00:28:54.554 --> 00:28:56.975
The like, how do you think about webs of trust
349
00:28:57.355 --> 00:29:05.375
mixed in with something like blossom in terms of people because I think that's something that people can actually tangibly realize as a benefit
350
00:29:05.755 --> 00:29:12.060
early on, like, in the next 6 months to 12 months. Like, how is this is it is this video of Donald Trump real or not?
351
00:29:12.680 --> 00:29:14.540
Yeah. So so I think that, like,
352
00:29:15.000 --> 00:29:18.220
Nostra is a very weird, special, exceptional,
353
00:29:19.560 --> 00:29:20.780
instance where
354
00:29:21.485 --> 00:29:23.265
we have the opportunity to build
355
00:29:24.125 --> 00:29:25.105
data infrastructure
356
00:29:25.405 --> 00:29:27.265
on top of a social graph,
357
00:29:28.045 --> 00:29:38.380
and that's very backwards to normally how it goes when you try to create some type of network, particularly a peer to peer network, is you usually start with, like, you know, like, data infrastructure, like IPFS.
358
00:29:38.760 --> 00:29:43.980
But the problem with IPFS is that it's not a social network. There's no notion of identity of, like, credibility.
359
00:29:44.679 --> 00:29:58.995
And so it doesn't work because everyone connects to everyone, and and it's just slow, and it's unworkable. So noster is a weird thing where we've kind of, like, memed into existence a social graph sort of thing. So, like, it's enough now that we can build
360
00:29:59.855 --> 00:30:01.875
we can kind of leverage that to decide
361
00:30:02.390 --> 00:30:05.450
or, like, you know, to make possible certain things such as,
362
00:30:06.150 --> 00:30:13.130
like, if you want to host and precache people's data. Like so the thing that me and satellite, me and Hazard have been working on is
363
00:30:13.430 --> 00:30:16.970
I'm gonna I don't wanna just tell you guys. So we we've been building this, like,
364
00:30:17.655 --> 00:30:25.675
like, satellite.earth has just been a web client for a long time, but we're doing, like, a new thing that's like a desktop app. So the idea is is a bunch of edge devices
365
00:30:26.615 --> 00:30:30.395
that act as kind of like a deep web of Nostra,
366
00:30:32.690 --> 00:30:35.350
and each person's node, as it were,
367
00:30:35.809 --> 00:30:44.710
pulls in, scrapes and caches the data that you care about which is by default the data that's in your that you the people you follow. So blobs and events.
368
00:30:45.045 --> 00:30:48.185
So the kind of the high level view of this is
369
00:30:48.485 --> 00:30:49.785
you have clients
370
00:30:50.325 --> 00:30:57.705
the way I'm thinking about is you have like clients like, you know, like mobile apps or whatever like, Oracle or Primal or something. They are, clients of relays
371
00:30:58.279 --> 00:31:00.460
and their clients of Blossom servers
372
00:31:00.919 --> 00:31:03.260
for events and blobs respectively.
373
00:31:04.120 --> 00:31:04.620
But
374
00:31:05.480 --> 00:31:08.140
the question is, I think, is worth asking,
375
00:31:08.520 --> 00:31:09.580
what are Relay's
376
00:31:10.335 --> 00:31:10.835
clients
377
00:31:11.294 --> 00:31:18.674
of? What are blossom servers clients of? Like, where do they get data from? It would be cool if they could be a client of a deeper layer
378
00:31:19.135 --> 00:31:29.529
because right now the only the only the only way like, CDN blossom servers or events or relays get events is the only way they get data is if people blast data at them. So
379
00:31:29.909 --> 00:31:34.409
that kind of works, but it would be real it would be really nice if you could sort of, like,
380
00:31:34.789 --> 00:31:37.610
pull data up from a deeper layer
381
00:31:38.070 --> 00:31:56.130
and put it on a Relay or a blossom server to blast it to clients. And that way clients don't have to do with crazy peer to peer stuff. But that wouldn't have been possible to do that without this web of trust because if you didn't have a notion of people who weren't spam, you couldn't have this nice thing of edge nodes that automatically pulled stuff in because you'd be pulling
382
00:31:56.750 --> 00:31:59.090
in giga terabytes of garbage constantly.
383
00:31:59.470 --> 00:32:16.055
So that's a very concrete example, actually, I think. And, yeah. Blossom is you you talk about it, Hazard. You know more than me. I mean, there's, like, implementation side of it, which is more technical, but I'd say, like, the core of the Blossom idea or the idea of my my goal with Blossom was just,
384
00:32:16.695 --> 00:32:37.254
when you start signing hashes of the files. But the file no matter how the file gets to you, like, it can come over HTTP. It can come over torrents. It can come over IPFS. It can come over anything. But we need a unified hash, and we need to sign the hash in the note. Because otherwise, if you don't sign it, you don't know what you're getting. Yeah. And that that that unified hash is effectively an interface.
385
00:32:37.715 --> 00:32:40.294
It's an interface to blobs that apps that encapsulates
386
00:32:40.674 --> 00:32:54.200
the insane complexity of peer to peer stuff. And that is why, like, it's, like, super smart not to start with the peer to peer stuff, but, like, some notion of federation like Mastodon has is pretty cool as long as clients don't have to interact with it. You know?
387
00:32:54.740 --> 00:32:59.480
As long as it's like hidden under this little layer of the blossom spec and no and in IP01.
388
00:32:59.780 --> 00:33:21.730
Yeah. And the cool part is like to bring it back to, like, Webber Trust is it's kind of the same thing with a Webber Trust and a social graph is because you can't connect to the entire Internet, because you can't plug into the entire Internet, you need a starting point to know, like, what do I actually not what do I want to plug into, because that's the user's decision. But what do I plug into for the user? What is the user's
389
00:33:22.190 --> 00:33:27.810
starting point for what they find valuable? And that maps onto a whole bunch of stuff, like event transmission,
390
00:33:29.425 --> 00:33:37.445
or like blob storage, file storage, or even just like recommendations or anything else like that. So where do you if you can't plug into the entire internet, where do you start?
391
00:33:41.440 --> 00:33:42.900
But so you have
392
00:33:43.600 --> 00:33:56.515
with the with the hash, the hash is is to be able to validate integrity of a file, basically. Right? So you have this hash, and you're able to see if it's changed over time. The signature is essentially an attestation
393
00:33:57.055 --> 00:34:01.235
by a specific end pub or whatever saying, this is the file.
394
00:34:02.015 --> 00:34:03.795
And then on top of that,
395
00:34:04.575 --> 00:34:05.635
there is presumably,
396
00:34:06.095 --> 00:34:13.400
there could be many people that are just changing that file and then resigning it themselves with a different hash because they changed the file.
397
00:34:13.700 --> 00:34:17.400
So then you would you would need some kind of web of trust that's like,
398
00:34:18.420 --> 00:34:32.884
this is like the actual this one is the real one, and this one's the modified one. Right? The cool part with the hashes is, I mean, you can't unless you find a hash collision, you can't fake the hash. So Right. What you get, as long as you can get it, is what you're looking for.
399
00:34:34.305 --> 00:34:37.365
The way the web of trust were maps onto this is
400
00:34:37.984 --> 00:34:39.204
how do you get it?
401
00:34:39.579 --> 00:34:43.920
That's the difficult part. Because again, like, if you have this file identifier, if you have this
402
00:34:44.220 --> 00:34:46.960
this unknown file that you want, so let's say it's like a
403
00:34:47.339 --> 00:34:49.040
10 gigabyte movie or something,
404
00:34:51.099 --> 00:34:55.075
like, how do you find it? It's on the Internet. You can't plug into the entire Internet.
405
00:34:55.375 --> 00:34:55.875
So
406
00:34:56.655 --> 00:35:01.714
I found, like so if I it came from you or it came from a podcast or it came from somebody one of somebody I follow.
407
00:35:02.655 --> 00:35:09.500
As I mentioned before, like, the web of trust kind of signaling where you start plugging in, it can do the same for fetching data.
408
00:35:09.800 --> 00:35:18.620
Similar to how we fetch events where you just you're like, I'm looking for this file. I have no idea where it is. So instead of searching the entire world, I can start with my web of trust.
409
00:35:19.000 --> 00:35:25.385
And even better if I knew who the file was from, but I can start with my web of trust, and that narrows down, you might say, like, the search space
410
00:35:25.765 --> 00:35:29.305
for trying to find that one hash or that one file. It narrows it down considerably
411
00:35:29.924 --> 00:35:34.025
than trying to, like, you know, start pinging every single file server on the internet.
412
00:35:35.190 --> 00:35:41.770
So so just to give more perspective, this maps into the the outbox model because it's the same idea of,
413
00:35:42.150 --> 00:35:48.010
I want to see your Stu's notes, to which really should I talk to to get his notes.
414
00:35:48.470 --> 00:35:50.525
For this is, I know that
415
00:35:51.224 --> 00:35:52.444
that that has our published
416
00:35:52.744 --> 00:35:54.845
file with this hash ID.
417
00:35:55.145 --> 00:36:09.560
From what from what blossom server should I get it? I will query for the list of blossom servers that he uses. And now instead of having to just randomly query a bunch of different servers for this hash ID, I go to one of these 3,
418
00:36:10.340 --> 00:36:12.680
blossom servers that he uses. And
419
00:36:13.140 --> 00:36:14.265
one cool thing is,
420
00:36:15.625 --> 00:36:17.964
you uploaded, a file to
421
00:36:18.265 --> 00:36:20.365
to, one of your Blossom servers.
422
00:36:21.144 --> 00:36:22.525
He wrote a blog post
423
00:36:23.224 --> 00:36:30.460
linking to that file, explicitly linking HTTP blah blah blah, linking to that file. And that that blossom server, he deleted the blossom server.
424
00:36:30.760 --> 00:36:37.100
So now that that that blog post that he wrote now has a missing file. It the the link is broken.
425
00:36:38.280 --> 00:36:49.715
But now you can query for the blossom list that he uses and you can fix the the link. And it it when you do it for the first time, it's like it's magical. Within a second,
426
00:36:50.015 --> 00:36:51.475
you see you get a 404
427
00:36:51.855 --> 00:37:00.490
or whatever. Like, you cannot connect to the server. And you go to the next server, query for the same hash ID, and you get the file. And it's super magical.
428
00:37:01.030 --> 00:37:01.530
Beautiful.
429
00:37:01.990 --> 00:37:02.870
Guys, we have,
430
00:37:03.750 --> 00:37:21.455
a few minutes left. Let's, just wrap it up with some final thoughts. We'll start with you, Stuart, and move down this way. Well, to wrap it up, I I like to think of Nostra as like the hydra, like the mini headed snake. You know what I mean? Like, you chop off one head and like a 1,000 more just like pop up. I think that's what is
431
00:37:22.555 --> 00:37:23.855
kind of, you know,
432
00:37:24.460 --> 00:37:27.280
the model that we should use to think about resilience
433
00:37:27.740 --> 00:37:28.480
is that
434
00:37:29.020 --> 00:37:30.160
there has to be
435
00:37:31.020 --> 00:37:32.000
some sort of
436
00:37:32.700 --> 00:37:38.720
base level from which all these snakes spring up, like whack a mole. You know, so like like Pirate Bay in 2010
437
00:37:39.265 --> 00:37:42.305
during the golden era of getting their domain name,
438
00:37:42.785 --> 00:38:02.230
deleted by the government over and over and over again was the fact that they just had a giant database of torrent files and those torrent files were just metadata that referred to a bunch of stuff. So as long as it exists on one person's computer, it can always, like, spring up and you can upload it very quickly to as many blossom servers and as many relays as you want. So,
439
00:38:03.885 --> 00:38:07.985
Yeah. Gnostr is fundamentally an unkillable, un undeletable medium
440
00:38:08.445 --> 00:38:11.345
and the rest the other problem is,
441
00:38:11.725 --> 00:38:18.865
just how to deliver that data. But fundamentally, I I'm extremely bullish on Gnostr because I sort of suspect that in, like, the
442
00:38:19.280 --> 00:38:20.180
kind of like,
443
00:38:21.520 --> 00:38:29.300
post truth era of not really being sure what's real, the ability just simply being able to digitally sign something at all
444
00:38:30.079 --> 00:38:31.540
and refer to
445
00:38:31.920 --> 00:38:33.060
some type of
446
00:38:33.815 --> 00:38:35.835
source of signal about whether or not
447
00:38:36.215 --> 00:38:43.915
this is real is going to move probably move the needle more than anything else. Especially, you know, like, when AI impersonation becomes like more widespread,
448
00:38:44.455 --> 00:38:46.715
you know, people are going to like can absolutely
449
00:38:47.095 --> 00:38:57.480
freak out when you see, like, a video of yourself or something on the Internet, and it's, like, how do you know? So, like, the this this digital signature thing is, like, a safe harbor in that storm,
450
00:38:57.859 --> 00:38:58.099
and,
451
00:38:59.220 --> 00:39:02.119
that that's probably gonna drive a lot of people in Austria, I think, personally.
452
00:39:03.165 --> 00:39:03.665
Yeah.
453
00:39:05.245 --> 00:39:18.430
Yeah. Yeah. That that part is super important. Like, knowing not not what's real because that's too much, but knowing who said what. That that's good enough for most things, and I would say that the fact that we are moving towards
454
00:39:18.890 --> 00:39:21.150
I think we are moving towards a world in which,
455
00:39:21.849 --> 00:39:27.550
as Odell says often, like, the post truth world where you don't you don't have to have consensus
456
00:39:27.930 --> 00:39:30.750
of what's real. You kinda come to
457
00:39:31.425 --> 00:39:31.905
your,
458
00:39:32.305 --> 00:39:35.685
understanding of what is real, what is truth, what is
459
00:39:36.145 --> 00:39:42.485
coherent with your vision and that of your community. And, yeah, the social graph is is a tool that we can use,
460
00:39:42.785 --> 00:39:44.305
very, very powerful, and,
461
00:39:45.279 --> 00:40:06.425
we no one was able to use such a tool before because it was only developers of the comp of social companies that have the ability to use it. So, obviously, with the such a power comes also the responsibility that we can do and should do should build something which is better and more sane than the world we are living, and this comes from,
462
00:40:07.525 --> 00:40:09.385
establishing principle that
463
00:40:09.765 --> 00:40:23.050
makes sense in the context of the post truth world where you don't go out and tell others what they should believe, but you give them tools so that they can decide for themselves what to believe, what to think, what to what to,
464
00:40:23.590 --> 00:40:24.090
yeah,
465
00:40:25.030 --> 00:40:25.850
what to think.
466
00:40:27.670 --> 00:40:28.550
Yeah. Like, that's
467
00:40:29.595 --> 00:40:37.535
I don't think I can extend that. Like, the only thing I gotta say is is that, we built there has been a lot of crazy experimentation
468
00:40:37.835 --> 00:40:39.295
done in the
469
00:40:39.675 --> 00:40:45.980
past. I mean, I for me, I've only been here, like, a year or 2, but supposedly, there's a lot of crazy stuff being built before that.
470
00:40:46.440 --> 00:40:56.620
I remember the early clients, but there's a lot of crazy experimentation being done. There's a lot of even the cryptographic stuff will work that's being used on the network. It's crazy that users are actually using cryptographic keys on the Internet now.
471
00:40:56.920 --> 00:40:59.475
But I think the craziest part is, like, we
472
00:41:00.495 --> 00:41:03.635
we finally have an open social graph on the Internet.
473
00:41:04.015 --> 00:41:05.155
We finally have
474
00:41:05.855 --> 00:41:15.610
data that nobody owns that is extremely valuable, and that applies to so much more than social. Like, maybe it's not a trust, as you said. Maybe it's not it's not strictly trust,
475
00:41:15.990 --> 00:41:25.770
but it's a starting point that can that can start like I said, in the era of where, like, the AI is just gonna start flooding the Internet with so much either misinformation or just
476
00:41:26.070 --> 00:41:28.010
noise, it's a starting point
477
00:41:28.674 --> 00:41:34.934
to start browsing the internet again instead of trying to filter all the noise out. And that's going to be it's going to be huge.
478
00:41:36.355 --> 00:41:38.755
Yeah. To to to that point, I I think the,
479
00:41:40.035 --> 00:41:49.020
navigating the Internet via will of trust will be it's kinda why it's titled like this, the the talk. It it will be the only way of making sense of things because as
480
00:41:49.400 --> 00:41:53.960
like, AI is such a perfect forcing forcing function to to adopt these,
481
00:41:54.520 --> 00:41:55.260
these schemes.
482
00:41:56.375 --> 00:42:00.315
It it it there will be no other way. It it simply will not make sense
483
00:42:00.775 --> 00:42:09.115
to consume data that is not signed. Like like, in 50 years, they would be like, what do you mean the Internet was not signed? Like, what the fuck are you talking about?
484
00:42:11.069 --> 00:42:14.690
Damn right. Thank you all. Can we get a huge round of applause for these gentlemen?
Join the Email List
Listen On
New to Citadel Dispatch?
Sept. 7, 2022
CD75: Privacy, Speech, and Bitcoin with Adam Back
EPISODE: 75 BLOCK: 753062 PRICE: 5258 sats per dollar TOPICS: tornado cash sanctions, crypto wars of the 90s, code is speech, anonymous contributors, liquid, fedimints, confidential transactions, mining Adam on Twitter Full T...
Nov. 9, 2021
CD43: bitcoin for beginners with @BitcoinQ_A
support dispatch: https://citadeldispatch.com/contribute EPISODE: 43 BLOCK: 708970 PRICE: 1501 sats per dollar TOPICS: bitcoin for beginners, acquiring bitcoin, tradeoffs, dangers of KYC, holding your own keys, using your own...
July 20, 2021
CD31: getting started with bitcoin mining with @diverter_nokyc, @econ…
EPISODE: 0.3.1 BLOCK: 691887 PRICE: 3373 sats per dollar TOPICS: getting started with bitcoin mining, power, heat, noise, being good to your wife, internet, renting failed subway sandwich locations for mining, hosted mining o...