Last Notes
14 WoT relays good to go sir
wss://wot.utxo.one
wss://nostrelites.org
wss://wot.nostr.party
wss://wot.sovbit.host
wss://wot.girino.org
wss://relay.lnau.net
wss://wot.siamstr.com
wss://wot.sudocarlos.com
wss://relay.otherstuff.fyi
wss://relay.lexingtonbitcoin.org
wss://wot.azzamo.net
wss://wot.swarmstr.com
wss://zap.watch
wss://satsage.xyz
Thank you everyone for doing your part fighting spam on nostr
Interesting. Probably the attestation can happen as optional step after following the user, and be included in the follow list (kind 2). This would make the adoption easier.
Probably when name and display_name differ, and the client shows only display_name.
In this case NIP-05 functions as a name substitute.
Helping, fixing and serving represent three different ways of seeing life.
When you help, you see life as weak.
When you fix, you see life as broken.
When you serve, you see life as whole.
Fixing and helping may be the work of the ego, and service the work of the soul.
-- Rachel Naomi Remen
from the "The will to live & other mysteries"
Here we often call it "building".
Let's do it.
Interesting approach, but it seems resource intensive (calculate images hashes or similarities for all the social graph is heavy) and I suspect it can be quite fragile. Probably WoT is quicker and safer. Btw, NIP-05 is not involved here, even if it can be used to compose the final score.
Uh, nostr-wasm makes a difference
I know it is for identification, except for rare cases, in fact few weeks ago I updated NIP-05 to clarify that.
And that is precisely why there is no point in showing it everywhere, especially if it is invalid. The point is to simplify the interface (I know, I won you over here, haha) and avoid exposing a detail that is unnecessary and may indeed be confusing.
Intead in the profile, with a proper explanation, it can be useful to debug misconfigurations or have a clearer idea about what the profile is trying to do.
What is this impersonator tag?
https://github.com/mikedilger/gossip/blob/master/filter.example.rhai
- - - - - -
This is a sample spam filtering script for the gossip nostr
client. The language is called Rhai, details are at:
https:rhai.rs/book/
For gossip to find your spam filtering script, put it in your
gossip profile directory. See
https:docs.rs/dirs/latest/dirs/fn.data_dir.html
to find the base directory. A subdirectory "gossip" is your
gossip data directory which for most people is their profile
directory too. (Note: if you use a GOSSIP_PROFILE, you'll need
to put it one directory deeper into that profile directory).
This filter is used to filter out and refuse to process incoming
events as they flow in from relays, and also to filter which
events get displayed in certain circumstances. It is only run on
feed-displayable event kinds, and only events by authors you are
not following. In case of error, nothing is filtered.
You must define a function called 'filter' which returns one of
these constant values:
DENY (the event is filtered out)
ALLOW (the event is allowed through)
MUTE (the event is filtered out, and the author is
automatically muted)
Your script will be provided the following:
caller - a string that is one of "Process", "Thread",
"Inbox" or "Global" indicating which part of
the code is running your script
content - the event content as a string
id - the event ID, as a hex string
kind - the event kind as an integer
muted - if the author is in your mute list
name - if we have it, the name of the author (or your
petname), else an empty string
nip05valid - whether nip05 is valid for the author, as a
boolean
pow - the Proof of Work on the event
pubkey - the event author public key, as a hex string
seconds_known - the number of seconds that the author of the
event has been known to gossip
spamsafe - true only if the event came in from a relay
marked as SpamSafe during Process (even if the
global setting for SpamSafe is off)
All clients flag a NIP-05 in some visual way if it is invalid. This can happens for a misconfiguration but more frequently when someone try to impersonate. The problem is that this "flag" (e.g. green/red icon, open/closed lock) is not always obvious, also because it is often next to the profile picture, and newcomers may be confused and deceived. Moreover, an incorrect NIP-05 does not always correspond to spam/scam, so it cannot be further highlighted.
Best pratice proposal: just hide invalid NIP-05s in feeds and threads, and show them only in the profiles, with a proper description of the problem.
#nostrdesign
Of course, in fact it is used for identification.
Gossip + Spam filter by rhai script = Relief & Zen mode
Terrific feature @npub1acg…p35c
@npub17nd…950x nice brand placement
https://image.nostr.build/ac08253690edc7563070237183b0055593398fe880b13771edd32a2cd4160225.png
Yes, it's a surreal mess.
Coracle and Vojage for sure, I am trying to find out if there are others.
Which client has a WoT filter?
Which client has a WoT filter?
The next step in the spam attack: "catch-all" domains to produce valid NIP-05s. Be ready.
Just a reminder that NIP-05 does not verify.
Yesterday I saw a thread with replyguy replying to Will's GPT AI. It's spam bots all the way down.
Any client without a life-saving WoT filter is doomed. And it should be forbidden to suggest one to a newcomer.
Really good post.
Except for not using additive notation 😄
Digital signatures and how to avoid them
https://neilmadden.blog/2024/09/18/digital-signatures-and-how-to-avoid-them/
I'm quite busy right now, but If you can't find anyone else feel free to ping me :)
Some adventurous designer out there? #asknostr #nostrdesign
#nevent1q…zv37