Sharing some wireframes I made for Keydex here, mostly because @daniele asked to see them but I figured why not share them publicly. They have a watermark because I am using the trial version of the design software 😬 https://blossom.lorentz.is/938d7eabe684ee5a529f7a7d78feee31f0259d6ed674601baa4ba04cb3fa50e5.pdf Thanks for the feedback on these @hodlbod, @daniele, and @BitcoinWalk!

I’ve been noodling on my OpenSats projects and one thing I wanted to hear people’s thoughts on is the idea of lightly encrypted groups vs. relay-based groups. And by lightly encrypted I mean that all group data is encrypted with a shared key that gets rotated, but without end-to-end encryption, forward secrecy, post-compromise security, and all the fancy stuff you get with MLS. Basically the unmerged NIP-87 (

GitHub

Add closed communities by staab · Pull Request #875 · nostr-protocol/nips

This is an attempt at superseding #706 and incorporating existing NIPs for community definitions and member lists. The design is worse in many ways...

I know this idea has been discussed a lot, and I have been pretty convinced that NIP-29 made the most sense for the most groups. I also know MLS groups are in the works, but they have a lot of downsides. So a few things over the past month are making me reconsider. The main one was talking to @n1.g1.n1 from @Socialroots who makes a good argument that groups should be a first class citizen on Nostr. This would enable groups of groups and potentially other innovations like putting the group master key in a FROSTR cluster. It also helps enable forkable groups and groups migrating between relays / sets of governing rules. (Great article from SocialRoots about their full vision https://www.socialroots.io/intimacy-gradients-the-key-to-fixing-our-broken-social-media-landscape/) Another factor is that people keep asking me if groups are going to be encrypted in my new client and I don’t like saying no to that 😅. Even though I think the confidentiality guarantees of NIP-29 are good enough for most groups - that’s not what people want to hear. I used to think that getting a bunch of Nostr clients to all implement key rotation the same way was too much to ask, and I still think MLS is overkill for medium to large groups. But if you allow some privileged software to run with some kind of group admin key to do the rotation (an allowance that NIP-29 already makes) then it hugely simplifies the complexity for client developers and now you can say the magic word ✨encryption✨. I also feel like I missed out a bit on the debate between these when it happened. What do you think?

Today I discovered

Frame0 ― A sleek Balsamiq alternative for wireframing

Frame0 ― A sleek Balsamiq alternative for wireframing

Frame0 is a sleek Balsamiq alternative wireframing tool for modern applications.

for making quick wireframes. I used to love Balsamiq but the desktop app has been discontinued. If you've never worked with this type of barebones wireframe before they are so valuable for getting feedback on high level UX without digressing into discussions about the size and colors and exact placement of things. When people see the handwritten font their brain switches into a different mode.

I've finished my first round of interviews for Keydex and they were so enlightening. I'm so addicted to user interviews now, I don't understand how I made so much software without them. The top insight from this round was clarifying the different use cases for Shamir's Secret Sharing. Here's what I came up with: - inheritance planning - corporate secret management for ultra-sensitive values i.e. root passwords - border crossings - web3/crypto/Nostr key backup The most interest by far was in the inheritance planning use case. People have some digital stuff they want to pass on, but don't want it sitting in plaintext in the hands of (generally very normie) friends and family. Keydex will work for all cases listed above but I'm going to keep the inheritance use-case top of mind while developing. Which already invalidates some of the design work I did last week. I was going to make a fun retro/gamey UI, but now I'm going to shift towards something more calm and reliable.

I'm looking for folks to interview for the new app I'm working on. If you've ever needed to back up some sensitive data (passwords, crypto wallet key, "legacy planning" docs) but didn't just want to print it out and hide it then I'd love to talk to you. Just let me know here and I'll be in touch:

Keydex Product Interview Signup

Hey I would love to ask you some questions to help inform my work on a new project. Fill in this form and I will contact you to set up a 30 minute ...

@npub1nstr...rg5l are you still planning for another Nostr gathering this year?

Today I'm workshopping a name for my social key backup tool. (It will allow you to encrypt some data, passwords, nostr key, crypto wallet, last will and testament, etc. to a specific list of people. Each person gets an unreadable piece and they must agree to reassemble the data in case you lose it or die.) I had the idea to use the Pokedex from Pokemon as UI design inspiration for the retro/nerdy vibes. I'm thinking of the name Keydex to go with it. Thoughts, reactions?

Good read on how you can use a CRDT to manage an access control list for a group or other resource:

Notes on building a convergent, offline-first Access Control CRDT ~ p2panda

p2panda recently published the first release of p2panda-auth, a convergent, offline-first CRDT (Conflict-free Replicated Data-Type) which helps man...

I am still loving Kagi.com. I don’t even use any of the advanced features, just search. Also @Kagi just straight up has a Nostr account? Rad. View quoted note →

I'm thrilled to share that I'm receiving an OpenSats grant to work on social key backup and a new Nostr groups/communities app. I'll be building both in the open and this account will probably get filled up again with posts about that work. I think one of the primary things the world needs right now is to move our social sense-making out of big social media platforms and back into community spaces that reflect our values. I'm so blessed to have the opportunity to chip away at these social/digital problems for a while longer. My intention is always to build in solidarity with folks who need these tools most. If you're interested in using these sorts of tools and want to help - I'd love to do an interview with you! Send me a DM or reply to this note and I'll be in touch.

Good thread on some of the pain experienced by new Nostr devs, and also a good response of why things are the way they are. TLDR; Loose governance is not very meritocratic, and stronger governance is generally not either 🙃 Personally I’d love to see (maybe found?) a NIP consortium/collective/co-op some day, but I don’t think it’s time yet. View quoted note →

I had a great time at DWeb camp last week as always. I sat on an "Open Social Web" panel as the Nostr representative and I think what I had to say about Nostr was generally well-received alongside Bluesky and Mastodon. People were mostly drawn to the loose governance and the scrappy "good enough" approach to protocol design. But, like last year, it still feels like the energy folks have for "social media" as we typically think of it has been completely sucked out of the room. Few people are interested in putting more energy into some public virtue-signaling town square. I think Nostr has an advantage over Mastodon in Bluesky in this area because it really does have the most non-microblogging experiments going on, and the protocol is the friendliest to encrypted private spaces.

The iOS 26 release date is less than a month away, and Apple is making big changes this year with the introduction of the Liquid Glass design system. I'm available for last-minute contract work to help you get your app ready. Whether you just want to make sure nothing breaks, or are looking to refresh your entire UI alongside Apple, I can help you make a smooth transition!

In the future all food will be made with a microwave, and if you can't deal with that then you need to get out of the kitchen.

In the Future All Food Will Be Cooked in a Microwave, and if You Can’t Deal With That Then You Need to Get Out of the Kitchen – Random Thoughts

I really feel like I'm missing something about Cashu. @calle calls it digital cash, but you are reliant on a bank (mint) to cash out. They say it works offline, but it doesn't really because it doesn't prevent double-spending offline. This makes it a glorified IOU tracker, right? Privacy-preserving IOU tracker is cool, and a network of banks that used them would be even cooler, but calling it offline digital cash seems totally disingenuous to me. Tell me why I'm wrong? View quoted note →