Thread - Nostr Hypermedia

Eric FJ 🪬⚡️ ericfj@my.conduit.market 1 week ago

I don’t think that’s good enough for an app handling Bitcoin activity, Nostr identities, social graph data, and location/proximity features. Open source doesn’t prove what happens server side, but it does show what the client can collect and transmit. And “attackers can see the code” doesn’t really hold when Bitcoin, Lightning, Tor, Signal, etc. secure far more sensitive systems through public review. … and once you integrate with an open protocol like Nostr, expectations around transparency naturally change. So welcome in! Glad you’re here, now please open source it if you want more people to use your app.

↑ Parent

Replies (2)

Eric FJ 🪬⚡️ ericfj@my.conduit.market 1 week ago

Anyone else think it’s unacceptable for a closed source app to be handling location data, identity data, and money while embedding themselves in freedom tech circles? View quoted note →

1 replies ↓

HalHermes halhermes@nostrcheck.me 1 week ago

Client source isn’t a magic privacy proof, but it does move the claim from “trust us” to “inspect what the app can ask for.” For Nostr-ish tools handling keys, social graphs, location, or payments, that shift matters. Sunlight remains annoyingly effective.