"Your Keys, Your Content, Your Rules" That's the pubky tagline. Now here's what the ToS actually says: > "you hereby grant to us a non-exclusive, royalty-free, transferable, sublicensable, worldwide license to host, use, distribute, modify, run, copy, publicly perform or display, translate and create derivative works of your Content" Sounds word-for-word the same content license Facebook, YouTube, and TikTok use. Here is Meta/Facebook's: > "you grant us a non-exclusive, transferable, sub-licensable, royalty-free, and worldwide license to host, use, distribute, modify, run, copy, publicly perform or display, translate, and create derivative works of your content"

From the Pubky ToS: > "You understand and agree, however, that we may retain, but not display, distribute, or perform, server copies of your Content that has been removed or deleted." When you delete your content on Pubky, Synonym keeps a copy. They just won't show it to other users. It's still there, on their servers, indefinitely. Or it's at least vague enought to suggest that. They don't say how long they retain it. On Nostr, a deletion is a kind 5 event. Now, relays can honor it or not, but the point is the deletion command comes from *you* and is cryptographically yours, and you can choose relays that honor it. No company is holding a "retained" copy because no company is in the loop. On Pubky, you can't remove Synonym from the loop. They keep your content, with no timeline given to expiry. Just retained.

This one was a head spinner. > "Synonym has the absolute right (but not the obligation) to prohibit, refuse, delete, move and edit Content for any reason, in any manner, at any time, without notice to you" Keyword 'edit'... They reserved the right to edit your content. Every post on Nostr is signed by your private key. If anyone, a relay operator, app developer, man-in-the-middle, changes even a single character, the signature breaks and the note is invalid. Editing is cryptographically impossible without your key. No policy. Just math. Pubky's 'protection' against content manipulation is a Terms of Service clause while nostr's is cryptography. These are not equivalent.

From the Privacy Policy: > "We use a third-party SMS verification service to send one-time codes to your phone number. During this process, we collect: Your phone number (stored in hashed form), Your IP address, Your device user-agent" To join a "decentralized, sovereign" platform, you hand over your phone number to Synonym and to an unnamed third-party SMS provider, along with your IP address and device fingerprint, before you've made a single post. Hashed phone numbers are not anonymous. They're trivially reversible if you already know or can guess the number, which is easy when the space is only 10 digits. Nostr onboarding is simple; open any client, generate a keypair, start posting. No phone number. No IP logged against your identity. No third parties. Nothing.

This is the most cynical part of the whole document. From the Privacy Policy: > "Due to the decentralized nature of the Platform, any information that you upload to the Platform may be shared in different locations and different servers. This may include servers not controlled or maintained by Synonym." And from the ToS: > "We cannot promise that your use of our Platform will be completely safe... due to the decentralized nature of the Platform, any information that you upload may be hosted on servers not controlled by Synonym." They invoke decentralization exclusively to disclaim liability for where your data ends up. Not to protect you. Not to give you control. To cover themselves legally when something goes wrong. Meanwhile they require your phone number, log your IP, use cross-device tracking, and retain deleted content. The decentralization is load-bearing only in the liability disclaimers. On Nostr, decentralization is the actual architecture. You pick your relays. You control what you broadcast. There's no company invoking "decentralization" as a legal shield because there's no company. The protocol is the protection.

The ToS footer and the Pubky landing page both say it plainly: **Synonym, a Tether company.** Tether. The most opaque, trust-us centralized entity in the entire crypto space. The one that for years refused audits. The one that prints the most widely used stablecoin with the least transparency about what backs it. That's the parent company of the platform that wants to replace Nostr in the name of user sovereignty. The ToS is governed by the laws of England and Wales. The entity is incorporated in El Salvador. Tether is registered in the British Virgin Islands. You are wherever you are. Good luck.

Pubky is a Web2 platform with a decentralized protocol underneath it. The protocol may be open. The flagship application, the one they're actually pushing, the one with the invite codes and the landing page, is as legally encumbered as any big tech platform we all left behind. The tagline says "your keys, your content, your rules." The ToS says Synonym can modify, sublicense, and create derivatives of your content, retain it after deletion, edit it without notice, and make you arbitrate any complaint in London. One is marketing, the other is law. No, nostr isn't dying. There is no Terms of Service or Privacy Policy. That's the point. It's a truly open protocol, without permission.

slop

I'd say the same about the mentioned documents. Is this thread wrong?

The code is all open source and can be run or forked by anyone. App products have to follow laws, if you find something in our ToS that is beyond the minumum boilerplate required, please specify that part and I will check whethe removing it is actually possible. You think i give a fuck about ToS or any compliance personally? No. But businesses must follow laws, which is why we build the stuff we build. Stop being a hypocrite to your own values and learn something new. Every service has terms.

you missed the point. Nostr runs without any business entity required. Build without permission.

We can't legally provide the features we provide without having these rights. Your protection in Pubky is you decide where your data lives at all times, and, soon, app keys. It's nonsense to try and discredit the most abstracted open source protocol ever made.

lol this is so naive ... wtf do you think a relay does? an app store app? a website? these are all products and services that require following similar laws to exist. you think relays scale? lol

I've never granted a relay a "non-exclusive, royalty-free, transferable, sublicensable, worldwide license to create derivative works of my content."

If I decide where my data lives, why does Synonym retain content I decide to delete?

Where is Synonym's production bucket configuration? There seems to be no public record of how your GCS bucket is configured. versioning on or off? lifecycle rules? backup policies? The only public artifact I can find is the application code, which hands off to GCS with just a bucket name and a credential, and then whatever Synonym configured in the Google Cloud console is completely invisible.

fuck off glownigger, go over to your precious pubky

"edit without notice" 🤣 Alex can I have Things That Are Impossible on Nostr for 1000?

Treasure trove in the replies 👇👇

sounds like a meta joke

So tired of all these lying fiat-pilled carpetbaggers coming here to sell their centralized widgets. Go push that crap on LinkedIn.

2 minutes of audit gave me the creeps nevent1qgszj8r4mym6ghmx5ysflr4xvywlw3yvtxe4yefqcek29nwdxlcml0sqyrk53j2ve3wywv8r8qsy64pwqrcszmnrke4zxewhgqu44e2mj24275aazk2

Your mistake was thinking you can build a business with decentralized tech. You are as decentralized as Ethereum and your business is the Foundation.

Pubky slogan: “Your keys, your content, your rules. Terms and conditions apply.“ Nostr slogan: “GFY.”

Correction. It's Prelude lol

So fukn retarded

Lol you are so cool be my friend

wtf are you even talking about? we are giving free R&D to the world as open source freedom software, stop thinking everything is like Bitcoin, thats fukn dumb stop acting like some retarded nostr defender white blood cell, youre a useless moron pretending to know things you dont know anything except being a fukn sheep, go eat some grass

when people find reasonable questions about your open-source code you seem to disparage them instead of address anything. Also, why is Synonym's production GCS bucket configuration not public? Is it? Point me to it?