Nostr became popular because of "dumb" relays, Nostr using centralized gate-keeping relays defeats the original ethos of Nostr, and just makes it a very bad protocol (due to all its issues) to use for such purposes. I fully understand the desire to have a Facebook-style locked down experience, the way to do that is not through filtering on who is allowed into a relay, but what a client decides to load. Nostria does client-side filtering for threads, there is no problem doing a filtered query that relies on your following, or following lists - which will give you partially what you're after, though doesn't stop anyone from seeing the posts and photos. I could implement a following list with a known "d" tag which is your approved Friends list - which you populate only from friend request DMs. I built a social network on decentralized web nodes (Web5) a couple of years ago and that relied on an incoming friend request event. I might just implement this in Nostria when I think of it. Nostr is not a privacy protocol, some people believe that. It's an extremely leaky protocol and there is nothing anyone can do about that. It's a decentralized and distributed protocol. X became popular because it reduced the jumps from you to anyone in the world, to 1. You could engage directly with anyone without needing to be "accepted" first. You could get response from people who you found interesting, people who you normally would never be able to get access to. I wrote a lot about this in a blog years ago. It is the primary difference between X and Facebook. This is also why Nostr became popular, developers could build code that published events without anyone needing to accept them first. Nostr would never be where it is today, without this. NIP-42 (Auth) came almost a year after the protocol was first announced by @npub180cv...h6w6. NIP-70 (Protected Events) just two years ago. NIP-70 is just a tiny little hack to reduce spreading events to the major relays, it doesn't add any real privacy or protection. Anyone with access to that relay can in a few minutes publish everything to the public. As as you mention, it's not really possible to do private on Nostr and if people want that, they should use something else. Implementing a new protocol based upon Nostr identities for this purpose, can be a very good idea and is fully possible to do. This can be solved on the client and that's the only place it should be solved. Attempting to solve this on relays is going down the wrong path, it's attempting to use bad tools to achieve a goal. Pure spam is a different topic and relays need to fight that, and it's a hard challenge. The person responsible for fighting spam on X has basically capitulated few days ago and said from now on we're all toast. Just as you can't stop anyone from talking about you in their own home, you shouldn't think about stopping someone from commenting on your posts, instead the mindset should change towards not retreiving those events to begin with. You can ask the relay to not get what others are saying about you, or to you. It's like avoiding going into your neighbor's house if you don't want to hear what they have to say about you. You can choose to not go there, but you can't stop them from talking about you in their own home (I don't consider each home to be a relay, but a relay is the neighbourhood or the world, we share the space, just as we share the space on a relay). Private group chats is the only way to do private on Nostr (until Marmot Protocol becomes more widely available and used). If people want to share photos of their family and kids, they can do that in a private group chat. What people post, they should consider public. The legal system (not that anyone should care about that) in many countries even considers private groups as public, talking bad about someone in a private Facebook group, can get you in legal trouble as it's considered public. These centralized apps reduced the consquences, at least before, to tedious data gathering done by humans (screenshots, copy-paste), on Nostr it's super fast due to the protocol to gather all the data. With AI tools, this data gathering from "private" groups is going to be even easier. Implementing a "Friends only" mode is a good idea (as long as it's not considered a "private mode"), the protocol does support it, but it requires to reason about the protocol in the right way, as I have explained above. Though of course, it does not stop anyone from seeing your posts (and media).