I’m growing more and more concerned about the reliance on GitHub.
And starting to think a bounty isn’t the right way to fund this work.
Login to reply
Replies (108)
Centralisation I'm guessing. Especially on a platform owned by Microsoft.
Yep. Git is fundamentally a decentralised protocol. That's why only using it through a centralised service owned by Microsoft is bad.
thinktank hackathon. on site
There’s gotta be a way to create the #nostr equivalent of a GitHub.
This seems like something the folks at protocol labs (IPFS) would be well suited to help with. Using nostr as the event later and IPFS/IPLD as the storage layer seems like a winning combo.
IPFS is a nightmare, though merkle trees are indeed vital to storing large repos. That’s how IPFS handles storage.
Fully agree that a bounty doesn’t work for this;
the work needs to be broken into smaller pieces and let the magic of nostr’s by-default data interoperability integrate the pieces organically
Probably thinking too small. How do you bootstrap an open source product or organization? Esp in the face of stiff competition from an established, well-funded, and free-to-use competitor.
I'm very anti-bounty. Esp for large projects. If I see a bounty it gets added to my list of stuff not to work on at this point.
What's nightmareish about it?
I agree #[3] #[2]. Even as someone with time who tried it a variety of ways w nostrich feedback - there’s not enough consensus re: what the interlocking foundational systems would be to make it work. It’s totally doable. Maybe just like, mirroring Nostrasia; a doc that people dive into/talk through what works/why then work on it.
Maybe Codeberg.org could be an alternative to GitHub, and it is still git based.
Berlin Non-profit. Membership based voting.
Code is Built on Forgejo (Forgejo.org)
1. Centralized bootstrapping: you must rely on a centralized set of nodes to connect into the network.
2. No user-server model: users are forced to spin up a server to browse their decentralized web. You can’t even turn a file into a merkle tree without being forced to spin up an IPFS blockstore server.
3. Their Merkle Trees/DAGs are not optimized for downloading one branch at a time, because you must download a list of all children hashes when downloading any parent hashes — creating excessively bloated merkle branches.
1. Centralized bootstrapping: you must rely on a centralized set of nodes to connect into the network.
2. No user-server model: users are forced to spin up a server to browse their decentralized web. You can’t even turn a file into a merkle tree without being forced to spin up an IPFS blockstore server.
3. Their Merkle Trees/DAGs are not optimized for downloading one branch at a time, because you must download a list of all children hashes when downloading any parent hashes — creating excessively bloated merkle branches.
We’ve invented a new type of Merkle Tree/DAG that has the ability to map file directories like IPFS Merkle DAGs, and maintains the small branches of Merkle Trees for quick user validation.
This achievement may help projects independently of Nostr.
I agree that a large bounty doesn't put the right incentives in place. I'd love to work full time on this problem. Would you consider sponsoring a lead developer? I outline the key challenges as I see them here:
https://blogstack.io/naddr1qqyxxdmyvsmrqdn9qywhwumn8ghj7mn0wd68yttsw43zuam9d3kx7unyv4ezumn9wspzpgqgmmc409hm4xsdd74sf68a2uyf9pwel4g9mfdg8l5244t6x4jdqvzqqqr4guzzjrgj
And the bull case for this here:
https://blogstack.io/naddr1qqyr2wt9xfsk2wp3qy28wumn8ghj7un9d3shjtnyv9kh2uewd9hsyg9qpr00z4uklw56p4h6kp8gl4ts3y59m874qhd94ql732k40g6kf5psgqqqw4rsd8v7ng
Jack, would you like our team to write a paper explaining everything? From how we store repos, to our optimized trees and layered architecture… happy to share.
That way you and the communities on #nostr can assess our approach before we complete the project. Thoughtful criticism is always welcome.
Why not just host a Gitea instance as intermediary step?
Low hanging fruit: simple to install and 100% compatible with GH workflows (PRs, SSO, comments, etc).
Removes dependency on GH until a proper replacement shapes up.
inb4 Nostr Foundation
This is exactly what I do and recommend.
Everyone writing code should be handling their primary/authoritative git served in house, and use GitHub, GitLab, Bitbucket, AWS Code, Sourceforge,Launchpad etc as mirrors only. Gitea works ok at small scale. One caveat is when pushing commits to mirrors the refs to issues won't line up and this can be confusing in GitHub and others that render links
The bigger challenge is projects that are intended to be open and decentralized like Bitcoin. They need a publicly accessible authoritative home without risk of a single corporate or gov organization controlling, or being rugpulled.
I periodically fetch and backup projects I deem important, and recommend also running local maven and npm registries as needed
v4v is cool but corporations are willing to pay more for a skilled developers time. It then becomes hard to justify putting in the hours for such a small reward. This might not be the case if you have a large social media presence and can get eyes on your work and people to promote you. Most developers don’t have this. There’s a lot of passion in this space so it kinda works but you are still missing out on the majority of the talent pool with that model.
Hmm. I believe you have the ability to specify bootstrap servers. And my understanding is that IPFS is more of a foundational protocol on which to build services that can offer a user-server model (like 
) so I'd imagine a service that acts as a nostr relay and has an ipfs node in combination to provide git services.
I don't have knowledge of your third item though.
Storacha - Decentralized Hot Storage Layer on Filecoin
Storacha - Super Hot Decentralized Data at Scale
Open hot storage network that scales IPFS and Filecoin with verifiable, user-owned data.
We’re replacing IPFS with a layer 2 off-chain storage system that stores files with our optimized merkle trees, like IPFS does, but we ditch their bootstrapping system for a trust-minimized relay discovery system.
The node running this storage system also runs a git server, as you suggested. I have to say, I explained the basics of our storage system with merkle root on-chain — but I haven’t gone in-depth on how we’re doing the GitHub itself in context to the storage system.
Happy to share, just was trying to finish it before someone else did — it was a competition afterall.
Which specific projects do you want to see move? The issue is usually somewhere between “people don’t have an account at the alternative” plus “self hosting means finding someone to host”.
The first can be solved with software, the second can’t (modulo some decentralized thing but that makes the first problem 100x worse - “install software X to report an issue or open a pr, and if you have issues with X good luck”).
It’s really more of a motivation question - can you convince the devs of a project it’s worth the pain to move.
Anything ever happen with nostrocket? I feel like that sort of funding model could be better and easier to buy into that one large bounty
Can you elaborate why exactly?
Cool. I'm curious to learn more. Got a link?
Haven’t released the new merkle trees yet. We’ve only released the whitepaper on how we put merkle roots on-chain to sync the nodes hosting the merkle trees. I think it’s time to reveal how everything else works, given the concern around the bounty and everyone’s curiosity.
https://medium.com/@colbyserpa/nostr-2-0-layer-2-off-chain-data-storage-b7d299078c60
Put a squad together...
Mercenary work.....
What other tricks up your sleeve
Sure,
Bounties discourage collaboration, as devs are 'competing' for the bounty vs working together. I don't want to compete, I want to collaborate. Bounties put pressure on to develop as fast as possible just to claim the bounty. Bounties don't provide an incentive to continue a project once they're claimed. Bounties are vague and there is a very high chance of not satisfying the 'requirements' that are loosely defined.
Most bounties that are successful are small feature requests on existing software and usually completed by the author of the project.
Does Radicle do most of what you want? 
Radicle: the sovereign forge
Sovereign code infrastructure.
Love it! Colaboration is crucial and is oftenly disincetivized across many fields (academia, coding, governance, etc.). Humanity lacks a communication standard that would incentivize colaboration within and across communities in the whole infosphere (be it physical or digital realm)
Thats why we are working on a protocol which we among ourselves like to label as "coop tool" so i dig your approach❤️
Bounty needs breaking down into small pieces
been having issues with github and vercel around my ourchan nostr project recently (probably fair, but lol)
Definitely
preach brother !
break down into stories and bounty those instead of the whole enchilada?
You should just open it all up and build it in the open, nostr not bluesky, ppl want to help you and review I’m sure
I firmly belive code is the most precious asset of a programmer. Just like you don't trust banks with your money, you shouldn't be trusting centralised version control platforms with your code.
#plebchain #nostr
#[0]
Exactly.
😆
I agree…
We were only hesitant to open up until we were further along because it would be easy for someone to steal our code & make a poorer functioning version to claim the bounty before we completed it.
It was a financial competition afterall, so we had to act accordingly.
#[1] I’m a python engineer, have the staples of good engineering and am worried about layoffs. I’d love to send my resume your way.
If you develop in the open it’s clear to all who did what work, with zaps the value flow can start immediately from those you deliver value to.
#[2] you did incentive something, but you’re right to think harder about if it was the correct thing, maybe grants to promising teams and devs who are making progress to the goal.
There should be a YC-type program (perhaps grant-based + non equity) with hundreds of projects built on nostr 🔥
I’d love to sit down and discuss how this works in-depth if they’re interested. If we had some coders at square/spiral help us, we could definitely move faster. ⌨️
As in devs pitch their project ideas and have time frame to deliver MVP and final product ?
Equity-based, capitalism not a bad thing, but 99% of the time shitty people abuse it. That 1% is valuable. Also YC has SAFE program to fund for future equity
The idea of funding hundreds of small teams in parallel trying to solve for important use cases on nostr.
With a time boxed structure.
Nothing to do with YC tho
GitLab has done very well challenging a seemingly intractable incumbent. Could a nostr-based NewCo do it again?
Sorry, I think what was running on my mind was on bringing out the best outcome as well as long term sustainability of devs
We’re on the same page there 🤙
Ask gpt4 to make decentralized GitHub for you.
Time boxed to get an initial product deployed with PMF AND with long term incentives for successful clients
We’re ripe for this!
Combined with the lightning network and nostr protocol, the ecosystem could be rewarded for contributions
Get off Git
Oh shit… Jack’s about to start a new social media company
Reliance on the official app stores for mobile is also a single point of failure. F-Droid helps for Android but I'm not aware of anything for iOS.
Agree. It might sometimes. But for example, my teaching colleague and I have worked *really* hard to develop a team/brand that teaches Bitcoin basics to other teachers during Professional Development Seminars. So far we've presented to 450 teachers in our Metro city of Canada.
Feedback shows that we do an exceptional job of delivering objective, vetted and easily digestible learning. Smash success!
But we are burned out trying to run a start-up while also working our day jobs. We need help. We need resources. We need to be able to leave our jobs for at least a year and build full time. Jeff Booth gave a talk I attended recently about leaving your job to work on BTC full time. I'd love to curriculum build full time... but we need funds. We've done the #ProofOfWork... but in a sense haven't received enough mining. 🤙⚡️ Not complaining. Just saying talented people are honing their skills in day jobs and passions.
Nostrocket
Life keeps getting in the way but I'm working on it. It solves all these problems.
it will happen precisely when it is supposed to - just like #Bitcoin did.
Completely Agree
Is the assumption that we will still use git? Is it similar to image hosting for Nostr. We will then have people running git servers and communicate through relays?
Bounties are an anti-pattern that spawn from centrally planned thinking 😉
If we knew exactly what problems to solve ahead of time, bounties (and many other forms of central planning) would be the most efficient way to discover solutions, and we also wouldn’t need two hemispheres of the brain.
Two old engineers were talking of their lives and boasting of their greatest projects. One of the engineers explained how he had designed the largest bridge ever made.
"We built it across a river gorge," he told his friend. "It was wide and deep. We spent two years studying the land, and choosing designs. Then we hired the best people and designed the bridge, which took another five years. We contracted the largest engineering firms to build the structures, the towers, the tollbooths, and the roads that would connect the bridge to the main highways. Under the road level we had trains, and a special path for cyclists. That bridge represented years of my life."
The second man reflected for a while, then spoke. "One evening me and a friend threw a rope across a gorge," he said. "Just a rope, tied to two trees. There were two villages, one at each side. At first, people pulled packages across that rope with a pulley and string. Then someone pulled across a second rope, and built a foot walk. It was dangerous, but the kids loved it. A group of men then rebuilt that, made it solid, and women started to cross, everyday, with their produce. A market grew up on one side of the bridge, and slowly that became a large town, since there was a lot of space for houses. The rope bridge got replaced with a wooden bridge, to allow horses and carts to cross. Then the town built a real stone bridge, with metal beams. Later, they replaced the stone part with steel, and today there's a suspension bridge standing in that same spot."
The first engineer was silent. "Funny thing," he said, "my bridge was demolished not long after it was built. Turns out it was built in the wrong place and no-one wanted to use it. Some bastard had thrown a rope across the gorge, a few miles further downstream, and that's where everyone went."
I think that any time you require incentives or guaranteed payment (e.g. a bounty) to solve a problem then 80% of the time whatever gets built is already obsoleted by people solving their own problems for their own reasons (just takes a while to become obvious).
IMO the "github" problem is implicitly nested under a more urgent and important problem facing Bitcoin (and humanity), and solving it nullifies the github problem. Currently implementing the solution, if correct then it will percolate up to you.
Worth a zap man spent hour writing that!
I don't think you can say GitHub here, moderator cyborg told me off for using pleb he told me it's an italian insult. Git is English insult. Be careful. Website is v strict. Good luck. I am new too
Great practical stuff to implement while people smarter than me implement change 👍
I believe they were forced into letting go of the monopoly
Tech Arrival
6 Best Apple App Store Alternatives for iOS
While the Apple App Store is a great place to find apps for your iPhone, iPad, and iPod touch, it isn't the only one. Looking for a bit of variety ...
will you increase the priority a bit more if you recieve some zaps🤭
Git is already decentralized. Just ask Linus.
No
Bounty is the last apple that quenches my hunger.
We need user base that depends on this piece of tech.
Looking at that user base developers feel interest on the platform.
A user base closer to the bottom of the pyramid better for the purpose.
Let’s fund such user base first so that bounty begins to work it’s magick.
Do it
Conversations about the projects over Nostr too. No more Slack.
No more slack
Nostr version of Slack👌
Github will be censored at some point, it’s inevitable.
Slack is horrible, sets all the wrong incentives for orgs.
Slack is awful
I'm a fledging web developer, and slack makes me want to puke.
First thing it asks me is "What are your pronouns?'
Get fucked.
#SlackOff #Nostr On 🤙
It’s fucking horrible.
🤮
Why not organize and lead a fully open source team to create what you want to see? Your vision is so strong and your such a great leader! Lots of folks would absolutely love to work with you on this 💚
You've got the sats as a bounty, but I wonder if you'd get more traction if you could start to describe some journeys and perhaps rough requirements as a starting structure?
You could always use the sats as fuel for the fire then, instead of a tool to start the fire to begin with. 🔥
💯
💯
I was about to write the same 🤙 It would be an amazing thing to help build, but with this setup, there is no option.
Yes!! 👏
These look sketchy to me. I wouldn't use these app stores unless I was in a country that denied access to the official app store.
There are certainly some challenges to it, but it could work.
Agreed. Bounties might work once the foundation is laid and there‘s a group of people that formed consensus and have a clear direction. View quoted note →
Self-hosting a Git instance can be relatively straightforward. There are several options available, such as Gitea, Gogs, and GitLab, with Gitea currently being a top choice. Migrating the Bitcoin repository to a self-hosted instance would be manageable, although transferring issues and other related content might require some effort.
Developers would need to transition to a new domain and register, which may take about 5 minutes. While this could be a minor inconvenience, it's still feasible.
Nostr could play a role in this process as well. By having all developers on Nostr with a keypair, it's possible to verify their identities on another instance. An app could be developed for this purpose, or developers could simply include their npub in their profiles and sign something. This can also be done with ssh keys, and the new git verification mechanism.
Setting up mirrors as contingency plans could be a proactive approach to address potential concerns.
The Linux model using email is the lowest common denominator foundation. I think nostr could improve on this dramatically…but there is a system that works at massive scale just using git and email.
I'm surprised there hasn't been anything notable yet.
i think it’s my terrible scoping and bounty. I don’t think bounty works for this.
Probably why. Bounty model incentives building fast, and the complexity of the project likely worries many that their work would go to waste if someone finished before them
💯
yes and unix, everything is a text file
What is the right way?
DMed you 🙏 #[1]
May I suggest to break out smaller bounties. It's $290k to fulfill a seemingly herculean task that requires to assemble a team and work out many details that you have not defined and neither does anybody know what others are working on.
How about awarding $10k of that money for the 3 best proposals (5k, 3k, 2k) to tackle the big task in time and budget. These proposals have to detail sub-tasks that again can be accomplished in short sprints.
Pay out +$10k every week or two so people see it's real and in reach.
I just suggested to refine the bounty in the context of a sub-bounty: View quoted note →
I'm sure, git itself will be part of the solution. I could imagine there being an extension to git so you can clone a repository without caring about the IP of the server - instead of "https" or "ssh" you would use "nostr" - but that's details.
On the gitea repo there is doubt about the goals of the bounty and I would appreciate clarification from you @jack
Is the bounty only for a solution on nostr or could at least part of it go to contributions that do not use nostr but ActivityPub?
The issue if you want to reply there yourself instead of here: 
GitHub
Gitea2Gitea Federation State · Issue #18240 · go-gitea/gitea
Designs: ForgeFed (ActivityPub) -> #14186 Webfinger support -> #19462 Matrix (discussions and issues) #16065 #16518 Nodeinfo endpoints for federati...
Your proposal has merit and could be worth exploring further. However, it's important to carefully consider the potential benefits and drawbacks of any major changes to the development process.
it's worth noting that there may be some potential challenges and trade-offs to consider. For example, self-hosting a Git instance may require more resources and maintenance compared to using a hosted service like GitHub. Additionally, transitioning to a new domain and registering on a new instance may require some coordination and communication with developers, and could result in some initial disruption or confusion.
The bounty can go to fund free data storage and projects incubation