Damus
brugeman profile picture
brugeman
@brugeman

Building https://npub.pro https://nostr.band and https://nsec.app

Create beautiful nostr-based websites with Npub.pro

Relays (9)
  • wss://relay.primal.net/ – read & write
  • wss://relay.damus.io/ – read & write
  • wss://nostr.mom/ – read & write
  • wss://nos.lol/ – read & write
  • wss://nostr.wine/ – read & write
  • wss://offchain.pub/ – read & write
  • wss://nostr-pub.wellorder.net/ – read & write
  • wss://relay.nostr.band/ – read & write
  • wss://relay.nostr.bg/ – read

Recent Notes

note1g956t...
brugeman profile picture
Hi, this sounds great but you're probably 1 of 10 users of this relay and that's just not worth the effort. Besides, I'd say relay-browsing apps should just implement these filters on the client - with wot/reactions/etc as filters, that's much more versatile then me trying to cater to every possible filtering/UX need at the relay level.
1
The Daniel 🖖 · 8w
Hey nostr:nprofile1qy88wumn8ghj7mn0wvhxcmmv9uq3uamnwvaz7tmwdaehgu3dwp6kytnhv4kxcmmjv3jhytnwv46z7qpqxdtducdnjerex88gkg2qk2atsdlqsyxqaag4h05jmcpyspqt30wsqcfvpv, it looks like the SSL cert for nostr.band may have expired.
note1hpng2...
brugeman profile picture
Channel peers could try to broadcast old channel state, but there are watchtowers for that, and you can just code it to use reputable LSP. My wallet uses phoenixd, I'm pretty sure Asinq won't try to benefit from my channel if the enclave terminates.
1❤️1
Repeatedly nuked profile · 23w
I'm pretty hazy on the lighting node stuff, but hardcoding a trusted LSP makes sense. That's similar to another situation we gamed out where the on-chain keys are also generated in the enclave, what we called full autopilot. The thing for me though is that even for full autopilot it just returns t...
note19k69e...
brugeman profile picture
I mean if keys can't be extracted and operator just kills the enclave then keys are gone and LN node's channels are force closed and node's sats are gone with the keys and operator gets no benefit from the shutdown. Or am I missing something?
1
Repeatedly nuked profile · 23w
Tricky thing in Cashu is that a service failure and a rug are indistinguishable. And stealing funds and destroying funds are also indistinguishable acts. Destroying the mint is how you steal the funds.
Repeatedly nuked profile · 23w
In terms of rugging it's the same I think. In fact it could be worse, the operator could use a cloud enclave to instil trust in the token holders (look you can attest the code) and then wait some time and rug the holders all the same. And every rug is 100% of the value of all your tokens gone, it do...
note1nmses...
brugeman profile picture
I would separate rug pull risk from service failure risk. Cashu is custodial without unilateral exit so with or without enclave, if mint goes down, funds are inaccessible. To me it looks like rug pull risks are minimized with enclaves - we could get a lot of independent mints all running verified code, which sounds quite awesome. The rest are reliability questions: backup might be sync real time, coordinator can live in another enclave, dns record can be controlled by the current master, updates don't require a blockchain - just a set of signatures by pre-declared maintainers (that's my current approach). Not that it's a proven set of solutions, or that I am against the blockchain, but I think more experiments are needed to figure out the actual problems and solutions.
1
Repeatedly nuked profile · 23w
The biggest issue with Cashu is that even with cloud enclaves (of any kind) there is no escape from central control, and central control means the central controller can rug the token holders. Cashu basically mandates central control no matter where deployed. If you look at all the ways to build tr...
note1shkd5...
brugeman profile picture
Sounds like you're trying to solve the 'what if operator terminates the enclave' with a blockchain? I had a different vision for this, involving custom key stores (also in enclave) - enclave uploads it's keys to keystores (I have 2 now) and if it restarts it can pull those from the keystores (if attestation matches). This can be extended arbitrarily to enclave making a 'backup' of itself - launching a backup process in another enclave instance which will be allowed to pull keys from keystores if the master goes down, etc. This implies that we'd have many operators running compatible app servers in enclaves, all open without kyc paid in bitcoin. That's roughly where I'm going with 'enclaved' server.
1
The Daniel 🖖 · 24w
Agree, bad data is worse than no data. I’d just pull the plug entirely if you’re not maintaining it anymore.
brugeman profile picture
Not to be rude, but how do you know it's bad? And bad compared to what? Is there a source that is not bad? I maintained stats for myself to see the real picture, and some people think the real picture is different, but they never cite the source. I 100% support passing the torch to someone, but don't hope the new maintainer will give you much "better" data.