Vertex is an open source nostr web of trust provider. Webs of trust are a method of quantifying verifiable reputations for spam mitigation, user discovery, social feeds, better app stores, and more.
Pip on Nostr: https://primal.net/p/nprofile1qqs0dqlgwq6l0t20gnstnr8mm9fhu9j9t2fv6wxwl3xtx8dh24l4auswr6u0j
Vertex on Nostr: https://primal.net/p/nprofile1qqstq4j6pk2sgaupru6l7ah9nq0dueafq356jllwcy7uzlek9yx7hlsel8nqn
Vertex: https://vertexlab.io/
EPISODE: 167
BLOCK: 905116
PRICE: 847 sats per dollar
(00:00:01) CNBC Intro
(00:02:00) Happy Bitcoin Friday
(00:04:27) Pip and Webs of Trust
(00:06:49) Understanding Webs of Trust
(00:14:16) App Store Security and Trust
(00:18:53) Spam Mitigation
(00:28:11) Client Side Solutions and Performance
(00:35:33) Trust Models and Censorship Risks
(00:45:02) Use Cases for Vertex
(01:03:04) Relay Operations and Spam Control
(01:11:01) Current State of the Nostr Ecosystem
(01:17:10) Community Building and Onboarding
(01:24:08) Closing Thoughts and Future Plans
Video: https://primal.net/e/nevent1qqs8vy4xuuny2hejghpjl57f77hh0t65gthaqhmjdwlwy7rr4ng3pzslchs0g
support dispatch: https://citadeldispatch.com/donate
nostr live chat: https://citadeldispatch.com/stream
odell nostr account: https://primal.net/odell
dispatch nostr account: https://primal.net/citadel
youtube: https://www.youtube.com/@CitadelDispatch
podcast: https://serve.podhome.fm/CitadelDispatch
stream sats to the show: https://www.fountain.fm/
rock the badge: https://citadeldispatch.com/shop
learn more about me: https://odell.xyz
[00:00:02]
Joe Kernen:
Who everyone talks about is our guy that we usually talk about for the S and P and stocks. It's Tom Lee. That's Tom Lee. Yeah. Because he's been a bull for a long But the way he is a bull, he's on here and it'll be you know, Bitcoin will be at 70, and he'll just and I go, well, what do you think? And he goes, well, I'm expecting $1.20 to $1.50 with Right. And you think he's nuts. And you think he's absolutely correct? Right. That's the way he was when it first went up to twenty thousand years ago, and it and it dropped all the way to 3,000 or something. And he said, oh, I think we'll be back to 20 by the end of the year. And I once at one point before I got to before I got, born or until, I got one till pretty early, like, four point. It was at 8,000. It went down to 4. But one of my purchases was at 4,000. So Wow. Yes. So I did that. I had some at 4,000. Okay. Profits? I'd I'd sold a lot of 55.
I still have pretty much. I still have them. Fine. I'm good. And I I love what you know, you can it's it's tough to enter now. You can buy fractional. But if you're a long term believer. If you're not if you're still a hodler, they they've been, they've been buying all along. But but I remember when he said it then, I I asked. I said, you're so good at what why do you delve in this? You you it's so much easier for stocks, and you're so good at calling short term trends than the S and P. You know, why risk your reputation on this? But at that point, it was such a strange risk No. Just for sure No. Of his forecast. Crypto related stocks, by the way, also
[00:02:01] ODELL:
Happy Bitcoin Friday, freaks. It's your host, Odell, here for another Citadel Dispatch, the interactive live show focused on actual Bitcoin and FreedomTech discussion. That intro clip was, the world's most popular Bitcoin podcast host, Joe Kernan from CNBC. I think admitting for the first time when he purchased, which was at $4,000, that was actually a more impressive entry than I expected out of him. He did say he took some profits at 55 k, which, you probably regress that now. I would say selling Bitcoin for dollars is not taking profits. The opposite is taking profits. You wanna store your profits in the hardest money known to man.
He also gave a shout out to Tom Lee who is pretty much a scammer, but, still felt like an iconic moment to capture and seal dispatch history. Anyway, Freaks, we got another all time high rip going. Bitcoin is in open water. Best part of Bitcoin is when we're in price discovery mode or the best times in Bitcoin is when we're in price discovery mode. The best part of Bitcoin is the freedom it provides us all. I have a great rip conversation lined up today with a ride or die freak. Before I get there, just real quick, dispatch is always is funded by our audience, funded by viewers like you with Bitcoin donations.
We have no ads, no sponsors, no ref links. Just you guys and me shooting shooting the shit, broadcasting signal around the world. The easiest way to support the show or the most fun way to support the show is in our live chat with the ride or die freaks, powered by Noster. You can find all the relevant links at saledispatch.com. And then the second best way to support the show is through podcasting two point o apps like fountain podcast app. Our top zap from yesterday, you guys only had a day to give your comments in your zaps, was 500 sats from Johnny Stimulus. Let's try and get those zaps a little bit higher, Freaks. I would appreciate it. But more importantly, I appreciate when you share the show with your friends and family available in every podcast app.
Anyway, Freaks, long winded intro. I've had a long day. I just got off a rabbit hole recap, slammed some food real quick, jumped on the livestream again. We have Pip here. As I said earlier, he's a ride or die freak, which I'm quite proud of. First time first time on the show. He I did broadcast. We we did a panel together in Riga that I did put in the feed. You might have listened to that. He's focused on webs of trust, web of trust. How's it going, Pip?
[00:04:46] Pip:
It's going great. I just came back from vacation, so I'm quite relaxed and, and, excited to to build.
[00:04:57] ODELL:
Rejuvenated and ready to go?
[00:05:00] Pip:
Sorry. I didn't hear what you said.
[00:05:04] ODELL:
I said I said you're rejuvenated and ready to go? Yeah. Exactly. Yeah. Rejuvenated. Yes. Okay. So first, I think a good place to start is, what is a web of trust and why should people care?
[00:05:19] Pip:
Yeah. So web of trust is a word that's, can have many meanings. So, yeah, it's important to to define, at least. So I define it in the context of master. So web of trust, meaning that there is, there exist a bunch of events, and those events, because of master events, they are signed. And so it's possible to cryptographic cryptographically verify that someone has made a certain claim or has taken a certain action. And, out of that, you can build out a graph in many different ways in focusing on different types of relationship. For example, one is the follow graph that is mostly what people say when when is mostly what they mean when they say web of trust of Noster is basically who follows who and, what can be derived from all of this data, basically. And, yeah, my project, if I can continue in this route, is, is Vertex and, which is a web of trust as a service, meaning it's a service that you can use to analyze this web of trust and or rather, we analyze all of this data, and then you can use the insights from this data to power features inside your application.
[00:06:50] ODELL:
Okay. So, let's just pull it back for a second. The way I like to describe web of trust is from a practical perspective, which is right now, we're in the early stages of AI tools. But since the dawn of time, spam has been a problem on the Internet. Spam, the definition of spam is not an objective definition despite what people realize. It's, more of a subjective definition. And and what is spam? Spam is something that you didn't actually want to see that you see. So one man's spam is not another man's spam. Sometimes some people think there's something of value while other people don't. Historically, the way we've handled spam on the Internet is through centralized means.
The most notable being, Google with Gmail. Gmail has a massive list of spam, and they just don't deliver it to you if it's on that spam list. Now, with the dawn of AI and deep fakes and fake news and automated bots, l o m powered bots. We've seen this become even worse in a social context on different social platforms. And they've also attempted to handle this in a centralized way, usually by trying to tie identification information to users and doing either light KYC or or even heavier KYC to identify the user and then deem if they're a real person or not and then add them to a spam list. Now the problem with centralized spam mitigation is that you have a central point of failure run by humans that can be corrupted, that can be pressured, that can be malicious.
And and so you have a censorship risk there, but also you have, manipulation risk and you have just a lack of efficiency. It's not very effective. Spam still gets through. So now that we have Nasr and we have this cryptographic, identity protocol and and social graph protocol, we can do things, in a more scalable trust minimized way, and that's where webs of trust come in. How did how did that go? Did I nail it?
[00:09:11] Pip:
Yeah. Yeah. I I would say that spam prevention and the battle against spam is perhaps the the biggest use case for the web of trust. Not the only one because, for example, there are, like, recommendations that you can solve in a very similar way, like giving personalized recommendation to users or offering a search. So there are multiple, use cases for the web of trust, but for sure, the biggest one is fighting spam, which, as you said, yes, it's a problem of, essentially, the the fact that users can abuse certain systems. And so it's a matter of trying to use smart heuristics so that you can defend yourself. You can defend, your your attention, your database if you're storing stuff that you don't want actually to store.
And, any of our web trust provides a very powerful heuristic. And if you want, I can Yeah. More about, like, how powerful and how can it can be used more practically.
[00:10:25] ODELL:
Yeah. So, I mean, first off, we have Fran Zap in the live chat. Zap, 10,000 sats. Thank you for your support. And he also said, that your mic is a bit loud, but I lowered it. So, hopefully, it's better now. I lowered it on my side. Let me know, guys, if you think he should maybe move it a little bit away from your face. Pip just got a new mic just for the show, so shout out, Pip. Fran Zap, by the way, is, the creator of Zap Store, which is a master powered app store for Android, that is leveraging webs of web of trust. Is he using Vertex?
[00:11:07] Pip:
Or Yes. Yes. He is using Vertex. Actually, he is, still, I I would say, the the cofounder of Vertex. Like, we started this project together in, well, Riga last year. And then we, basically, we launched in February. And, in, I believe, April or May, he decided to step down and focus more on Zuckster. But, yeah, his help was super super useful in the beginning for sure.
[00:11:42] ODELL:
So let's I mean, you said you wanted to talk about more practical uses of it, in the real world. Let's why don't we start there? Like, how is web of trust useful in a or Vertex specifically useful in an App Store environment?
[00:11:57] Pip:
Yeah. So in the App Store, in Zapstore specifically, the feature is that when you click install on a new app that you that you you haven't downloaded yet, it it asks you a question. Are you now the question is, do you trust the signer of the application? So the thing is, someone and a developer most likely has signed this application, and so meaning that he build it. And so do you trust if you are not going to read the code, do you trust the signer, the developer behind it? Now, if you were to display an m pub, that would be very inconvenient because, you would have to take that m pub, copy, paste it somewhere else, and take it in and look at him at his profile.
What, Vertex does inside Zapstore is that it provides, very summarized, very important piece of information, like who are there, the top followers of this account. And, and so, for example, if I click on, let's say, Albie, and I see that it's signed by Albie, I see that Odell, myself, Franza, they all follow Albie. So this Albie is most likely the relevant one and not an impersonator that is trying to trick me. Yeah. That makes sense. Yeah. Go on. And this this service specifically, it's called, verified reputation. Very simply, you provide an m pub. You choose the algorithm that is used to find the top five or top whatever you want.
And then, and that basically and yeah. And we return the list of attendees with their associated, say, score or rank. They are already ordered, but you can use that score also in other ways.
[00:13:57] ODELL:
So there's so I guess, first off, I think it's important to realize that with delivering software on the Internet, this is the key this is the key problem that has that people have been trying to solve for a while, which is, you wanna make sure you're getting the real app. If you if you if you don't if you're not making sure you're getting the real app, you might get a fake app, and that app might be malicious. It might be just bad. It It just might not be a good app, but it also could be malicious and and trying to hurt you, trying to steal your your money or or compromise your account or something like that. And historically, the way that's been handled is once again through a centralized method, which is Apple is attesting to who's in their App Store, and Google's attesting into who's in their App Store. And they're making sure you're getting the right signal app, for instance, or x app or Facebook app. They're the ones doing the reputational scoring and testing and confirming identities and making sure the app hasn't been changed.
Now that obviously comes with the issue that they also choose if you want to be in if you're allowed in the App Store in the first place. I had the white noise guys on yesterday. And right now, it's not available on iOS because Apple hasn't approved them. They need Apple's approval to get into the App Store. So how can we solve that problem without having that centralized party there deciding if if you have access or not? And that's what Vertex and Zapstore are trying to solve. Basically, anyone can upload, anyone can sign, and then you have this reputation scoring system so users can figure out which one's the real one. And that signing element is key because that's how you know it hasn't been changed by Zapstore.
Right? If if Pavel Durov uploads Telegram to Zapstore, he wants to make sure that Fran can't change the file in in the in between. Right? Because that's also part of the threat model. So Pavel signs it, then the user can verify the signature, knows it hasn't been changed in the in between in the in the middle. Okay. That's awesome. So it sounds like you almost you're you're developing you have, like, an objective trust score or reputation score that is global. Like, it doesn't matter who I am as a user downloading it, or is it user specific? Like, if I go to Zapstore and go to download something, am I seeing a user specific view that if you go into Zapstore, you see something different, or is this more of a global type of reputation score?
[00:16:38] Pip:
You can provide you can specify in the request the algorithm you want to use, and we have three algorithms algorithms at the moment. One is the you rank by followers count, which is the most, the, like, the cheapest, the fastest, but the less precise. Then we have, page rank. This is, let's say, a global view as as global as it can be. We we try to hit, all of the relays and and do the analysis that way. But, of course, there is no guarantee we get every single m that exists. And then there is the personalized page rank, which is still based on the same algorithm, but it is personalized to a parameter source that you provide. So in the most common way, you would be when you click on Zapstore, if Zapstore had this feature implemented, did this this particular type of call, then, yes, the top five you would see in that particular for that particular application would be personalized to to to you.
And, so most likely, you will see if you follow that person, you will see yourself as the as the first one, as the top one, and then you would see most likely your followers that also follow the signer of the application. And if there are no followers, then you would see the people at two hops or three hops away from you that follow the app. It's more it's more complex to to say it out loud than to, like, draw it or this actually, it's not that.
[00:18:16] ODELL:
Fair enough. Completely. So we got the App Store model. And I yeah. Yeah. You also have this all listed on vertexlab.i0 with the different trade offs, and you have a nice little chart on the three different algorithms you provide. So to go down this line of practical uses of something like Vertex, we have the App Store method. What what the App Store use case, what other use cases do you see, being a good fit for this kind of, web of trust algorithm?
[00:18:54] Pip:
I would say the most used service at the moment is rank profiles, which is used, by asknostril. Site, which is, like a website where you can see a bunch of questions that people make on nostril. And they use it to basically, whenever, someone post a new ask nostril or other or an event that mentions one of the hash hashtag the index. When whenever it's it's a new key, they ask Vertex the the rank. And if the rank is too low, they simply hide the the the question or the answer, unless, maybe unless they have been active on Nostra side. Like, you can override this reputational score if you have more local information about your your app and what the user is doing inside the application. But if you don't have that information, you can use that that rank. And they have been using it, and they said they are happy because, it, removed, like, 99% of the spam or so of of people that were trying to gain the the hashtag ask ask Noster to get, zaps or or those kind of things.
[00:20:14] ODELL:
Yeah. So they're using it for spam mitigation.
[00:20:17] Pip:
Yeah. Spam mitigation. And, that service in particular is a batched solution, so you can get the rank of 1,000 pop keys up to 1,000 pop keys, and and in a single request, you you you will receive. So that is more useful for, like, relays or application that have a database, and they want to store this information for later use. And then we have search. So, for example, if you go on mpub.word, which is a client that Fran and I built, you basically see a big fat search bar. And when you search, like, Jack, you will see the the Jacks, like, Jack Dorsey, Jack Mallers, Jack Spearko, and all other Jacks ranked in a way that kinda makes sense. These users global, but it could, also in the future, I could also add the login. And when you're logged logged in, you use your personalized view to rank people.
[00:21:18] ODELL:
Search engine. It's a great it's a very clean search engine.
[00:21:25] Pip:
Thank you. And when you click on a profile, what you see is actually the result of verified reputation. So you see follows count, followers count, the top five that follow that m pub, and then a bunch of buttons like open this in
[00:21:42] ODELL:
your fraudulent client. Well, there's a lot of people that follow one of these fake Odell's.
[00:21:48] Pip:
Yep. Yeah. Unfortunately, this is the limitation of Vertex, which I am completely open to discuss, is that we do you cannot escape, curation in any way. Meaning, you either do direct curation or you do algorithmic curation like we do. And, if people start following someone that is, a bot or maybe an impersonator. Yeah. Bot bot bot are fine, but impersonators are not, then, clearly, we want that to have the score as low as possible. But, yeah, if if some people follow it, then it will show up in search results.
[00:22:33] ODELL:
Yeah. I mean, it clearly has a much lower score than the real Odell, but it still shows up in the search results. And you don't make the actual rank number public. Right?
[00:22:48] Pip:
Yeah. This was, someone actually made a PR to add and show the ranking publicly. I'm not particularly inclined to do that because, it sounds strange. It it feels strange to put a number on people. Like, this number can be used in the background to rank and and sort in a way that makes sense. But for example, I am always a bit it's kinda creepy when I look at, like, core accuracy. I look at my own score from my perspective, and it's lower than your score from my perspective. It's kinda strange. It it it creates strange dynamics, I I would say.
[00:23:31] ODELL:
Well, it's like a popularity leaderboard. Right?
[00:23:35] Pip:
Yeah. Kind of. Yes. To integrate the impersonator problem, I have in mind to also analyze mutes and report. And that way, your your score or that would probably still will still be number one and will not change. But, hopefully, the second or the the impersonator, its score would decrease because many people have muted it or reported. So it's not
[00:24:05] ODELL:
I'm on Choracle right now. And so he shows a web of trust score on my account. Is he using Vertex or is he using something else?
[00:24:18] Pip:
No. He is using his own implementation, which is, to my understanding, is something like number of follows that follow you, like the target, minus the number of mills. It's just it is something like that. The issue with that is, with a formula or, like, type of formula, maybe I I got it slightly wrong, is that, each each follows counts the same, which is not true because some people follow 10,000 others and some people follow 30. So that that should be counted in some way. And, then it's follows and moves. They they do count it. Like, if you get muted by many, you get a negative score, which yeah. It it can be well, this actually is not a problem.
Mostly it's, say, it's less precise because it doesn't differentiate between different follows. Like, a follow counts one, a mute counts negative one.
[00:25:24] ODELL:
You wanna actually rank the the people that are also then ranking. Right? Just like it should compound on top of each other.
[00:25:31] Pip:
Yeah. And, also, it's limited in reach because it can only go two hops. Like, you have information about the one you follow and the one they follow or muted. And this is you you don't have information outside this bubble. And how big is this bubble? Most likely, it is about 50,000 impacts. Maybe more for people like you, Odell, that follow thousands and thousands of people. But, yeah, in the future, this this is not going to scale much. In fact, true hops, you'll probably still remain about 100,000 m pups even though maybe millions and millions use not in Oster. And so you would have a very limited view of what's happening and who's reputable and who is not. And outside of that, you would have no information.
[00:26:23] ODELL:
And particularly new users, you would have trouble seeing their stuff.
[00:26:28] Pip:
Yeah. True. It it requires yeah.
[00:26:31] ODELL:
So I, I'm a big fan of Nasjira with a u, n o s t u r, by Fabian or Fabian. I don't know how to pronounce his name. But, yeah, he uses his own in, his own local web of trust filter. And to to your answer to those issues, first of all, he has, like, a number you can choose with how many followers you disregard people. So I have it currently set up that if someone follows more than 2,000 people, then I don't include them. It they're not included in my web of trust. And and so just for some context for the listeners, I follow 1,854 people.
So I follow 1,854 people. And then my two hops, as Pip was saying, comes out to about 46,000 people, just to give people a line so anyone out of those 46 anyone besides those 46,000 people, I don't see their content if I use last year, which obviously has its pros and cons, the con being discovery.
[00:27:47] Pip:
Yeah. Yeah. Spam and discovery are always, in, in in, they they are always against each other. Like, if you try to optimize for discovery, you probably include more spam. If you wanna be super against the spam, then you find yourself, that you don't have basically content on your feed because you just blocked everything else, everyone else. Yeah. Client side solution in general, they can work, for sure. The problem is that, at least from what I I know about, is that they are quite complex to implement. They they require a lot of work on the client, which can be problematic if you use a smartphone, if you have poor Internet connection. Like, you have to download all of this kind freeze, and downloading them can take, you know, many, many minutes.
And then because it is it is so expensive to do, then these things are are cashed. So I assume there is some cash that happens, which means that it might happen that you are using all the data, maybe in case of someone who gets hacked. Like, imagine Jack Dorsey is hacked, and then you still see him as reputable even though he was hacked. And this might, be problematic because, like, he messaged you and he asked you for, you know, 1 Bitcoin and I'll give you back 2. And then you check-in it. Oh, yes. He's the real jack because he was hacked.
You know? Yeah. So instead, the Vertex, what we do, we take all of that work on our side, so you don't have to do much. You just have to ask the the relay, and we we give you the the the results. And all the results are computed in real time. So when you make the request, then we compute the thing. We don't do any caching of any sort. Everything is basically precomputed and keep updated. Whenever someone publish a new follow list, we we get it. We update, our internal metrics. And then when you when you query, you always get the the the most the most fresh data possible.
[00:30:04] ODELL:
Makes sense. So first of all, I see, Stacks in the live chat. He was asking what the domain was for that search engine that is npub.world, is the domain. I see Frank answered him in the live chat, but I just wanted to put it out there because if he didn't understand it on audio, then no one that listens to the podcast feed would understand either. And the overwhelming majority of listeners on the show is the podcast feed audio only. Okay. So so to pull on that thought, so something like Nasjar is using local client side web of trust. I also assume that is adding additional compute and would kill hurt your battery life more just like checking signatures and everything else. It's just trade offs all the way down.
But so with you guys, how is a developer integrating it? I see a mention of DVMs on the website. Like, how does that look from the developer perspective, in terms of integration? And then how does it look from both the user and the developer perspective in terms of trust in Vertex?
[00:31:20] Pip:
Yes. Yes. So from the point of view of the developer, I'm very proud because I think the experience is really good because all of this complexity on algorithm and, and downloading data and analyzing it and verifying and so on, all of that is abstracted away. And what you do is simply sign an event that is a request. So the request is, an an an Oscar event, and, it contains inside the parameters. Like, I wanna use this algorithm. I wanna use this other parameter and so on. You send it to our relay, and then you fetch the response. And that's it.
The the services are the DVM services are already structured in a way that kinda covers the the most popular use cases. Like, you wanna verify the reputation of an intel, like, you are on the profile. You and so that is, like, the place, in my opinion, to to use it. Then we want maybe you have a database. You wanna have a bunch of information for later use, then you means you you are going to use rank profiles. Then let's say you have a premium user and you want to give him recommendations or maybe a regular user, you want to say, you should also follow these other people. You can use recommend follows that is going to, yeah, use the algorithm to come up with this recommendation and then search. If you wanna have a nice search bar on your client, you can just add it. And in the background, that search just ask our relay and then shows the the the result.
Now in terms of trust, it is, yes, a centralized service, so it's fully trusted at the moment. It's, well, the only guarantee is that the responses are signed. So there cannot be a man in the middle that that tries to impersonate Vertex. That would be kinda fun. Funny that someone impersonates the anti impersonator. Fair enough. And we're and, yeah, actually, the next step, in order to minimize distrust is to implement something I have in mind, which is a client side validation schemes. Meaning, you get let's say, we are talking about verified reputation. So you get, the top five followers of Adele, and you wanna know because you want to know if this Odell is the real one or an impersonator.
Now what you can do client side, once you have this top five, is to find your follow list and then their follow list, and then you can verify that all of them follow this Odell. So you cannot prove that these are the top five out of 46,000 people, but you can prove that those five actually follow that. So you prevent in this case, client side verification prevents the worst case scenario where Vertex just lies and and said, yes, all of these reputable people follow this fake hotel when in fact they don't. And, and also for trust, it's important to note that, because it's built on DVMs, it it means that other competitors can come in, and then hopefully, there will be some competition that that keeps everyone in check. But at the moment, it's only So you got presumably
[00:35:07] ODELL:
in that situation, you could just you can hit two providers and compare the results locally or something.
[00:35:14] Pip:
Yeah. For for example, I'll choose the provider you trust more. Yeah. That's that is a possibility.
[00:35:21] ODELL:
But you could use one to audit the other would be an interesting trust model. I mean, right now, you stand in a situation where you could presumably censor someone if you wanted to. Right? I'm not accusing you of that. I don't think you are. Yeah. Yeah. I could.
[00:35:37] Pip:
I could. Got it. Just just to be clear, yes. I could. It's a trusted service. Just like, I would say similar to the prime model caching service, model. 100%. Someone someone some other can can run it. But, yeah, potentially, primal could end the
[00:35:57] ODELL:
And presumably, like, the biggest trust with the primal model is similar to this, which is in practice, which is that primal could choose not to show you something. And you wouldn't know primal was choosing not to show you something because everything's signed. You can verify that there isn't a man in the middle happening, that the data hasn't been modified, but you don't know if you haven't seen the data in the first place.
[00:36:22] Pip:
Yeah. Yeah. Yeah. That could be data with withholding, I think it says. Yeah. Yeah. That that that is also the case with, with relays in general. Like, you don't know if they are Right. Deleting events of people they don't like.
[00:36:36] ODELL:
Same trust model exact in that regard to, like yeah. Like, the domiciliary could just just drop notes, and you just wouldn't know. But they can't modify notes because you can check the signatures.
[00:36:50] Pip:
Yeah. Exactly. And, also, because every response we make is is signed, and that event, you can you can store it. And so you can that that can be proof that we misbehaved in the past, and that would, fuck us. Like Then you'd be over. Yeah. The reputation. Yeah. One event use you again. Exactly. Yeah. Yeah. And this doesn't happen with the normal APIs because they are not signed, at least not normally. And so proof.
[00:37:22] ODELL:
You wouldn't have proof. Yeah. Exactly.
[00:37:25] Pip:
You would not have proof, and it would be my word against your word. And then, we will not be able to, like, decide or but instead, in this case, because we use DVMs, then, yes, if we misbehave, then everyone would would see that.
[00:37:44] ODELL:
So you have, the the dev pricing here. Yeah. You get 10,000 free credits as the trial, and then it looks like the cheapest scale one is, half a cent a credit. What is it like, what does that actually, relate in in actual cost? Like, if if Vidor was to add this to Amethyst in practice, how does that look cost wise for him?
[00:38:15] Pip:
It really depends on what you use. And, for example, if let let's make an the example of Primal instead of Amethyst, which is, which is easier. So Primal has a database.
[00:38:29] ODELL:
Right.
[00:38:31] Pip:
And they probably have many millions of m pups and many, many millions of notes. And they are wasting, most likely a lot of some resources in storing notes that are just spam or, yeah. And what they could do is that every day or every week, they, connect to Vertex. And then for each amp up of their database, they ask the rank. They store this rank for later use, like to power search, for example. And then if the rank is too low, then they can simply delete these events because they say, people are not interested in this event. This is my relay. This is my storage. I prefer to use it in a more efficient way, so I delete these things. So the user I'm referring to is using, rank profiles. And so for each 1,000 pop keys, it cost, less than 1¢.
And so if you have 1,000,000 keys, that would cost you $99. With $9, you take your database and you clean it up. Maybe you do it. Oh, it's pretty cheap. Yeah. Maybe I'm underselling. Yeah.
[00:39:45] ODELL:
Well, it's good to you start low. You can always increase the price later.
[00:39:50] Pip:
It is not the the the opposite. You can you should start with the height and then decrease it later.
[00:39:56] ODELL:
I don't think so. I mean, it depends what you're selling. But if you're selling this is, like, probably mostly b to b stuff. Right? So it's like a developer focused thing. And you so you just want the install base, and you want the feedback first. And then you can increase price. That's why I assume it was why you have a free tier. Right? Just because you don't want you want someone to act you want a developer to actually play around with it and see how it works for his use case before, you don't want the the payment to be friction point. I think people I think you could, at the end of the day, for most good products, you can lower or increase the price in the future and users will be fine with it. I think people overstate that a little bit and overthink it on, like, what their what their original price is.
[00:40:47] Pip:
I definitely over overthought my pricing.
[00:40:51] ODELL:
Oh, there you go. We should. We didn't talk first. So I don't know where I wanna so first of all, I'm curious just out of the, do you have, like, do you have a god mode of that lists, like, the most popular accounts on Nostr? Do you have, like, an Excel document? Do you have a spreadsheet that just shows who's the most popular?
[00:41:18] Pip:
No. But, you are asking because you wanna know if you are number one. No. I I mean, I I assume Dorsey's number one. I'm just curious. I'm No. No. No. Sure the top 10 are. I I don't know now, but I remember when I was, like, testing and looking at the ranks global global ranks, not personalized. Danos, I think, is number one. And then, Jack Dorsey.
[00:41:42] ODELL:
Yeah. Because everyone follows Domus, basically, I think. If you install Domus, I think it automatically follows the Domus account.
[00:41:49] Pip:
There's a trick. I'm joking. I think Domus, Jack, and then probably you. Maybe you are number three. Interesting. I'm going to to heart your your ego. I'm I'm sorry. I'll say humble enough. I think humble
[00:42:08] ODELL:
enough. I've I've I've, it's just kind of interesting to me. Like, I, I wouldn't be surprised if there's a decent amount of surprises in the top 50, particularly since Nasr is global non English language. Like, I wonder, like, I wonder who is the most popular Japanese language person. I would have no idea. I don't even know who that is. I can't read their language.
[00:42:32] Pip:
Yeah. I don't know. I honestly don't know because I don't have the this feature yet. No.
[00:42:39] ODELL:
I, Yeah. Gigi top 10. I think so, probably. He's the goat. Yep.
[00:42:44] Pip:
Yep. Four five. And NDK also in the top. Lina, Jack Mallers, Jeff Booth. Always yeah. You know, always the the the the the same very popular.
[00:42:57] ODELL:
I mean, that's the funny thing. Right? It's like so with primal, we have this optional trending algorithm, And there's all these conspiracies about the trending algorithm, about, like, who's on the top of trending. And meanwhile, like, it is the most transparent algorithm in the world in terms of social trending stuff. Like, we it's open source. You can see the exact weightings. You can see exactly how it works or not. And why does it exist in the first place? Like, a lot of Nostra people are anti algorithm, but the reason it exists is because actually, most people like algorithms and they find them useful. They just want they need to be transparent and not predatory.
But it is it it opens up an interesting question and and it's optional. And it opens up an interesting question where, if if, like, maybe the algorithms people want and the cool part about Nasr is they can choose is maybe the algorithms people want aren't actually, like, what are the most popular notes? They wanna see stuff underneath that. And that's why, like, with the primal trending, like, it's not a conspiracy. It's just if more people follow someone, it's more likely that it's gonna have the popularity rate, like rankings on individual posts.
[00:44:13] Pip:
Yep. Yes. That that also is, let's say, lack of, variety is also because that algorithm is is global. And so you find always the top global people. That could be made, let's say, relative to the user or, you know, another word, personalized. That's also, that that is more like aligned, I would say, to the nostril spirit. But practically speaking, it's definitely more, more computations, more more costly also to to do. That's also why the that algorithm in particular, personalized page rank is, is is more costly than than global page rank because it simply is more competition for for us.
[00:45:03] ODELL:
Yeah. It's much more difficult to implement. I, Yeah. I I do like the personalized stuff, and I think Noster's uniquely well positioned for it. I see Diana's comment in YouTube, and maybe I'm maybe it was a little confusing for other people if she's confused as well. With primal, she's asking me about the primal trust model. With primal, what we do is we have a caching server while most other apps, Nostra apps, connect directly to relays. And And so you can think of a caching server kinda like a super relay, that we run, and it tries to collect all the notes that we see, just every note that we see.
And we do that for performance reasons, but we also do that for privacy reasons. And that's because when you're reading notes on Nostra or even reading profile pictures, which the caching server is also taking, caching server takes all the media and everything. When you're when you're reading that on a normal Nasr app, you're actually hitting a bunch of other web servers. You're hitting, like, any web server that's hosting media, any web server that's hosting notes, anything on Nasr. And so with us, you're just hitting our caching server. So you're only exposing your IP address and your use your your usage to to the operator of the caching server.
Now that adds a trust element in terms of censorship where we can if we were operating maliciously, we could remove things from your feed that you would never see in the first place. We can't modify your feed. We can just remove things and never show them to you in the first place. And as Pip said earlier, that's a similar trust model as a regular relay where a regular relay could have removed could remove things. Now the advantage you have with a normal nostril app or a typical nostril app is you might connect to multiple relays. So they all would have to, you know, be dropping notes for you to miss them.
The mitigation we have for that is the caching server is open source. And in the UI itself, you can go and you can switch it to your one you run or one someone else runs, as Pip said, with his project. The ideal situation is we're hoping multiple entities are running caching servers, and you can just easily flip between them. Mutiny used to before they left. But, yeah, anyway, that was long winded on the primal trust model. I see Fran saying primal should integrate Vertex. I mean, that that's interesting to me. I mean, I I think we're also like, we'd like, we could do stuff in house.
I guess, is the Vertex stack the Vertex stack itself is open source?
[00:47:54] Pip:
Yeah. Yeah. Of course. All open source. In fact, I am, maybe I should have mentioned earlier, but I am a open SaaS grantee.
[00:48:02] ODELL:
Oh, awesome. I think I knew that.
[00:48:07] Pip:
Yeah. Yeah. All open source. And, yeah, you can basically take it and run it yourself if you want. It's not, as, plug and play, I would say. Not not only because you have to provide, hosting, I mean, the infrastructure to run it, but, because it it requires some, let's say, ad hoc, you choose of certain parameters. And, it's more like an art than a science to, like, do the initialization. Because when you are initializing, right, and you you you will crawl the network from a certain point, which was, like, flat Java and Pub simply because it's you know, if you use no source, somehow you trust a little bit, at least implicitly. Yeah.
And then we we go from there and we crawl these followers to so the graph expands with these people. And then recursively, it starts to when someone reach a very high rank, then gets promoted. And when you get promoted, you we we fetch your follow list, and we add new people in. And this is a recourse recursive, recursive initialization that yeah, it's it's it's not that employee just to redo it. But, yes, if you want, you can do it. You can run your own vertex, of course.
[00:49:32] ODELL:
Yep. I mean, I we also, we did, like, the early stages of, like, just an open DVM feeds opt in on primal. So, like, you could use the primal app, and you can subscribe to a DVM feed that's, like, trending powered by Vertex or something or personalized trending or, so yeah. That's Look. At the end of the day, I just wanna put it out there. Like, the goal the goal with primal is for you to control your experience. Like, we we don't wanna tell you what is what it what you should be reading and what you shouldn't be reading. Like, the goal is for the user to have full control over their experience, and there's a lot of work that needs to be done everywhere, despite the conspiracy theories. But yeah.
Do you broadcast any DVM feeds right now?
[00:50:29] Pip:
No. No. No DVM feeds. No. We we all only have the four services that I mentioned. That's, yeah. The the let's say positioning I I see for vertex is more, as you said, b to b. Yeah. Because, if it's true that now we have micropayments, which you can potentially use to pay for one one single search. The thing is that I think it creates a strange user experience even for seasoned Bitcoiners. Like, you download a new app, you need to top up the wallet so you can search. You know, it sounds counterintuitive, and it makes you think about things that should be, like, automatic. You shouldn't think, is this search worth 90 sats?
Like, I don't know. I I should not think about all of those steps while I'm using the application. So Right. And for example, with Primal, I think it could be like, the way I see it now is that the search the the ranking is using a follower's count, which is, like, the which Vertex also provides, but it's like the the worst algorithm you can you can choose, basically, because it's not really civil resistant. And in the past, I've I've, showed, like, how the search in mpop.word compares to the search in primal. For example, I think yeah. For example, there was a, an awesome band that had, more than 100,000 followers and but 99%
[00:52:13] ODELL:
of that is fake or or something like that. It's just like bots. Right? People spinning up and pubs and following to, to break the basic analysis. Right?
[00:52:23] Pip:
Yeah, exactly. And, in, it's, it's actually quite a hard problem to solve because, you use follows to figure out who's reputable, but also you need to know when to discard some follows. And that's why I mentioned earlier the the recursive discovery of the network that we do, And, we only so we only fetch events from people that have been promoted, that have been, that have acquired reputation from other people.
[00:53:01] ODELL:
So we have impersonation detection. We have, better feeds. We have, app discovery and verifiability, and we have search. What other are there any other use cases that you think are low hanging fruit for something like Vertex?
[00:53:33] Pip:
I think, the most flexible is rank profiles where you can rank a bunch of empaths because that can be used in so many ways inside an app your application. Like, I make an a very interesting example, let's say, Fontaine. Fontaine gives out the stats reward. I'm sure there are bots that try to game it. But what you could do is say, okay. I only give such rewards to people that that do Master login. So, also, it's a way to, incentivize people to use master so they can get the rewards on Fonten, for example. And then after they log in, they can only get the rewards if their rank is higher than a certain threshold.
A threshold, low enough that it, it doesn't do many false positives. So it doesn't discriminate real users, but it removes almost 99% of the amp ups that will do this game, basically, with the it's been a new amp up, listen to a few podcast, and then do it again to get a few sats. This is also an interesting possibility. Just to give some context, like, Nostrad band shows 42, 43,000,000 m pubs. This is what they have in their relay. They they see all of these m pubs. In the in in that, we have 350,000 reputable m pups only, so it's less than 1%. So 99% of the m pups are not there at the moment.
According to our analysis, are are are spammers. And I think this ratio is going to increase in in the future as real money and profits come into Nostra, then the opportunity and the to spam is going to is going to be used, basically. Like, a lot of people spam most of the content would be AI slop. And so figure out figuring out what's real and what to store and what not to store and what to show to users is going to be really important.
[00:55:45] ODELL:
Does, is that data public anywhere?
[00:55:50] Pip:
The what the the number of the reputable
[00:55:55] ODELL:
users versus total pub queue seen?
[00:56:01] Pip:
Well, the most of them has a stats page, and then you can see
[00:56:06] ODELL:
But there is a closed source. Do you have your own do you have your own?
[00:56:12] Pip:
No. No. From my own, like, in every in every, response, it is written this this number of how many it's called the nodes, how many nodes we have in the database. And that is useful if you want to create, we we added to every response because you can use that data for, coming up with a threshold. Got it. Like, this threshold depends on how many people there are in the graph, basically. That's why we included it. And I checked this morning, and it's three fifty. Got it. Three fifty thousand.
[00:56:48] ODELL:
But that's that's not necessarily actives. Right?
[00:56:52] Pip:
No. Exactly. No. It's, only reputable. Like, for example, I make, like, MicroSailor
[00:56:59] ODELL:
or Adam Beck. I think they Or, like, Balaji Balaji came and made one post and then left, and he counts. Right?
[00:57:07] Pip:
Yeah. Exactly. Those those do count in that three fifty because they are followed by many. But, yeah, the I would say active, and this is all, like, an estimate, but I think active would be half of that number. So 170, 150,000, real users of Nasr seems like seems accurate.
[00:57:30] ODELL:
Got it. Yeah. I think that sounds about right. I do think there's something to be said about when we're talking publicly about it being a little bit less conservative about the real number or the the exact number. I I mean, it's always an estimate. But, like, I'm pretty sure Blue Sky, whatever stat page that people use that no one can actually independently verify is the numbers are, like, incredibly inflated. And then who the hell knows, like, how many users there are x or Telegram or something? Like, that's just complete trust me, bro. And sometimes I think, we it's good that we hold ourselves to a higher standard, but maybe we hold ourselves a little bit too high of a standard because people then try and compare them apples to apples.
And it's it's it's not apples to apples. Like, I mean, I I've see there are situations where so Cali, for instance, hasn't deleted his x account, and he posts to x, and he gets way more engagement on his notes, like real engagement, like people replying to him and asking questions and engaging with him than he does on x. But x supposedly has, you know, 650,000,000 users, and we have, like, a 100,000. And so then the numbers just don't add up. It just, you know, you're like, what's going on there? So it's just something to keep in mind, people. Fran, I see your comment about signatures and the problem with caching service. The problem with caching service leaves signatures intact.
Signatures are delivered to the end user. The primal apps right now, I believe, are not actually verifying signatures yet. They they will in the future. We just need the app to get more performant. It's been, you know, a struggle to just get it stable as it is. And a lot of other other apps also aren't verifying signatures. I like how does it, once again, to give them a shout out, where he there's basically an option. There's an option in settings, whether or not you wanna do signature verification or not. And the reason is because primarily is is a performance issue and also kills battery life. Yeah. But, yeah, that is the goal.
But, yeah, you can actually one of the features I'm actually really proud of with primal is you can go to a note. And if you just press the three little dots, you can press copy raw data, and that's the full raw data. You have with signature in there, everything. You can just easily save that, export that, verify that. It was an important thing to have in the little drop down button. Yeah. Go on. You're gonna say something?
[01:00:25] Pip:
Yeah. I wanted to say that, like, the cost of signature verification definitely is is something real. It's something, like, that hurts the performance and the battery of clients, mostly, you know, on smartphone, low power devices. That's also why I'm kinda bullish on this idea that I mentioned of, client side verification that you can have almost both, the the best of both worlds. It's a trade off straight in the middle where you can delegate all of this work to, in this case, the Vertex server, but, check that at least the server is not, is not lying, for example, in a in a way that would be bad, like, saying that an impersonator is the real one.
This is the worst case scenario. And then with this sort of client side verification, you would be able to avoid the worst case scenario. So it's, yeah, trade off, I think, in the middle. And I believe in general, Nostril apps should, or could, explore this area because many go straight into, okay, let's do everything client side. And then you find that your app is barely working because it takes forever to load every anything. Yeah. Or, or maybe, so situation in the middle, like, yes, primal, where there is a caching server there where you obviously compromise a little bit on trust, but you get a lot more performance, a lot better user experience.
[01:02:12] ODELL:
Yeah. I mean, we I the cool part about Nostr is that you can use it in any way you want, and I it'd be nice to see more there's a lot of experimentation. But in general, I lean to more experimentation and more different trade off models being experimented with, than less, particularly at this point in Nostra adoption. Like, let's test out all the things, play with them, iterate from there. I don't think there's a a best Nostra app. I think the Nostra app that's most useful for someone is depends on their technical competence, their use case, and their threat model.
And that's the beauty of Nostra. The beauty of Nostra is that, ultimately, the user has agency, and they can use it how they want to and more of that. What else was I gonna say? I guess this also just in general for relay operators, this your service could be very useful in terms of what notes I keep. A lot of people talk about, like, paid relays versus free relays, but maybe the middle ground is like a Vertex spam mitigated relay. Right?
[01:03:22] Pip:
Yeah. Yeah. I actually wrote a a a blog post on, where I, let's say, explained that this this algorithm I designed for, for, open relays. So relays that do not do any spam filtering at the moment, like the big ones, Danlos, Primal, Nostradand. They are going to be flooded by spam. One way or another. Yeah. Yeah. Exactly. That is going to get 100 times worse for sure because if there is an incentive to spam, people will just spam. So what what you can do there is you can use, the you can apply a rate limit, and this rate limit is smart. It depends on who is the user, who is the author of the event. Like because as a relay operator, you want to optimize.
You have an optimization problem. You want more of the notes people like and less of the notes people don't like. You can use, as a neorealistic, the reputation of the author of the event. Like, if a bunch of people follow Odell, it's most likely because Odell writes interesting stuff. And so you can say, okay. You have late limit, but you have larger, bigger rate limits. If you are mister no one, then you have very small rate limit, and then you cannot write anymore. So you can have, like, a one event per minute, and if you are hotel and you have 100 or 1,000 events per minute.
You have reputation based rate limit. And then the the final piece of the the blog is because this this ranks in the in the paper are provided by Vertex. So how can you avoid a spammer making you waste a bunch of money in Vertex, let's say? Like, I create 1,000,000,000 keys. All these 1,000,000,000 keys writes to your relay, so you make a bunch of call to Vertex. And then I will be happy, but you probably will not be super happy. What you can do there is you can use, IP rate limiting for how many times anyone can call the vertex relay, basically.
So direct limited per event is based on the reputation and and how many new amp can you make me pay for the rank. That is based on the IP. And this with this scheme, with this two step approach, I think you can get pretty good, I I made, let's say, a cost analysis, and it's way cheaper to use for for the defender that pays Vertex than it is for the attacker that buys IP addresses. Right. It's a matter of cost, but it's the it's the defender is highly favored in this case.
[01:06:14] ODELL:
What about first of all, I think that's really clever. It's a nice trade off balance. Particularly, like, reputation based rate limiting is really interesting because it solves that issue that people have with web of trust, the core issue, which is like, what about new users that don't have a reputation yet? It's like, okay. Well, they'll just be softly rate limited on public relay until they build up a reputation. So they can still get stuff out. They just can't spam easily. What about people that, I'm just laughing at the live chat. They they, like, only fans stood up.
The what about, like, the false positives of people using shared IPs? I mean, I think a general a general good practice on the Internet, and especially when you're using Nostr, is to use a hosted VPN, a shared VPN that like a Proton or a Moldad or an Obscura that has a bunch of users that are all using the same IP address. And that's actually a feature, not a bug because, yes, you can self host your own VPN, and then you have to then you don't have to trust anyone, but that means you have a fixed IP address. So I actually like hosted VPNs from reputable providers because it means I have a shared IP with a bunch of other people. What about that situation?
Because wouldn't you just get a bunch of people coming out of the popular VPNs and then you'd end up block is it like m pub plus IP? Is it, like, a combination?
[01:07:47] Pip:
It's, not it's, because it is the two steps are this in this way. A new event comes in. If I have the rank of the author, then I apply and pop based the rate limiting. Sorry. Reputation based rate limiting. If I don't have the rank of the author, because maybe it's a new amp up or maybe I haven't asked for this rank yet, then I put this pop key in a queue. And then this IP can only put 100, let's say, or a certain number of new pop keys that I haven't I've never seen in this queue before it gets retlimited. Got it. Retlimited in this case means that you cannot put new keys into this queue.
Then how is this queue going to be used? You take 1,000 of these pop keys, a batch of those 1,000 keys, and then you ask Vertex for the ranks in one single call. And so you you save some money because it's a batch request. And so if a lot of users come in from, VPN and you have never heard of any of those, you just rank a few of them and then and then it would slow down, basically. And then after some time, depending on how you have configured this limit, they will be able to to to write, basically, to the relay. So, yeah, it's not a perfect solution by any means, but there are no perfect solution for for, like, free free relays. It's, you could use proof of work, but then you would have your smartphone trying to compete with, an AC. Yeah. Proof of proof of work doesn't work. For this to pay, but then it's not a free relay anymore.
And, and it creates a stranger like, you're a new user. You have to pay,
[01:09:46] ODELL:
like, first thing. We can't have new users paying first thing. We'll never we'll never get you we'll never get substantial user base if they have to pay in Bitcoin before they even get started.
[01:09:59] Pip:
Before they even get Bitcoin, which is life. Exactly.
[01:10:05] ODELL:
Oh, yeah. I like that. I think that's clever. It's a clever trade off balance. Any other use cases you have on the top of your head? We've gone through a bunch already.
[01:10:15] Pip:
Yeah. So we we said the search, recommendations, removing spam, protecting, free relays, the the Fontan one, the let's say, protecting, from giving out money to bots that automate the process.
[01:10:37] ODELL:
Yep.
[01:10:41] Pip:
Not I I don't I don't have
[01:10:44] ODELL:
more ideas. I think we did this kinda Those are those are a lot. You shouldn't feel pressure. I just wanna make sure we didn't miss some low hanging fruit. What is your overall diagnosis or thoughts on the Nasr ecosystem right now? How do you I know a lot of people are feeling burnout. There's a lot of, bearish sentiment, on on Nasr recently. Do you think we're in a good place? Where do you think we need to improve?
[01:11:21] Pip:
No. I think we are in a good place. Like, the fact that Nasr is not growing is but it's not shrinking also. It's, it's it's I think it's we are in a plateau. And, it means that, like, if you're in a plateau, it means that there is retention. And a lot of, like, from personal experience or more qualitatively, I think Nostra is much better already than x. The problem is always the network effect is so it is too small at the moment. But I think this will change exactly how new users are going to come in, like, where the new wave is will come from. I have no idea.
I I think there is a lot of potential in, like, communities. Yeah. Seeing and I haven't seen a very convincing solution. Sorry to anyone who's working on it. But, just my, you know, my my my honest opinion, I I don't have an app that I can recommend to my friends that they can use as a replacement for, like, Telegram or or their community for a specific topic. Like, I don't have something that I can confidently recommend. I think there there is a lot of opportunity. And, also, it's it's going to be also quite interesting because that, I think, would solve one of the biggest problem of web of trust, which is, like, the cold start. Like, how do you, like, how do you how how can you use without using global algorithms, which which can always use. But without that, how can you, you know, see content and get recommendation if you haven't even started following anyone?
Yeah. And that I think can be or how do you recognize a new user from a bot? How do you differentiate between the two because they look indistinguishable? One way would be, I think, communities, like, some way to know that you have been invited in a closed, reputable community. Like, the community exists before you before. And then because you have been invited and you are, like, part of the public list of the community, then we can say, okay. Then you must not be about your most likely, a new user. Because you're invited by someone that's reputable or something. Yeah. Exactly. Maybe they don't get followed right away, but they get invited. So this means that there are, like, most likely existing relationship in mid space or other places that also are created on Oster, which gives, for example, Vertex, but also other other solutions, more information to distinguish between new users and bots, which or spammers, which is really, really hard problem.
[01:14:25] ODELL:
Yeah. I mean, we've been thinking about that at least, like, from an MVP level on primal. In term like, one of the most bullish things, I think, in in Bitcoin fundamentals is, the meetup ecosystem. There's just meetups all over the world. And and, specifically, like, living through COVID, they told us we weren't allowed to go and meet with people. And at the same time, Bitcoin meetups grew, and they got bigger and bigger. And I saw this in Nashville firsthand where we had, like, a meetup of meetup organizers from, like, all these tech meetups, and they all got destroyed during COVID. They tried to go remote. It didn't work. People stopped coming. You know, like, random ass tech meetups, not Bitcoin related. But our meetups kept growing, and we got to, like, 200 people or whatever, per month in the last bull market, which was crazy.
But my point is is in that meetup community, I I there I I ended up I ended up befriending a lot of the organizers from other meetups. And one of the ideas that we had that was kinda low lift was giving the meetup organizers the ability to create, like, a primal invite link that automatically, they they curate which relays you choose. They curate who you follow at start. They follow back you at start and kind of just automatically jump starts your experience from a hand holding perspective. And I think that could be kinda powerful, but also very low lift. Like, that would be an early implementation.
Like, I think we can do much more interesting things. And, specifically, like, I I like I like what Huddl bot's trying with Flotilla. Like Yeah. Discord replacements, like, seem like an obvious answer. Obviously, like, white noise is kinda trying to do something there. I see Diana saying that primal recommends to follow certain people at start. You know, it's like it's trade offs all the way down. I first of all, we tried to refine it. So, like, it first of all, it asks you interests before it gives you a follow list. And then the follow list is optional. It's not it doesn't, like, default follow people.
But you also have the opposite problem where, like, I've used Amethyst and onboarded people on the Amethyst, and they start up with an empty feed, which is where you're never gonna get any new users if they start off with an empty feed. So, or we will get new users, but we'll get much less. Like, only a Sith speaks in absolutes. So, like, we gotta, like, play with different things and try different things and nothing's perfect. But I, yeah, I do like the idea of communities. I'm rambling on, but Ravel, of Nasocial, who is also one of the early employees with Jack at Twitter, he made an interesting example to me when we were hanging out one day, which is there's, like, a group on Facebook that is, like, 400,000 people, and all they do is post funny pictures of people riding horses and, like, funny videos of people riding horses. That's 400,000 people. And they they have a funny horse community.
And they have to deal with Facebook censorship because the PETA people, by the way, I, I, I don't think people should hurt animals. I think there's a special place in hell for, for people that do that for, for non food reasons, like people that torture animals, but PETA is a terrorist organization. But besides that, they report there, they get a bunch of censorship because PETA like mass reports their content. And it's not the type of community that you think would get censorship. But anyway, there's 400,000 people that wanna post funny pictures of people riding horses that if we had a community app might onboard to Nasr and automatically be in their own little web of trust and could kinda bootstrap things. That was my long winded example.
[01:18:31] Pip:
Yeah. And as you said, like, it's a shame that a lot of Bitcoin meetups, they well, at least the one that I am into, like, they they use Telegram. So which is literally non non private, unencrypted. Everything is clear text. It's like I mean, it's horrible. Yeah. It's not it's not, you have a bunch of problems caused by impersonator. Like, all the time, people that mess DM's you and, even though it's a full centralized thing and you don't even get privacy.
[01:19:06] ODELL:
So force you they force you to do a phone number. So I, people know I deleted my ex account. But at the same time I deleted my ex account, I actually deleted my Telegram too. I'm a big deleter. I like deleting things. And it caused a lot of issues in the beginning because so much of the Bitcoin community runs through Telegram. And I probably lost touch with a bunch of people who only contacted me through x DMs and Telegram DMs. But the rider dies figured out that they can message me on signal, and I still communicate with them on signal. But, anyway, I taught a class, for the plan b school, that's run out of Lugano, by Giacomo and others, and their whole class is on Telegram.
And so I signed up I've I said I'll create a burner account on Telegram just because I love q and a. Right? Like, I'm I'm giving a presentation to 200 students. I wanna read the freaking q and a. So I created a burner telegram account. I used a burner phone number. And the first phone number I couldn't use because it had already been registered to a telegram account. So I had to get another burner account. And then as soon as I signed up as fake name, burner email, burner phone number, as soon as I signed up, they blocked my account, and I got just blocked out. So they have a huge bot problem, but, also, like, if you wanna actually use it, it creates all these issues if you wanna try and use it in a relatively private way. Anyway, eventually, they unblocked my account, and then I deleted it again. But that's my long winded Telegram. Fuck Telegram.
We need to replace all these things. I think we'll get there. Another example of web of trust would be for that that kind of use. Yeah.
[01:20:54] Pip:
That's that's that's that's also a nice one. Like, yes. You, like, you get you have you have a message application, and then you get, 1,000,000 request of, hey. Hi there or something like that. Like, you should find a way to filter out all of them except the three real ones, and this is where the reputation of the sender comes in for this initial, let's say, initial starting of the conversation. Right.
[01:21:26] ODELL:
And it should be user configurable. Like, I Yeah. I I get a ton of inbound messages. And, like, it'd be cool if I could toggle different things for how I view my inbox. Right? How I view who can message me and who cannot. And there's been attempts to do stuff like this that I think just fall flat and they just fail. Like, one of them was like, Balaji's old company. I forget what it was called, but, like, you had to pay to message. Like, I don't want people to have to pay to send me a message. I think that's just automatically off the table. And then on Twitter now, like, you have to, like, you could, you can set, like, oh, blue checks only. Only people that have verified their identity can message you. Also to me off the table.
[01:22:09] Pip:
There's no Yeah. I think the the a very interesting idea that just came to mind, is, is an in between. So you can set a threshold, and these thresholds should be quite high. If, your reputation from my point of view is high enough, then you can message me for free, like all of your followers and then a bunch of other people like you, you you have a set of this this 40,000 people that are connected to you some way, they can message you for free. Everyone else has to pay you for your attention, like, pay me. And then you can configure how much.
[01:22:47] ODELL:
Yeah. That makes sense to me. And then you use Bitcoin, so it doesn't require doxing yourself with a credit card or whatever.
[01:22:54] Pip:
Yeah. And and and your grandma would not have to pay to send you Merry Christmas. Because she's my grandma.
[01:23:00] ODELL:
She's in my room of trust. Exactly. So that's for her I if it wasn't for her, I wouldn't be alive. I gotta respond to her messages.
[01:23:08] Pip:
Even though they are yeah. I sometimes get some strange gifts.
[01:23:13] ODELL:
I mean, on the grandma note, I have her she's on signal now. I have a 90 plus year old grandma that uses signal because it's the only way she gets baby baby pictures. Yeah. Excuse me. Incentive. I see in the live chat, silent dot links up to 42,000 sads. Thank you, sir, for your support. He's a true ride or die. He runs a great service. I was talking about burner numbers earlier. You can buy a eSIM from him. Downloads directly to your phone. Don't have to give up any identifiable information. Just pay with Bitcoin. I use it all the time. It is amazing, amazing service. One of the most useful Bitcoin paid services.
Pip, this has been great. I've been trying to, ship more dispatches lately. I'm trying to there's a lot of noise out there, and I'm trying to get the signal out. But, one of the strategies I've I've come to appreciate that one of our my listeners told me to, to do is, for a lot of people do, like, repeat shows. Right? So, like, in six months or so, like, I'd love to have you back on, see where Vertex is, see where WebTrust is, and continue the dialogue. You down for that?
[01:24:32] Pip:
Absolutely. Yeah. Yes. Yes. Awesome.
[01:24:36] ODELL:
Do you have any final thoughts, for the freaks before we wrap?
[01:24:40] Pip:
Yeah. I just just read a comment from some Franz App mentioning that Sutlantis is is doing some meetups on Nostra or or will do. And, yeah, it's I mentioned it because also, Sutlantis is using Vertex behind the scene Oh, awesome.
[01:24:56] ODELL:
Which I'm now apart from that, obviously, they're actually are they actually doing Noster events? I know at one point they weren't. It was, like, just Noster log
[01:25:07] Pip:
ins. I don't know. I I'm sure they use, well, they use the events that I send them, meaning the responses. Well, other than that, I don't know. And they yeah. They they use it in a in a way that I mentioned, like, is removing from the database, obvious spammers and bots.
[01:25:31] ODELL:
Fair enough. Anyway, I cut you off. Final thoughts before we wrap.
[01:25:38] Pip:
Nothing like you can learn more about Vertex on vertexlab.i0 or search on NoStar. And if your client has a good search, then you will find Vertex. And, no. Thank you. This has been a great conversation, and, it's an honor to be here, honestly, like, after few years listening to the show. Like, it's a bit surreal to be here and speaking. So yeah. Thank you, Odell.
[01:26:08] ODELL:
It's a pleasure to have you. It's it was a fun rip. I enjoyed it, and I look forward to the next one. You have me you have me on signal. So if I can be helpful in any way, don't hesitate to reach out. I'm gonna provide all the links, to Vertex. As you said, it's Vertex Labs vertexlab.io, but I'll provide all the links, in the show notes, including to Pip's, Noster account. Give him a follow. He's a great gotta boost his web of trust score. This would be embarrassing if he's not ranked very high as the creator of the ranking. But he has a great content. He has good he has good content and, good discussion there.
[01:26:51] Pip:
Now if if my rank remains low, it's proof that I am not manipulating the ranks. Yeah. So don't follow me. One conspiracy.
[01:27:00] ODELL:
When I was doing my good morning videos, which were getting a lot of in good morning engagement, I was always on the top of the primal trending. And there was a joke internally at primal that I was like, can you just, like, anchor me at number four? Like, don't let me go above four because it's just feeding the conspiracy theories, but we we never did that. We thought it was crossing a line. What else was I gonna say? Yeah. Post all the links in the show notes. Next dispatch is on Monday. So just like back to back to back dispatches right now. And that's gonna be with Matt Alborg, long time Bitcoiner. He now does ppq.ai.
So a new AI focused service that lets you use all the different models, pay with Bitcoin, you pay on a per per usage basis. Really cool service. So definitely join us for that. I did I say the time? The time is going to be, nineteen thirty UTC. If if you can use Nasr, you can use UTC. So convert it to your own time zone. You'll figure it out. But all the links to dispatch are at dispatch.com. Share the show with your friends and family. It goes a long way. It's very helpful. If for some reason you still use YouTube, even if you don't watch on YouTube, if you go press the subscribe button on YouTube, maybe it'll get me out of shadow ban hell, until we can figure out how getting Nostra streaming to the next level. Anyway, I love you all. Pip, thank you for joining.
Stay on the Styx side. Peace.
Who everyone talks about is our guy that we usually talk about for the S and P and stocks. It's Tom Lee. That's Tom Lee. Yeah. Because he's been a bull for a long But the way he is a bull, he's on here and it'll be you know, Bitcoin will be at 70, and he'll just and I go, well, what do you think? And he goes, well, I'm expecting $1.20 to $1.50 with Right. And you think he's nuts. And you think he's absolutely correct? Right. That's the way he was when it first went up to twenty thousand years ago, and it and it dropped all the way to 3,000 or something. And he said, oh, I think we'll be back to 20 by the end of the year. And I once at one point before I got to before I got, born or until, I got one till pretty early, like, four point. It was at 8,000. It went down to 4. But one of my purchases was at 4,000. So Wow. Yes. So I did that. I had some at 4,000. Okay. Profits? I'd I'd sold a lot of 55.
I still have pretty much. I still have them. Fine. I'm good. And I I love what you know, you can it's it's tough to enter now. You can buy fractional. But if you're a long term believer. If you're not if you're still a hodler, they they've been, they've been buying all along. But but I remember when he said it then, I I asked. I said, you're so good at what why do you delve in this? You you it's so much easier for stocks, and you're so good at calling short term trends than the S and P. You know, why risk your reputation on this? But at that point, it was such a strange risk No. Just for sure No. Of his forecast. Crypto related stocks, by the way, also
[00:02:01] ODELL:
Happy Bitcoin Friday, freaks. It's your host, Odell, here for another Citadel Dispatch, the interactive live show focused on actual Bitcoin and FreedomTech discussion. That intro clip was, the world's most popular Bitcoin podcast host, Joe Kernan from CNBC. I think admitting for the first time when he purchased, which was at $4,000, that was actually a more impressive entry than I expected out of him. He did say he took some profits at 55 k, which, you probably regress that now. I would say selling Bitcoin for dollars is not taking profits. The opposite is taking profits. You wanna store your profits in the hardest money known to man.
He also gave a shout out to Tom Lee who is pretty much a scammer, but, still felt like an iconic moment to capture and seal dispatch history. Anyway, Freaks, we got another all time high rip going. Bitcoin is in open water. Best part of Bitcoin is when we're in price discovery mode or the best times in Bitcoin is when we're in price discovery mode. The best part of Bitcoin is the freedom it provides us all. I have a great rip conversation lined up today with a ride or die freak. Before I get there, just real quick, dispatch is always is funded by our audience, funded by viewers like you with Bitcoin donations.
We have no ads, no sponsors, no ref links. Just you guys and me shooting shooting the shit, broadcasting signal around the world. The easiest way to support the show or the most fun way to support the show is in our live chat with the ride or die freaks, powered by Noster. You can find all the relevant links at saledispatch.com. And then the second best way to support the show is through podcasting two point o apps like fountain podcast app. Our top zap from yesterday, you guys only had a day to give your comments in your zaps, was 500 sats from Johnny Stimulus. Let's try and get those zaps a little bit higher, Freaks. I would appreciate it. But more importantly, I appreciate when you share the show with your friends and family available in every podcast app.
Anyway, Freaks, long winded intro. I've had a long day. I just got off a rabbit hole recap, slammed some food real quick, jumped on the livestream again. We have Pip here. As I said earlier, he's a ride or die freak, which I'm quite proud of. First time first time on the show. He I did broadcast. We we did a panel together in Riga that I did put in the feed. You might have listened to that. He's focused on webs of trust, web of trust. How's it going, Pip?
[00:04:46] Pip:
It's going great. I just came back from vacation, so I'm quite relaxed and, and, excited to to build.
[00:04:57] ODELL:
Rejuvenated and ready to go?
[00:05:00] Pip:
Sorry. I didn't hear what you said.
[00:05:04] ODELL:
I said I said you're rejuvenated and ready to go? Yeah. Exactly. Yeah. Rejuvenated. Yes. Okay. So first, I think a good place to start is, what is a web of trust and why should people care?
[00:05:19] Pip:
Yeah. So web of trust is a word that's, can have many meanings. So, yeah, it's important to to define, at least. So I define it in the context of master. So web of trust, meaning that there is, there exist a bunch of events, and those events, because of master events, they are signed. And so it's possible to cryptographic cryptographically verify that someone has made a certain claim or has taken a certain action. And, out of that, you can build out a graph in many different ways in focusing on different types of relationship. For example, one is the follow graph that is mostly what people say when when is mostly what they mean when they say web of trust of Noster is basically who follows who and, what can be derived from all of this data, basically. And, yeah, my project, if I can continue in this route, is, is Vertex and, which is a web of trust as a service, meaning it's a service that you can use to analyze this web of trust and or rather, we analyze all of this data, and then you can use the insights from this data to power features inside your application.
[00:06:50] ODELL:
Okay. So, let's just pull it back for a second. The way I like to describe web of trust is from a practical perspective, which is right now, we're in the early stages of AI tools. But since the dawn of time, spam has been a problem on the Internet. Spam, the definition of spam is not an objective definition despite what people realize. It's, more of a subjective definition. And and what is spam? Spam is something that you didn't actually want to see that you see. So one man's spam is not another man's spam. Sometimes some people think there's something of value while other people don't. Historically, the way we've handled spam on the Internet is through centralized means.
The most notable being, Google with Gmail. Gmail has a massive list of spam, and they just don't deliver it to you if it's on that spam list. Now, with the dawn of AI and deep fakes and fake news and automated bots, l o m powered bots. We've seen this become even worse in a social context on different social platforms. And they've also attempted to handle this in a centralized way, usually by trying to tie identification information to users and doing either light KYC or or even heavier KYC to identify the user and then deem if they're a real person or not and then add them to a spam list. Now the problem with centralized spam mitigation is that you have a central point of failure run by humans that can be corrupted, that can be pressured, that can be malicious.
And and so you have a censorship risk there, but also you have, manipulation risk and you have just a lack of efficiency. It's not very effective. Spam still gets through. So now that we have Nasr and we have this cryptographic, identity protocol and and social graph protocol, we can do things, in a more scalable trust minimized way, and that's where webs of trust come in. How did how did that go? Did I nail it?
[00:09:11] Pip:
Yeah. Yeah. I I would say that spam prevention and the battle against spam is perhaps the the biggest use case for the web of trust. Not the only one because, for example, there are, like, recommendations that you can solve in a very similar way, like giving personalized recommendation to users or offering a search. So there are multiple, use cases for the web of trust, but for sure, the biggest one is fighting spam, which, as you said, yes, it's a problem of, essentially, the the fact that users can abuse certain systems. And so it's a matter of trying to use smart heuristics so that you can defend yourself. You can defend, your your attention, your database if you're storing stuff that you don't want actually to store.
And, any of our web trust provides a very powerful heuristic. And if you want, I can Yeah. More about, like, how powerful and how can it can be used more practically.
[00:10:25] ODELL:
Yeah. So, I mean, first off, we have Fran Zap in the live chat. Zap, 10,000 sats. Thank you for your support. And he also said, that your mic is a bit loud, but I lowered it. So, hopefully, it's better now. I lowered it on my side. Let me know, guys, if you think he should maybe move it a little bit away from your face. Pip just got a new mic just for the show, so shout out, Pip. Fran Zap, by the way, is, the creator of Zap Store, which is a master powered app store for Android, that is leveraging webs of web of trust. Is he using Vertex?
[00:11:07] Pip:
Or Yes. Yes. He is using Vertex. Actually, he is, still, I I would say, the the cofounder of Vertex. Like, we started this project together in, well, Riga last year. And then we, basically, we launched in February. And, in, I believe, April or May, he decided to step down and focus more on Zuckster. But, yeah, his help was super super useful in the beginning for sure.
[00:11:42] ODELL:
So let's I mean, you said you wanted to talk about more practical uses of it, in the real world. Let's why don't we start there? Like, how is web of trust useful in a or Vertex specifically useful in an App Store environment?
[00:11:57] Pip:
Yeah. So in the App Store, in Zapstore specifically, the feature is that when you click install on a new app that you that you you haven't downloaded yet, it it asks you a question. Are you now the question is, do you trust the signer of the application? So the thing is, someone and a developer most likely has signed this application, and so meaning that he build it. And so do you trust if you are not going to read the code, do you trust the signer, the developer behind it? Now, if you were to display an m pub, that would be very inconvenient because, you would have to take that m pub, copy, paste it somewhere else, and take it in and look at him at his profile.
What, Vertex does inside Zapstore is that it provides, very summarized, very important piece of information, like who are there, the top followers of this account. And, and so, for example, if I click on, let's say, Albie, and I see that it's signed by Albie, I see that Odell, myself, Franza, they all follow Albie. So this Albie is most likely the relevant one and not an impersonator that is trying to trick me. Yeah. That makes sense. Yeah. Go on. And this this service specifically, it's called, verified reputation. Very simply, you provide an m pub. You choose the algorithm that is used to find the top five or top whatever you want.
And then, and that basically and yeah. And we return the list of attendees with their associated, say, score or rank. They are already ordered, but you can use that score also in other ways.
[00:13:57] ODELL:
So there's so I guess, first off, I think it's important to realize that with delivering software on the Internet, this is the key this is the key problem that has that people have been trying to solve for a while, which is, you wanna make sure you're getting the real app. If you if you if you don't if you're not making sure you're getting the real app, you might get a fake app, and that app might be malicious. It might be just bad. It It just might not be a good app, but it also could be malicious and and trying to hurt you, trying to steal your your money or or compromise your account or something like that. And historically, the way that's been handled is once again through a centralized method, which is Apple is attesting to who's in their App Store, and Google's attesting into who's in their App Store. And they're making sure you're getting the right signal app, for instance, or x app or Facebook app. They're the ones doing the reputational scoring and testing and confirming identities and making sure the app hasn't been changed.
Now that obviously comes with the issue that they also choose if you want to be in if you're allowed in the App Store in the first place. I had the white noise guys on yesterday. And right now, it's not available on iOS because Apple hasn't approved them. They need Apple's approval to get into the App Store. So how can we solve that problem without having that centralized party there deciding if if you have access or not? And that's what Vertex and Zapstore are trying to solve. Basically, anyone can upload, anyone can sign, and then you have this reputation scoring system so users can figure out which one's the real one. And that signing element is key because that's how you know it hasn't been changed by Zapstore.
Right? If if Pavel Durov uploads Telegram to Zapstore, he wants to make sure that Fran can't change the file in in the in between. Right? Because that's also part of the threat model. So Pavel signs it, then the user can verify the signature, knows it hasn't been changed in the in between in the in the middle. Okay. That's awesome. So it sounds like you almost you're you're developing you have, like, an objective trust score or reputation score that is global. Like, it doesn't matter who I am as a user downloading it, or is it user specific? Like, if I go to Zapstore and go to download something, am I seeing a user specific view that if you go into Zapstore, you see something different, or is this more of a global type of reputation score?
[00:16:38] Pip:
You can provide you can specify in the request the algorithm you want to use, and we have three algorithms algorithms at the moment. One is the you rank by followers count, which is the most, the, like, the cheapest, the fastest, but the less precise. Then we have, page rank. This is, let's say, a global view as as global as it can be. We we try to hit, all of the relays and and do the analysis that way. But, of course, there is no guarantee we get every single m that exists. And then there is the personalized page rank, which is still based on the same algorithm, but it is personalized to a parameter source that you provide. So in the most common way, you would be when you click on Zapstore, if Zapstore had this feature implemented, did this this particular type of call, then, yes, the top five you would see in that particular for that particular application would be personalized to to to you.
And, so most likely, you will see if you follow that person, you will see yourself as the as the first one, as the top one, and then you would see most likely your followers that also follow the signer of the application. And if there are no followers, then you would see the people at two hops or three hops away from you that follow the app. It's more it's more complex to to say it out loud than to, like, draw it or this actually, it's not that.
[00:18:16] ODELL:
Fair enough. Completely. So we got the App Store model. And I yeah. Yeah. You also have this all listed on vertexlab.i0 with the different trade offs, and you have a nice little chart on the three different algorithms you provide. So to go down this line of practical uses of something like Vertex, we have the App Store method. What what the App Store use case, what other use cases do you see, being a good fit for this kind of, web of trust algorithm?
[00:18:54] Pip:
I would say the most used service at the moment is rank profiles, which is used, by asknostril. Site, which is, like a website where you can see a bunch of questions that people make on nostril. And they use it to basically, whenever, someone post a new ask nostril or other or an event that mentions one of the hash hashtag the index. When whenever it's it's a new key, they ask Vertex the the rank. And if the rank is too low, they simply hide the the the question or the answer, unless, maybe unless they have been active on Nostra side. Like, you can override this reputational score if you have more local information about your your app and what the user is doing inside the application. But if you don't have that information, you can use that that rank. And they have been using it, and they said they are happy because, it, removed, like, 99% of the spam or so of of people that were trying to gain the the hashtag ask ask Noster to get, zaps or or those kind of things.
[00:20:14] ODELL:
Yeah. So they're using it for spam mitigation.
[00:20:17] Pip:
Yeah. Spam mitigation. And, that service in particular is a batched solution, so you can get the rank of 1,000 pop keys up to 1,000 pop keys, and and in a single request, you you you will receive. So that is more useful for, like, relays or application that have a database, and they want to store this information for later use. And then we have search. So, for example, if you go on mpub.word, which is a client that Fran and I built, you basically see a big fat search bar. And when you search, like, Jack, you will see the the Jacks, like, Jack Dorsey, Jack Mallers, Jack Spearko, and all other Jacks ranked in a way that kinda makes sense. These users global, but it could, also in the future, I could also add the login. And when you're logged logged in, you use your personalized view to rank people.
[00:21:18] ODELL:
Search engine. It's a great it's a very clean search engine.
[00:21:25] Pip:
Thank you. And when you click on a profile, what you see is actually the result of verified reputation. So you see follows count, followers count, the top five that follow that m pub, and then a bunch of buttons like open this in
[00:21:42] ODELL:
your fraudulent client. Well, there's a lot of people that follow one of these fake Odell's.
[00:21:48] Pip:
Yep. Yeah. Unfortunately, this is the limitation of Vertex, which I am completely open to discuss, is that we do you cannot escape, curation in any way. Meaning, you either do direct curation or you do algorithmic curation like we do. And, if people start following someone that is, a bot or maybe an impersonator. Yeah. Bot bot bot are fine, but impersonators are not, then, clearly, we want that to have the score as low as possible. But, yeah, if if some people follow it, then it will show up in search results.
[00:22:33] ODELL:
Yeah. I mean, it clearly has a much lower score than the real Odell, but it still shows up in the search results. And you don't make the actual rank number public. Right?
[00:22:48] Pip:
Yeah. This was, someone actually made a PR to add and show the ranking publicly. I'm not particularly inclined to do that because, it sounds strange. It it feels strange to put a number on people. Like, this number can be used in the background to rank and and sort in a way that makes sense. But for example, I am always a bit it's kinda creepy when I look at, like, core accuracy. I look at my own score from my perspective, and it's lower than your score from my perspective. It's kinda strange. It it it creates strange dynamics, I I would say.
[00:23:31] ODELL:
Well, it's like a popularity leaderboard. Right?
[00:23:35] Pip:
Yeah. Kind of. Yes. To integrate the impersonator problem, I have in mind to also analyze mutes and report. And that way, your your score or that would probably still will still be number one and will not change. But, hopefully, the second or the the impersonator, its score would decrease because many people have muted it or reported. So it's not
[00:24:05] ODELL:
I'm on Choracle right now. And so he shows a web of trust score on my account. Is he using Vertex or is he using something else?
[00:24:18] Pip:
No. He is using his own implementation, which is, to my understanding, is something like number of follows that follow you, like the target, minus the number of mills. It's just it is something like that. The issue with that is, with a formula or, like, type of formula, maybe I I got it slightly wrong, is that, each each follows counts the same, which is not true because some people follow 10,000 others and some people follow 30. So that that should be counted in some way. And, then it's follows and moves. They they do count it. Like, if you get muted by many, you get a negative score, which yeah. It it can be well, this actually is not a problem.
Mostly it's, say, it's less precise because it doesn't differentiate between different follows. Like, a follow counts one, a mute counts negative one.
[00:25:24] ODELL:
You wanna actually rank the the people that are also then ranking. Right? Just like it should compound on top of each other.
[00:25:31] Pip:
Yeah. And, also, it's limited in reach because it can only go two hops. Like, you have information about the one you follow and the one they follow or muted. And this is you you don't have information outside this bubble. And how big is this bubble? Most likely, it is about 50,000 impacts. Maybe more for people like you, Odell, that follow thousands and thousands of people. But, yeah, in the future, this this is not going to scale much. In fact, true hops, you'll probably still remain about 100,000 m pups even though maybe millions and millions use not in Oster. And so you would have a very limited view of what's happening and who's reputable and who is not. And outside of that, you would have no information.
[00:26:23] ODELL:
And particularly new users, you would have trouble seeing their stuff.
[00:26:28] Pip:
Yeah. True. It it requires yeah.
[00:26:31] ODELL:
So I, I'm a big fan of Nasjira with a u, n o s t u r, by Fabian or Fabian. I don't know how to pronounce his name. But, yeah, he uses his own in, his own local web of trust filter. And to to your answer to those issues, first of all, he has, like, a number you can choose with how many followers you disregard people. So I have it currently set up that if someone follows more than 2,000 people, then I don't include them. It they're not included in my web of trust. And and so just for some context for the listeners, I follow 1,854 people.
So I follow 1,854 people. And then my two hops, as Pip was saying, comes out to about 46,000 people, just to give people a line so anyone out of those 46 anyone besides those 46,000 people, I don't see their content if I use last year, which obviously has its pros and cons, the con being discovery.
[00:27:47] Pip:
Yeah. Yeah. Spam and discovery are always, in, in in, they they are always against each other. Like, if you try to optimize for discovery, you probably include more spam. If you wanna be super against the spam, then you find yourself, that you don't have basically content on your feed because you just blocked everything else, everyone else. Yeah. Client side solution in general, they can work, for sure. The problem is that, at least from what I I know about, is that they are quite complex to implement. They they require a lot of work on the client, which can be problematic if you use a smartphone, if you have poor Internet connection. Like, you have to download all of this kind freeze, and downloading them can take, you know, many, many minutes.
And then because it is it is so expensive to do, then these things are are cashed. So I assume there is some cash that happens, which means that it might happen that you are using all the data, maybe in case of someone who gets hacked. Like, imagine Jack Dorsey is hacked, and then you still see him as reputable even though he was hacked. And this might, be problematic because, like, he messaged you and he asked you for, you know, 1 Bitcoin and I'll give you back 2. And then you check-in it. Oh, yes. He's the real jack because he was hacked.
You know? Yeah. So instead, the Vertex, what we do, we take all of that work on our side, so you don't have to do much. You just have to ask the the relay, and we we give you the the the results. And all the results are computed in real time. So when you make the request, then we compute the thing. We don't do any caching of any sort. Everything is basically precomputed and keep updated. Whenever someone publish a new follow list, we we get it. We update, our internal metrics. And then when you when you query, you always get the the the most the most fresh data possible.
[00:30:04] ODELL:
Makes sense. So first of all, I see, Stacks in the live chat. He was asking what the domain was for that search engine that is npub.world, is the domain. I see Frank answered him in the live chat, but I just wanted to put it out there because if he didn't understand it on audio, then no one that listens to the podcast feed would understand either. And the overwhelming majority of listeners on the show is the podcast feed audio only. Okay. So so to pull on that thought, so something like Nasjar is using local client side web of trust. I also assume that is adding additional compute and would kill hurt your battery life more just like checking signatures and everything else. It's just trade offs all the way down.
But so with you guys, how is a developer integrating it? I see a mention of DVMs on the website. Like, how does that look from the developer perspective, in terms of integration? And then how does it look from both the user and the developer perspective in terms of trust in Vertex?
[00:31:20] Pip:
Yes. Yes. So from the point of view of the developer, I'm very proud because I think the experience is really good because all of this complexity on algorithm and, and downloading data and analyzing it and verifying and so on, all of that is abstracted away. And what you do is simply sign an event that is a request. So the request is, an an an Oscar event, and, it contains inside the parameters. Like, I wanna use this algorithm. I wanna use this other parameter and so on. You send it to our relay, and then you fetch the response. And that's it.
The the services are the DVM services are already structured in a way that kinda covers the the most popular use cases. Like, you wanna verify the reputation of an intel, like, you are on the profile. You and so that is, like, the place, in my opinion, to to use it. Then we want maybe you have a database. You wanna have a bunch of information for later use, then you means you you are going to use rank profiles. Then let's say you have a premium user and you want to give him recommendations or maybe a regular user, you want to say, you should also follow these other people. You can use recommend follows that is going to, yeah, use the algorithm to come up with this recommendation and then search. If you wanna have a nice search bar on your client, you can just add it. And in the background, that search just ask our relay and then shows the the the result.
Now in terms of trust, it is, yes, a centralized service, so it's fully trusted at the moment. It's, well, the only guarantee is that the responses are signed. So there cannot be a man in the middle that that tries to impersonate Vertex. That would be kinda fun. Funny that someone impersonates the anti impersonator. Fair enough. And we're and, yeah, actually, the next step, in order to minimize distrust is to implement something I have in mind, which is a client side validation schemes. Meaning, you get let's say, we are talking about verified reputation. So you get, the top five followers of Adele, and you wanna know because you want to know if this Odell is the real one or an impersonator.
Now what you can do client side, once you have this top five, is to find your follow list and then their follow list, and then you can verify that all of them follow this Odell. So you cannot prove that these are the top five out of 46,000 people, but you can prove that those five actually follow that. So you prevent in this case, client side verification prevents the worst case scenario where Vertex just lies and and said, yes, all of these reputable people follow this fake hotel when in fact they don't. And, and also for trust, it's important to note that, because it's built on DVMs, it it means that other competitors can come in, and then hopefully, there will be some competition that that keeps everyone in check. But at the moment, it's only So you got presumably
[00:35:07] ODELL:
in that situation, you could just you can hit two providers and compare the results locally or something.
[00:35:14] Pip:
Yeah. For for example, I'll choose the provider you trust more. Yeah. That's that is a possibility.
[00:35:21] ODELL:
But you could use one to audit the other would be an interesting trust model. I mean, right now, you stand in a situation where you could presumably censor someone if you wanted to. Right? I'm not accusing you of that. I don't think you are. Yeah. Yeah. I could.
[00:35:37] Pip:
I could. Got it. Just just to be clear, yes. I could. It's a trusted service. Just like, I would say similar to the prime model caching service, model. 100%. Someone someone some other can can run it. But, yeah, potentially, primal could end the
[00:35:57] ODELL:
And presumably, like, the biggest trust with the primal model is similar to this, which is in practice, which is that primal could choose not to show you something. And you wouldn't know primal was choosing not to show you something because everything's signed. You can verify that there isn't a man in the middle happening, that the data hasn't been modified, but you don't know if you haven't seen the data in the first place.
[00:36:22] Pip:
Yeah. Yeah. Yeah. That could be data with withholding, I think it says. Yeah. Yeah. That that that is also the case with, with relays in general. Like, you don't know if they are Right. Deleting events of people they don't like.
[00:36:36] ODELL:
Same trust model exact in that regard to, like yeah. Like, the domiciliary could just just drop notes, and you just wouldn't know. But they can't modify notes because you can check the signatures.
[00:36:50] Pip:
Yeah. Exactly. And, also, because every response we make is is signed, and that event, you can you can store it. And so you can that that can be proof that we misbehaved in the past, and that would, fuck us. Like Then you'd be over. Yeah. The reputation. Yeah. One event use you again. Exactly. Yeah. Yeah. And this doesn't happen with the normal APIs because they are not signed, at least not normally. And so proof.
[00:37:22] ODELL:
You wouldn't have proof. Yeah. Exactly.
[00:37:25] Pip:
You would not have proof, and it would be my word against your word. And then, we will not be able to, like, decide or but instead, in this case, because we use DVMs, then, yes, if we misbehave, then everyone would would see that.
[00:37:44] ODELL:
So you have, the the dev pricing here. Yeah. You get 10,000 free credits as the trial, and then it looks like the cheapest scale one is, half a cent a credit. What is it like, what does that actually, relate in in actual cost? Like, if if Vidor was to add this to Amethyst in practice, how does that look cost wise for him?
[00:38:15] Pip:
It really depends on what you use. And, for example, if let let's make an the example of Primal instead of Amethyst, which is, which is easier. So Primal has a database.
[00:38:29] ODELL:
Right.
[00:38:31] Pip:
And they probably have many millions of m pups and many, many millions of notes. And they are wasting, most likely a lot of some resources in storing notes that are just spam or, yeah. And what they could do is that every day or every week, they, connect to Vertex. And then for each amp up of their database, they ask the rank. They store this rank for later use, like to power search, for example. And then if the rank is too low, then they can simply delete these events because they say, people are not interested in this event. This is my relay. This is my storage. I prefer to use it in a more efficient way, so I delete these things. So the user I'm referring to is using, rank profiles. And so for each 1,000 pop keys, it cost, less than 1¢.
And so if you have 1,000,000 keys, that would cost you $99. With $9, you take your database and you clean it up. Maybe you do it. Oh, it's pretty cheap. Yeah. Maybe I'm underselling. Yeah.
[00:39:45] ODELL:
Well, it's good to you start low. You can always increase the price later.
[00:39:50] Pip:
It is not the the the opposite. You can you should start with the height and then decrease it later.
[00:39:56] ODELL:
I don't think so. I mean, it depends what you're selling. But if you're selling this is, like, probably mostly b to b stuff. Right? So it's like a developer focused thing. And you so you just want the install base, and you want the feedback first. And then you can increase price. That's why I assume it was why you have a free tier. Right? Just because you don't want you want someone to act you want a developer to actually play around with it and see how it works for his use case before, you don't want the the payment to be friction point. I think people I think you could, at the end of the day, for most good products, you can lower or increase the price in the future and users will be fine with it. I think people overstate that a little bit and overthink it on, like, what their what their original price is.
[00:40:47] Pip:
I definitely over overthought my pricing.
[00:40:51] ODELL:
Oh, there you go. We should. We didn't talk first. So I don't know where I wanna so first of all, I'm curious just out of the, do you have, like, do you have a god mode of that lists, like, the most popular accounts on Nostr? Do you have, like, an Excel document? Do you have a spreadsheet that just shows who's the most popular?
[00:41:18] Pip:
No. But, you are asking because you wanna know if you are number one. No. I I mean, I I assume Dorsey's number one. I'm just curious. I'm No. No. No. Sure the top 10 are. I I don't know now, but I remember when I was, like, testing and looking at the ranks global global ranks, not personalized. Danos, I think, is number one. And then, Jack Dorsey.
[00:41:42] ODELL:
Yeah. Because everyone follows Domus, basically, I think. If you install Domus, I think it automatically follows the Domus account.
[00:41:49] Pip:
There's a trick. I'm joking. I think Domus, Jack, and then probably you. Maybe you are number three. Interesting. I'm going to to heart your your ego. I'm I'm sorry. I'll say humble enough. I think humble
[00:42:08] ODELL:
enough. I've I've I've, it's just kind of interesting to me. Like, I, I wouldn't be surprised if there's a decent amount of surprises in the top 50, particularly since Nasr is global non English language. Like, I wonder, like, I wonder who is the most popular Japanese language person. I would have no idea. I don't even know who that is. I can't read their language.
[00:42:32] Pip:
Yeah. I don't know. I honestly don't know because I don't have the this feature yet. No.
[00:42:39] ODELL:
I, Yeah. Gigi top 10. I think so, probably. He's the goat. Yep.
[00:42:44] Pip:
Yep. Four five. And NDK also in the top. Lina, Jack Mallers, Jeff Booth. Always yeah. You know, always the the the the the same very popular.
[00:42:57] ODELL:
I mean, that's the funny thing. Right? It's like so with primal, we have this optional trending algorithm, And there's all these conspiracies about the trending algorithm, about, like, who's on the top of trending. And meanwhile, like, it is the most transparent algorithm in the world in terms of social trending stuff. Like, we it's open source. You can see the exact weightings. You can see exactly how it works or not. And why does it exist in the first place? Like, a lot of Nostra people are anti algorithm, but the reason it exists is because actually, most people like algorithms and they find them useful. They just want they need to be transparent and not predatory.
But it is it it opens up an interesting question and and it's optional. And it opens up an interesting question where, if if, like, maybe the algorithms people want and the cool part about Nasr is they can choose is maybe the algorithms people want aren't actually, like, what are the most popular notes? They wanna see stuff underneath that. And that's why, like, with the primal trending, like, it's not a conspiracy. It's just if more people follow someone, it's more likely that it's gonna have the popularity rate, like rankings on individual posts.
[00:44:13] Pip:
Yep. Yes. That that also is, let's say, lack of, variety is also because that algorithm is is global. And so you find always the top global people. That could be made, let's say, relative to the user or, you know, another word, personalized. That's also, that that is more like aligned, I would say, to the nostril spirit. But practically speaking, it's definitely more, more computations, more more costly also to to do. That's also why the that algorithm in particular, personalized page rank is, is is more costly than than global page rank because it simply is more competition for for us.
[00:45:03] ODELL:
Yeah. It's much more difficult to implement. I, Yeah. I I do like the personalized stuff, and I think Noster's uniquely well positioned for it. I see Diana's comment in YouTube, and maybe I'm maybe it was a little confusing for other people if she's confused as well. With primal, she's asking me about the primal trust model. With primal, what we do is we have a caching server while most other apps, Nostra apps, connect directly to relays. And And so you can think of a caching server kinda like a super relay, that we run, and it tries to collect all the notes that we see, just every note that we see.
And we do that for performance reasons, but we also do that for privacy reasons. And that's because when you're reading notes on Nostra or even reading profile pictures, which the caching server is also taking, caching server takes all the media and everything. When you're when you're reading that on a normal Nasr app, you're actually hitting a bunch of other web servers. You're hitting, like, any web server that's hosting media, any web server that's hosting notes, anything on Nasr. And so with us, you're just hitting our caching server. So you're only exposing your IP address and your use your your usage to to the operator of the caching server.
Now that adds a trust element in terms of censorship where we can if we were operating maliciously, we could remove things from your feed that you would never see in the first place. We can't modify your feed. We can just remove things and never show them to you in the first place. And as Pip said earlier, that's a similar trust model as a regular relay where a regular relay could have removed could remove things. Now the advantage you have with a normal nostril app or a typical nostril app is you might connect to multiple relays. So they all would have to, you know, be dropping notes for you to miss them.
The mitigation we have for that is the caching server is open source. And in the UI itself, you can go and you can switch it to your one you run or one someone else runs, as Pip said, with his project. The ideal situation is we're hoping multiple entities are running caching servers, and you can just easily flip between them. Mutiny used to before they left. But, yeah, anyway, that was long winded on the primal trust model. I see Fran saying primal should integrate Vertex. I mean, that that's interesting to me. I mean, I I think we're also like, we'd like, we could do stuff in house.
I guess, is the Vertex stack the Vertex stack itself is open source?
[00:47:54] Pip:
Yeah. Yeah. Of course. All open source. In fact, I am, maybe I should have mentioned earlier, but I am a open SaaS grantee.
[00:48:02] ODELL:
Oh, awesome. I think I knew that.
[00:48:07] Pip:
Yeah. Yeah. All open source. And, yeah, you can basically take it and run it yourself if you want. It's not, as, plug and play, I would say. Not not only because you have to provide, hosting, I mean, the infrastructure to run it, but, because it it requires some, let's say, ad hoc, you choose of certain parameters. And, it's more like an art than a science to, like, do the initialization. Because when you are initializing, right, and you you you will crawl the network from a certain point, which was, like, flat Java and Pub simply because it's you know, if you use no source, somehow you trust a little bit, at least implicitly. Yeah.
And then we we go from there and we crawl these followers to so the graph expands with these people. And then recursively, it starts to when someone reach a very high rank, then gets promoted. And when you get promoted, you we we fetch your follow list, and we add new people in. And this is a recourse recursive, recursive initialization that yeah, it's it's it's not that employee just to redo it. But, yes, if you want, you can do it. You can run your own vertex, of course.
[00:49:32] ODELL:
Yep. I mean, I we also, we did, like, the early stages of, like, just an open DVM feeds opt in on primal. So, like, you could use the primal app, and you can subscribe to a DVM feed that's, like, trending powered by Vertex or something or personalized trending or, so yeah. That's Look. At the end of the day, I just wanna put it out there. Like, the goal the goal with primal is for you to control your experience. Like, we we don't wanna tell you what is what it what you should be reading and what you shouldn't be reading. Like, the goal is for the user to have full control over their experience, and there's a lot of work that needs to be done everywhere, despite the conspiracy theories. But yeah.
Do you broadcast any DVM feeds right now?
[00:50:29] Pip:
No. No. No DVM feeds. No. We we all only have the four services that I mentioned. That's, yeah. The the let's say positioning I I see for vertex is more, as you said, b to b. Yeah. Because, if it's true that now we have micropayments, which you can potentially use to pay for one one single search. The thing is that I think it creates a strange user experience even for seasoned Bitcoiners. Like, you download a new app, you need to top up the wallet so you can search. You know, it sounds counterintuitive, and it makes you think about things that should be, like, automatic. You shouldn't think, is this search worth 90 sats?
Like, I don't know. I I should not think about all of those steps while I'm using the application. So Right. And for example, with Primal, I think it could be like, the way I see it now is that the search the the ranking is using a follower's count, which is, like, the which Vertex also provides, but it's like the the worst algorithm you can you can choose, basically, because it's not really civil resistant. And in the past, I've I've, showed, like, how the search in mpop.word compares to the search in primal. For example, I think yeah. For example, there was a, an awesome band that had, more than 100,000 followers and but 99%
[00:52:13] ODELL:
of that is fake or or something like that. It's just like bots. Right? People spinning up and pubs and following to, to break the basic analysis. Right?
[00:52:23] Pip:
Yeah, exactly. And, in, it's, it's actually quite a hard problem to solve because, you use follows to figure out who's reputable, but also you need to know when to discard some follows. And that's why I mentioned earlier the the recursive discovery of the network that we do, And, we only so we only fetch events from people that have been promoted, that have been, that have acquired reputation from other people.
[00:53:01] ODELL:
So we have impersonation detection. We have, better feeds. We have, app discovery and verifiability, and we have search. What other are there any other use cases that you think are low hanging fruit for something like Vertex?
[00:53:33] Pip:
I think, the most flexible is rank profiles where you can rank a bunch of empaths because that can be used in so many ways inside an app your application. Like, I make an a very interesting example, let's say, Fontaine. Fontaine gives out the stats reward. I'm sure there are bots that try to game it. But what you could do is say, okay. I only give such rewards to people that that do Master login. So, also, it's a way to, incentivize people to use master so they can get the rewards on Fonten, for example. And then after they log in, they can only get the rewards if their rank is higher than a certain threshold.
A threshold, low enough that it, it doesn't do many false positives. So it doesn't discriminate real users, but it removes almost 99% of the amp ups that will do this game, basically, with the it's been a new amp up, listen to a few podcast, and then do it again to get a few sats. This is also an interesting possibility. Just to give some context, like, Nostrad band shows 42, 43,000,000 m pubs. This is what they have in their relay. They they see all of these m pubs. In the in in that, we have 350,000 reputable m pups only, so it's less than 1%. So 99% of the m pups are not there at the moment.
According to our analysis, are are are spammers. And I think this ratio is going to increase in in the future as real money and profits come into Nostra, then the opportunity and the to spam is going to is going to be used, basically. Like, a lot of people spam most of the content would be AI slop. And so figure out figuring out what's real and what to store and what not to store and what to show to users is going to be really important.
[00:55:45] ODELL:
Does, is that data public anywhere?
[00:55:50] Pip:
The what the the number of the reputable
[00:55:55] ODELL:
users versus total pub queue seen?
[00:56:01] Pip:
Well, the most of them has a stats page, and then you can see
[00:56:06] ODELL:
But there is a closed source. Do you have your own do you have your own?
[00:56:12] Pip:
No. No. From my own, like, in every in every, response, it is written this this number of how many it's called the nodes, how many nodes we have in the database. And that is useful if you want to create, we we added to every response because you can use that data for, coming up with a threshold. Got it. Like, this threshold depends on how many people there are in the graph, basically. That's why we included it. And I checked this morning, and it's three fifty. Got it. Three fifty thousand.
[00:56:48] ODELL:
But that's that's not necessarily actives. Right?
[00:56:52] Pip:
No. Exactly. No. It's, only reputable. Like, for example, I make, like, MicroSailor
[00:56:59] ODELL:
or Adam Beck. I think they Or, like, Balaji Balaji came and made one post and then left, and he counts. Right?
[00:57:07] Pip:
Yeah. Exactly. Those those do count in that three fifty because they are followed by many. But, yeah, the I would say active, and this is all, like, an estimate, but I think active would be half of that number. So 170, 150,000, real users of Nasr seems like seems accurate.
[00:57:30] ODELL:
Got it. Yeah. I think that sounds about right. I do think there's something to be said about when we're talking publicly about it being a little bit less conservative about the real number or the the exact number. I I mean, it's always an estimate. But, like, I'm pretty sure Blue Sky, whatever stat page that people use that no one can actually independently verify is the numbers are, like, incredibly inflated. And then who the hell knows, like, how many users there are x or Telegram or something? Like, that's just complete trust me, bro. And sometimes I think, we it's good that we hold ourselves to a higher standard, but maybe we hold ourselves a little bit too high of a standard because people then try and compare them apples to apples.
And it's it's it's not apples to apples. Like, I mean, I I've see there are situations where so Cali, for instance, hasn't deleted his x account, and he posts to x, and he gets way more engagement on his notes, like real engagement, like people replying to him and asking questions and engaging with him than he does on x. But x supposedly has, you know, 650,000,000 users, and we have, like, a 100,000. And so then the numbers just don't add up. It just, you know, you're like, what's going on there? So it's just something to keep in mind, people. Fran, I see your comment about signatures and the problem with caching service. The problem with caching service leaves signatures intact.
Signatures are delivered to the end user. The primal apps right now, I believe, are not actually verifying signatures yet. They they will in the future. We just need the app to get more performant. It's been, you know, a struggle to just get it stable as it is. And a lot of other other apps also aren't verifying signatures. I like how does it, once again, to give them a shout out, where he there's basically an option. There's an option in settings, whether or not you wanna do signature verification or not. And the reason is because primarily is is a performance issue and also kills battery life. Yeah. But, yeah, that is the goal.
But, yeah, you can actually one of the features I'm actually really proud of with primal is you can go to a note. And if you just press the three little dots, you can press copy raw data, and that's the full raw data. You have with signature in there, everything. You can just easily save that, export that, verify that. It was an important thing to have in the little drop down button. Yeah. Go on. You're gonna say something?
[01:00:25] Pip:
Yeah. I wanted to say that, like, the cost of signature verification definitely is is something real. It's something, like, that hurts the performance and the battery of clients, mostly, you know, on smartphone, low power devices. That's also why I'm kinda bullish on this idea that I mentioned of, client side verification that you can have almost both, the the best of both worlds. It's a trade off straight in the middle where you can delegate all of this work to, in this case, the Vertex server, but, check that at least the server is not, is not lying, for example, in a in a way that would be bad, like, saying that an impersonator is the real one.
This is the worst case scenario. And then with this sort of client side verification, you would be able to avoid the worst case scenario. So it's, yeah, trade off, I think, in the middle. And I believe in general, Nostril apps should, or could, explore this area because many go straight into, okay, let's do everything client side. And then you find that your app is barely working because it takes forever to load every anything. Yeah. Or, or maybe, so situation in the middle, like, yes, primal, where there is a caching server there where you obviously compromise a little bit on trust, but you get a lot more performance, a lot better user experience.
[01:02:12] ODELL:
Yeah. I mean, we I the cool part about Nostr is that you can use it in any way you want, and I it'd be nice to see more there's a lot of experimentation. But in general, I lean to more experimentation and more different trade off models being experimented with, than less, particularly at this point in Nostra adoption. Like, let's test out all the things, play with them, iterate from there. I don't think there's a a best Nostra app. I think the Nostra app that's most useful for someone is depends on their technical competence, their use case, and their threat model.
And that's the beauty of Nostra. The beauty of Nostra is that, ultimately, the user has agency, and they can use it how they want to and more of that. What else was I gonna say? I guess this also just in general for relay operators, this your service could be very useful in terms of what notes I keep. A lot of people talk about, like, paid relays versus free relays, but maybe the middle ground is like a Vertex spam mitigated relay. Right?
[01:03:22] Pip:
Yeah. Yeah. I actually wrote a a a blog post on, where I, let's say, explained that this this algorithm I designed for, for, open relays. So relays that do not do any spam filtering at the moment, like the big ones, Danlos, Primal, Nostradand. They are going to be flooded by spam. One way or another. Yeah. Yeah. Exactly. That is going to get 100 times worse for sure because if there is an incentive to spam, people will just spam. So what what you can do there is you can use, the you can apply a rate limit, and this rate limit is smart. It depends on who is the user, who is the author of the event. Like because as a relay operator, you want to optimize.
You have an optimization problem. You want more of the notes people like and less of the notes people don't like. You can use, as a neorealistic, the reputation of the author of the event. Like, if a bunch of people follow Odell, it's most likely because Odell writes interesting stuff. And so you can say, okay. You have late limit, but you have larger, bigger rate limits. If you are mister no one, then you have very small rate limit, and then you cannot write anymore. So you can have, like, a one event per minute, and if you are hotel and you have 100 or 1,000 events per minute.
You have reputation based rate limit. And then the the final piece of the the blog is because this this ranks in the in the paper are provided by Vertex. So how can you avoid a spammer making you waste a bunch of money in Vertex, let's say? Like, I create 1,000,000,000 keys. All these 1,000,000,000 keys writes to your relay, so you make a bunch of call to Vertex. And then I will be happy, but you probably will not be super happy. What you can do there is you can use, IP rate limiting for how many times anyone can call the vertex relay, basically.
So direct limited per event is based on the reputation and and how many new amp can you make me pay for the rank. That is based on the IP. And this with this scheme, with this two step approach, I think you can get pretty good, I I made, let's say, a cost analysis, and it's way cheaper to use for for the defender that pays Vertex than it is for the attacker that buys IP addresses. Right. It's a matter of cost, but it's the it's the defender is highly favored in this case.
[01:06:14] ODELL:
What about first of all, I think that's really clever. It's a nice trade off balance. Particularly, like, reputation based rate limiting is really interesting because it solves that issue that people have with web of trust, the core issue, which is like, what about new users that don't have a reputation yet? It's like, okay. Well, they'll just be softly rate limited on public relay until they build up a reputation. So they can still get stuff out. They just can't spam easily. What about people that, I'm just laughing at the live chat. They they, like, only fans stood up.
The what about, like, the false positives of people using shared IPs? I mean, I think a general a general good practice on the Internet, and especially when you're using Nostr, is to use a hosted VPN, a shared VPN that like a Proton or a Moldad or an Obscura that has a bunch of users that are all using the same IP address. And that's actually a feature, not a bug because, yes, you can self host your own VPN, and then you have to then you don't have to trust anyone, but that means you have a fixed IP address. So I actually like hosted VPNs from reputable providers because it means I have a shared IP with a bunch of other people. What about that situation?
Because wouldn't you just get a bunch of people coming out of the popular VPNs and then you'd end up block is it like m pub plus IP? Is it, like, a combination?
[01:07:47] Pip:
It's, not it's, because it is the two steps are this in this way. A new event comes in. If I have the rank of the author, then I apply and pop based the rate limiting. Sorry. Reputation based rate limiting. If I don't have the rank of the author, because maybe it's a new amp up or maybe I haven't asked for this rank yet, then I put this pop key in a queue. And then this IP can only put 100, let's say, or a certain number of new pop keys that I haven't I've never seen in this queue before it gets retlimited. Got it. Retlimited in this case means that you cannot put new keys into this queue.
Then how is this queue going to be used? You take 1,000 of these pop keys, a batch of those 1,000 keys, and then you ask Vertex for the ranks in one single call. And so you you save some money because it's a batch request. And so if a lot of users come in from, VPN and you have never heard of any of those, you just rank a few of them and then and then it would slow down, basically. And then after some time, depending on how you have configured this limit, they will be able to to to write, basically, to the relay. So, yeah, it's not a perfect solution by any means, but there are no perfect solution for for, like, free free relays. It's, you could use proof of work, but then you would have your smartphone trying to compete with, an AC. Yeah. Proof of proof of work doesn't work. For this to pay, but then it's not a free relay anymore.
And, and it creates a stranger like, you're a new user. You have to pay,
[01:09:46] ODELL:
like, first thing. We can't have new users paying first thing. We'll never we'll never get you we'll never get substantial user base if they have to pay in Bitcoin before they even get started.
[01:09:59] Pip:
Before they even get Bitcoin, which is life. Exactly.
[01:10:05] ODELL:
Oh, yeah. I like that. I think that's clever. It's a clever trade off balance. Any other use cases you have on the top of your head? We've gone through a bunch already.
[01:10:15] Pip:
Yeah. So we we said the search, recommendations, removing spam, protecting, free relays, the the Fontan one, the let's say, protecting, from giving out money to bots that automate the process.
[01:10:37] ODELL:
Yep.
[01:10:41] Pip:
Not I I don't I don't have
[01:10:44] ODELL:
more ideas. I think we did this kinda Those are those are a lot. You shouldn't feel pressure. I just wanna make sure we didn't miss some low hanging fruit. What is your overall diagnosis or thoughts on the Nasr ecosystem right now? How do you I know a lot of people are feeling burnout. There's a lot of, bearish sentiment, on on Nasr recently. Do you think we're in a good place? Where do you think we need to improve?
[01:11:21] Pip:
No. I think we are in a good place. Like, the fact that Nasr is not growing is but it's not shrinking also. It's, it's it's I think it's we are in a plateau. And, it means that, like, if you're in a plateau, it means that there is retention. And a lot of, like, from personal experience or more qualitatively, I think Nostra is much better already than x. The problem is always the network effect is so it is too small at the moment. But I think this will change exactly how new users are going to come in, like, where the new wave is will come from. I have no idea.
I I think there is a lot of potential in, like, communities. Yeah. Seeing and I haven't seen a very convincing solution. Sorry to anyone who's working on it. But, just my, you know, my my my honest opinion, I I don't have an app that I can recommend to my friends that they can use as a replacement for, like, Telegram or or their community for a specific topic. Like, I don't have something that I can confidently recommend. I think there there is a lot of opportunity. And, also, it's it's going to be also quite interesting because that, I think, would solve one of the biggest problem of web of trust, which is, like, the cold start. Like, how do you, like, how do you how how can you use without using global algorithms, which which can always use. But without that, how can you, you know, see content and get recommendation if you haven't even started following anyone?
Yeah. And that I think can be or how do you recognize a new user from a bot? How do you differentiate between the two because they look indistinguishable? One way would be, I think, communities, like, some way to know that you have been invited in a closed, reputable community. Like, the community exists before you before. And then because you have been invited and you are, like, part of the public list of the community, then we can say, okay. Then you must not be about your most likely, a new user. Because you're invited by someone that's reputable or something. Yeah. Exactly. Maybe they don't get followed right away, but they get invited. So this means that there are, like, most likely existing relationship in mid space or other places that also are created on Oster, which gives, for example, Vertex, but also other other solutions, more information to distinguish between new users and bots, which or spammers, which is really, really hard problem.
[01:14:25] ODELL:
Yeah. I mean, we've been thinking about that at least, like, from an MVP level on primal. In term like, one of the most bullish things, I think, in in Bitcoin fundamentals is, the meetup ecosystem. There's just meetups all over the world. And and, specifically, like, living through COVID, they told us we weren't allowed to go and meet with people. And at the same time, Bitcoin meetups grew, and they got bigger and bigger. And I saw this in Nashville firsthand where we had, like, a meetup of meetup organizers from, like, all these tech meetups, and they all got destroyed during COVID. They tried to go remote. It didn't work. People stopped coming. You know, like, random ass tech meetups, not Bitcoin related. But our meetups kept growing, and we got to, like, 200 people or whatever, per month in the last bull market, which was crazy.
But my point is is in that meetup community, I I there I I ended up I ended up befriending a lot of the organizers from other meetups. And one of the ideas that we had that was kinda low lift was giving the meetup organizers the ability to create, like, a primal invite link that automatically, they they curate which relays you choose. They curate who you follow at start. They follow back you at start and kind of just automatically jump starts your experience from a hand holding perspective. And I think that could be kinda powerful, but also very low lift. Like, that would be an early implementation.
Like, I think we can do much more interesting things. And, specifically, like, I I like I like what Huddl bot's trying with Flotilla. Like Yeah. Discord replacements, like, seem like an obvious answer. Obviously, like, white noise is kinda trying to do something there. I see Diana saying that primal recommends to follow certain people at start. You know, it's like it's trade offs all the way down. I first of all, we tried to refine it. So, like, it first of all, it asks you interests before it gives you a follow list. And then the follow list is optional. It's not it doesn't, like, default follow people.
But you also have the opposite problem where, like, I've used Amethyst and onboarded people on the Amethyst, and they start up with an empty feed, which is where you're never gonna get any new users if they start off with an empty feed. So, or we will get new users, but we'll get much less. Like, only a Sith speaks in absolutes. So, like, we gotta, like, play with different things and try different things and nothing's perfect. But I, yeah, I do like the idea of communities. I'm rambling on, but Ravel, of Nasocial, who is also one of the early employees with Jack at Twitter, he made an interesting example to me when we were hanging out one day, which is there's, like, a group on Facebook that is, like, 400,000 people, and all they do is post funny pictures of people riding horses and, like, funny videos of people riding horses. That's 400,000 people. And they they have a funny horse community.
And they have to deal with Facebook censorship because the PETA people, by the way, I, I, I don't think people should hurt animals. I think there's a special place in hell for, for people that do that for, for non food reasons, like people that torture animals, but PETA is a terrorist organization. But besides that, they report there, they get a bunch of censorship because PETA like mass reports their content. And it's not the type of community that you think would get censorship. But anyway, there's 400,000 people that wanna post funny pictures of people riding horses that if we had a community app might onboard to Nasr and automatically be in their own little web of trust and could kinda bootstrap things. That was my long winded example.
[01:18:31] Pip:
Yeah. And as you said, like, it's a shame that a lot of Bitcoin meetups, they well, at least the one that I am into, like, they they use Telegram. So which is literally non non private, unencrypted. Everything is clear text. It's like I mean, it's horrible. Yeah. It's not it's not, you have a bunch of problems caused by impersonator. Like, all the time, people that mess DM's you and, even though it's a full centralized thing and you don't even get privacy.
[01:19:06] ODELL:
So force you they force you to do a phone number. So I, people know I deleted my ex account. But at the same time I deleted my ex account, I actually deleted my Telegram too. I'm a big deleter. I like deleting things. And it caused a lot of issues in the beginning because so much of the Bitcoin community runs through Telegram. And I probably lost touch with a bunch of people who only contacted me through x DMs and Telegram DMs. But the rider dies figured out that they can message me on signal, and I still communicate with them on signal. But, anyway, I taught a class, for the plan b school, that's run out of Lugano, by Giacomo and others, and their whole class is on Telegram.
And so I signed up I've I said I'll create a burner account on Telegram just because I love q and a. Right? Like, I'm I'm giving a presentation to 200 students. I wanna read the freaking q and a. So I created a burner telegram account. I used a burner phone number. And the first phone number I couldn't use because it had already been registered to a telegram account. So I had to get another burner account. And then as soon as I signed up as fake name, burner email, burner phone number, as soon as I signed up, they blocked my account, and I got just blocked out. So they have a huge bot problem, but, also, like, if you wanna actually use it, it creates all these issues if you wanna try and use it in a relatively private way. Anyway, eventually, they unblocked my account, and then I deleted it again. But that's my long winded Telegram. Fuck Telegram.
We need to replace all these things. I think we'll get there. Another example of web of trust would be for that that kind of use. Yeah.
[01:20:54] Pip:
That's that's that's that's also a nice one. Like, yes. You, like, you get you have you have a message application, and then you get, 1,000,000 request of, hey. Hi there or something like that. Like, you should find a way to filter out all of them except the three real ones, and this is where the reputation of the sender comes in for this initial, let's say, initial starting of the conversation. Right.
[01:21:26] ODELL:
And it should be user configurable. Like, I Yeah. I I get a ton of inbound messages. And, like, it'd be cool if I could toggle different things for how I view my inbox. Right? How I view who can message me and who cannot. And there's been attempts to do stuff like this that I think just fall flat and they just fail. Like, one of them was like, Balaji's old company. I forget what it was called, but, like, you had to pay to message. Like, I don't want people to have to pay to send me a message. I think that's just automatically off the table. And then on Twitter now, like, you have to, like, you could, you can set, like, oh, blue checks only. Only people that have verified their identity can message you. Also to me off the table.
[01:22:09] Pip:
There's no Yeah. I think the the a very interesting idea that just came to mind, is, is an in between. So you can set a threshold, and these thresholds should be quite high. If, your reputation from my point of view is high enough, then you can message me for free, like all of your followers and then a bunch of other people like you, you you have a set of this this 40,000 people that are connected to you some way, they can message you for free. Everyone else has to pay you for your attention, like, pay me. And then you can configure how much.
[01:22:47] ODELL:
Yeah. That makes sense to me. And then you use Bitcoin, so it doesn't require doxing yourself with a credit card or whatever.
[01:22:54] Pip:
Yeah. And and and your grandma would not have to pay to send you Merry Christmas. Because she's my grandma.
[01:23:00] ODELL:
She's in my room of trust. Exactly. So that's for her I if it wasn't for her, I wouldn't be alive. I gotta respond to her messages.
[01:23:08] Pip:
Even though they are yeah. I sometimes get some strange gifts.
[01:23:13] ODELL:
I mean, on the grandma note, I have her she's on signal now. I have a 90 plus year old grandma that uses signal because it's the only way she gets baby baby pictures. Yeah. Excuse me. Incentive. I see in the live chat, silent dot links up to 42,000 sads. Thank you, sir, for your support. He's a true ride or die. He runs a great service. I was talking about burner numbers earlier. You can buy a eSIM from him. Downloads directly to your phone. Don't have to give up any identifiable information. Just pay with Bitcoin. I use it all the time. It is amazing, amazing service. One of the most useful Bitcoin paid services.
Pip, this has been great. I've been trying to, ship more dispatches lately. I'm trying to there's a lot of noise out there, and I'm trying to get the signal out. But, one of the strategies I've I've come to appreciate that one of our my listeners told me to, to do is, for a lot of people do, like, repeat shows. Right? So, like, in six months or so, like, I'd love to have you back on, see where Vertex is, see where WebTrust is, and continue the dialogue. You down for that?
[01:24:32] Pip:
Absolutely. Yeah. Yes. Yes. Awesome.
[01:24:36] ODELL:
Do you have any final thoughts, for the freaks before we wrap?
[01:24:40] Pip:
Yeah. I just just read a comment from some Franz App mentioning that Sutlantis is is doing some meetups on Nostra or or will do. And, yeah, it's I mentioned it because also, Sutlantis is using Vertex behind the scene Oh, awesome.
[01:24:56] ODELL:
Which I'm now apart from that, obviously, they're actually are they actually doing Noster events? I know at one point they weren't. It was, like, just Noster log
[01:25:07] Pip:
ins. I don't know. I I'm sure they use, well, they use the events that I send them, meaning the responses. Well, other than that, I don't know. And they yeah. They they use it in a in a way that I mentioned, like, is removing from the database, obvious spammers and bots.
[01:25:31] ODELL:
Fair enough. Anyway, I cut you off. Final thoughts before we wrap.
[01:25:38] Pip:
Nothing like you can learn more about Vertex on vertexlab.i0 or search on NoStar. And if your client has a good search, then you will find Vertex. And, no. Thank you. This has been a great conversation, and, it's an honor to be here, honestly, like, after few years listening to the show. Like, it's a bit surreal to be here and speaking. So yeah. Thank you, Odell.
[01:26:08] ODELL:
It's a pleasure to have you. It's it was a fun rip. I enjoyed it, and I look forward to the next one. You have me you have me on signal. So if I can be helpful in any way, don't hesitate to reach out. I'm gonna provide all the links, to Vertex. As you said, it's Vertex Labs vertexlab.io, but I'll provide all the links, in the show notes, including to Pip's, Noster account. Give him a follow. He's a great gotta boost his web of trust score. This would be embarrassing if he's not ranked very high as the creator of the ranking. But he has a great content. He has good he has good content and, good discussion there.
[01:26:51] Pip:
Now if if my rank remains low, it's proof that I am not manipulating the ranks. Yeah. So don't follow me. One conspiracy.
[01:27:00] ODELL:
When I was doing my good morning videos, which were getting a lot of in good morning engagement, I was always on the top of the primal trending. And there was a joke internally at primal that I was like, can you just, like, anchor me at number four? Like, don't let me go above four because it's just feeding the conspiracy theories, but we we never did that. We thought it was crossing a line. What else was I gonna say? Yeah. Post all the links in the show notes. Next dispatch is on Monday. So just like back to back to back dispatches right now. And that's gonna be with Matt Alborg, long time Bitcoiner. He now does ppq.ai.
So a new AI focused service that lets you use all the different models, pay with Bitcoin, you pay on a per per usage basis. Really cool service. So definitely join us for that. I did I say the time? The time is going to be, nineteen thirty UTC. If if you can use Nasr, you can use UTC. So convert it to your own time zone. You'll figure it out. But all the links to dispatch are at dispatch.com. Share the show with your friends and family. It goes a long way. It's very helpful. If for some reason you still use YouTube, even if you don't watch on YouTube, if you go press the subscribe button on YouTube, maybe it'll get me out of shadow ban hell, until we can figure out how getting Nostra streaming to the next level. Anyway, I love you all. Pip, thank you for joining.
Stay on the Styx side. Peace.
CNBC Intro
Happy Bitcoin Friday
Pip and Webs of Trust
Understanding Webs of Trust
App Store Security and Trust
Spam Mitigation
Client Side Solutions and Performance
Trust Models and Censorship Risks
Use Cases for Vertex
Relay Operations and Spam Control
Current State of the Nostr Ecosystem
Community Building and Onboarding
Closing Thoughts and Future Plans
