Glickman warns biometric IDs like Worldcoin are irreversible liability

Nostr (4)

• Nathan Day argues bots are first-class citizens on Nostr, with as much right as humans. This is a feature, not a bug, but necessitates trust signals for when human verification is required.
• David Strayhorn suggests proof of authenticity is as important as proof of personhood. The goal is for accounts to be who they claim to be, not a binary human vs. bot check.
• Nathan Day identifies a core Nostr problem: newcomers start with zero web of trust. Proof of personhood does not solve this; reputation must be built through network interaction and actions.
• Nathan Day states the person NIP and required attestation NIP updates are nearly ready for release, aiming for a draft on NostrHub within a week of the recording.

AI & Tech (6)

• David Strayhorn states the proof of personhood problem existed before AI, with impersonators and bots causing issues. AI agents now make the problem far more severe and difficult to detect.
• David Strayhorn explains that follows alone are insufficient to prove humanity. He proposes a tagging or attestation system where users publish a signed note stating they met someone in real life and verified their public key.
• David Strayhorn contrasts Nostr's approach with the failed PGP web of trust, arguing Nostr's contextual attestations are more sophisticated and likely to succeed.
• David Strayhorn describes decentralized lists as a method for community curation. Anyone can add items, and curation is done via social proof, ignoring low-trust actors, with the NIP suggesting NIP 7 reactions for voting.
• Nathan Day envisions combining decentralized lists with attestations, where lists of humans are weighted by attestations from a user's web of trust and supported by out-of-band verification.
• Avi stresses the major challenge is abstracting complex web-of-trust mechanics into an intuitive user experience that doesn't overwhelm users with jargon or options.

Culture (1)

• David Strayhorn analogizes the desired user experience to early Google: users don't need to understand PageRank, they just need it to work. He suggests default options and layered detail for tags or attestations on a profile.

Digital Sovereignty (5)

• Gerald Glickman argues the US digital identity model is fundamentally broken because it uses compromised public identifiers like Social Security numbers as secret authenticators, equivalent to using your home address as your front door key.
• Glickman advocates for a credential system where states issue verifiable credentials bound to a user's DIDs. This allows credential revocation (e.g., a driver's license) without destroying the user's foundational identity, giving control back to the individual.
• Marty Bent notes age verification laws, like the Senate Judiciary Committee's 22-0 vote on the GUARD Act, are a common Trojan horse for imposing centralized digital identity systems under the framing of protecting children.
• Glickman rejects Worldcoin's model of using biometrics as identifiers, though he approves of local device authentication like iPhone's Secure Enclave. The fight is for open systems against closed-garden solutions pushed by big tech lobbying.
• The call to action is to engage now: examine your state's mobile driver's license implementation, support open standards work at W3C or Trust over IP, and advocate for policies like Utah's SETI that embed privacy and individual control.

AI & Tech (1)

• The rise of AI and LLMs has drastically accelerated identity fraud, collapsing the half-life of new security controls. Glickman notes at least 3000 Americans become victims of identity theft every hour, a rate he calls unacceptable.

China (1)

• Glickman warns against using biometrics like face or fingerprints as identifiers, as they are irrevocable and will be compromised. He points to China's social credit system as a real-world example of authoritarian control enabled by such systems.

Coding (1)

• The proposed solution is using cryptography and open standards for decentralized identifiers (DIDs). This allows for cryptographic proof of authorship via digital signatures, shifting from probabilistic inference to mathematical certainty.

AI & Tech (4)

• Git Workshop's web interface allows direct merging of pull requests, integrates NIP51 lists for starring repos, and uses encrypted NSEC notifications.
• Git over Nostr via ngit works for basic publication, but lacks CI/CD and mobile apps, making it unsuitable for production systems requiring low change costs.
• RoutesterD enables automatic discovery of LLM service providers via Nostr Kind 38421 announcements and includes a Cashew wallet for Lightning payments.
• Hazard proposes providers advertising the same model could be tested by sending identical prompts and comparing outputs to catch bad actors.

AI Infrastructure (3)

• Grain relay replaced Mongo with NostrDB for performance gains similar to Stirfry, but lacks negentropy and full-text search, which are on its roadmap.
• Marmot TS migrated addressable key packages from legacy Kind 443 to 30,443 to simplify SDK APIs and pave the way for multi-device support.
• Max argues specialized Nostr apps should avoid Kind 1 posts to prevent UX confusion, favoring NIP22 for comments over Twitter-style integration.

Startups (1)

• Crux Coach uses Nostr to publish climbing routes for Kilter boards, supports Amber login and encrypted backups via Blossom servers.

Coding (2)

• Applesauce 6.0.0's new jQuery-like event creation system improved agent compatibility, and its relay request logic races relays to avoid dead relay timeouts.
• Amethyst is building a Kotlin-based MediaOverQUIC stack for voice/video calls and migrated Schnorr verification to a standalone libsnorr256k1 repository.

Nostr (1)

• Treasures publishes geocache coordinates as Kind 37,516 events with physical QR codes for proof-of-visit and supports NIP57 zaps to cache creators.