Nostr and the accidental Web of Trust

I’m not sure if fiatjaf had a Web of Trust in mind when designing nostr and its use of public contact lists but I think it’s very important to nostr’s future.

Technically there is no need to publish a follow list, if a nostr client wants to show a feed of follows it just needs a list of contacts, this list does not need to exist in public or on relays, but the fact that it does is what makes the Web of Trust work.

Accidental

The only other Web of Trust that I know of is PGP’s Web of Trust, it is only used by IT and security people, which is also the reason why it is unusable for most people. It leaves no room for error because security has the highest priority in those circles.

But on nostr the Web of Trust is a side effect of just following people. You press Follow a few times and you are accidentally building a Web of Trust without even knowing it. It might not be perfect, but that’s also why it works, because it is so simple, like nostr itself.

Attempts to “fix” or improve the Web of Trust should be made with that simplicity in mind. Creating new lists with granularity of people you really trust, partially trust, don’t trust at all etc are all great, but this will make it possible for it to end up like PGP. Nostr’s Web of Trust works precisely because people don’t have to think about it.

There is also this idea that likes, reposts or any signal that can be made by users are useless because they can be gamed, but they can only be gamed if you don’t use a Web of Trust.

Web of Trust fixes almost everything

nostr:note1a8nq7kdqgr20dnvzmhv2a6quy8vx3l56pfzjlly3jv2u2l55exhs84cev8

Web of Trust fixes spam, bots, abuse of trending/hot algorithms

Zaps were supposed to fix the problem of gaming/abusing likes or reposts, but Web of Trust fixes it better. Zaps are useful for sending value, so let’s use it to send actual value. 1 sat zaps are not much different from Like-spam and considering the technical overhead required for zaps and possibility for timeouts and failures it’s actually worse.

So, Web of Trust Makes Likes Great Again, and with that you can make algorithms that are useful to the individual instead of the advertisers or platforms.

image
Example of a most basic Web of Trust filter (follows + follows of follows)

Nostur uses follows + follows of follows to filter spam and bots, and it uses likes and reposts from follows uniquely ranked to create Hot and Gallery feeds.

Another example is Doug Hoyte‘s https://oddbean.com, a community website where the content of the community is based on the administrator’s follows, the algorithm is incredibly simple and transparent, and it wouldn’t be possible if nostr did not have an accidental Web of Trust:
image

Challenges

Now there are still some challenges to be solved, new users being onboarded won’t have a Web of Trust yet, maybe we could give them training wheels, a preloaded Web of Trust until they followed enough people to use their own.

Also, new users don’t exist in anyone else’s Web of Trust yet, so they won’t be seen until someone follows them. This is not a good new user experience.

You also might miss someone’s post because they are not in your Web of Trust yet.

These are all challenges and I will keep exploring solutions for these.