@ c1e6505c:02b3157e

Photography, to me, is a game - a game of snatching absurd, beautiful, fleeting moments from life. Anything staged or overly polished falls into what Garry Winogrand nails as “illustration work.” I’m with him on that. Photography is about staying awake to the world, to the “physical reality” or circumstances we’re steeped in, and burning that light onto film emulsion (or pixels now), locking a moment into matter forever. It’s not like painting, where brushstrokes mimic what’s seen, felt, or imagined. Photography captures photons - light itself - and turns it into something tangible. The camera, honestly, doesn’t get enough credit for being such a wild invention.

Lately, I’ve been chewing on what to do with a batch of new photos I’ve shot over the past month, which includes photographs from a film project, a trip to Manhattan and photos of David Byrne (more on that in another post). Maybe it's another photo-zine that I should make. It’s been a minute since my last one, Hiding in Hudson (https://www.youtube.com/watch?v=O7_t0OldrTk&t=339s). Putting out printed work like zines or books is killer practice — it forces you to sharpen your compositions, your vision, your whole deal as a photographer. Proof of work, you know?

This leads to a question: anyone out there down to help or collab on printing a photo-zine? I’d love to keep it DIY, steering clear of big companies.

In the spirit of getting back into a rhythm of daily shooting, here are a few recent shots from the past few days. Just wandering aimlessly around my neighborhood — bike rides, grocery runs, wherever I end up.

---

Camera used: Leica M262

Edited with: Lightroom + Dehancer Film

*Support my work and the funding for my new zine by sending a few sats: colincz@getalby.com *

@ 61bf790b:fe18b062

In a vast digital realm, two cities stood side by side: the towering, flashing metropolis of Feedia, and the decentralized, quiet city of Nostra.

Feedia was loud—blinding, buzzing, and always on. Screens plastered every wall, whispering the latest trends into citizens’ ears. But in this city, what you saw wasn’t up to you. It was determined by a towering, unseen force known as The Algorithm. It didn’t care what was true, meaningful, or helpful—only what would keep your eyes glued and your attention sold.

In Feedia, discovery wasn’t earned. It was assigned.

And worse—there was a caste system. To have a voice, you needed a Blue Check—a glowing badge that marked you as “worthy.” To get one, you had to pay or play. Pay monthly dues to the high towers or entertain The Algorithm enough to be deemed “valuable.” If you refused or couldn’t afford it, your voice was cast into the noise—buried beneath outrage bait and celebrity screams.

The unmarked were like ghosts—speaking into the void while the checked dined in Algorithm-favored towers. It was a digital monarchy dressed up as a democracy.

Then, there was Nostra.

There were no glowing checkmarks in Nostra—just signal. Every citizen had a light they carried, one that grew brighter the more they contributed: thoughtful posts, reshared ideas, built tools, or boosted others. Discovery was based not on payment or privilege, but participation and value.

In Nostra, you didn’t rise because you paid the gatekeeper—you rose because others lifted you. You weren’t spoon-fed; you sought, you found, you earned attention. It was harder, yes. But it was real.

And slowly, some in Feedia began to awaken. They grew tired of being fed fast-food content and ignored despite their voices. They looked across the river to Nostra, where minds weren’t bought—they were built.

And one by one, they began to cross.

@ c230edd3:8ad4a712

Chef's notes

I found this recipe on beyondsweetandsavory.com. The site is incredibly ad infested (like most recipe sites) and its very annoying so I'm copying it to Nostr so all the homemade ice cream people can access it without dealing with that mess. I haven't made it yet. Will report back, when I do.

Details

• ⏲️ Prep time: 20 min
• 🍳 Cook time: 55 min
• 🍽️ Servings: 8

Ingredients

• 2 cups heavy cream
• 1 cup 2% milk
• 8 oz dark chocolate, 70%
• ¼ cup Dutch cocoa
• 2 tbsps loose Earl grey tea leaves
• 4 medium egg yolks
• ¾ cup granulated sugar
• ⅛ tsp salt
• ¼ cup dark chocolate, 70% chopped

Directions

1. In a double boiler or a bowl set over a saucepan of simmering water, add the cacao solids and ½ cup of heavy cream. Stir chocolate until melted and smooth. Set melted chocolate aside.
2. In a heavy saucepan, combine remaining heavy cream, milk, salt and ½ cup of sugar.
3. Put the pan over medium heat and let the mixture boil gently to bubbling just around the edges (gentle simmer) and sugar completely dissolved, about 5 minutes. Remove from heat.
4. Add the Earl Grey tea leaves and let it steep for 7-8 minutes until the cream has taken on the tea flavor, stirring occasionally and tasting to make sure it’s not too bitter.
5. Whisk in Dutch cocoa until smooth. Add in melted chocolate and whisk until smooth.
6. In a medium heatproof bowl, whisk the yolks just to break them up and whisk in remaining sugar. Set aside.
7. Put the saucepan back on the stove over low heat and let it warm up for 2 minutes.
8. Carefully measure out ½ cup of hot cream mixture.
9. While whisking the eggs constantly, whisk the hot cream mixture into the eggs until smooth. Continue tempering the eggs by adding another ½ cup of hot cream to the bowl with the yolks.
10. Pour the cream-egg mixture back to the saucepan and cook over medium-low heat, stirring constantly until it is thickened and coats the back of a spatula, about 5 minutes.
11. Strain the base through a fine-mesh strainer into a clean container.
12. Pour the mixture into a 1-gallon Ziplock freezer bag and submerge the sealed bag in an ice bath until cold, about 30 minutes. Refrigerate the ice cream base for at least 4 hours or overnight.
13. Pour the ice cream base into the frozen canister of your ice cream machine and follow the manufacturer’s instructions.
14. Spin until thick and creamy about 25-30 minutes.
15. Pack the ice cream into a storage container, press a sheet of parchment directly against the surface and seal with an airtight lid. Freeze in the coldest part of your freezer until firm, at least 4 hours.
16. When ready to serve, scoop the ice cream into a serving bowl and top with chopped chocolate.

@ 88cc134b:5ae99079

Lorem ipsum dolor sit amet, consectetur adipiscing elit. In et tempor magna. Donec nec nibh sed dolor euismod aliquam. Vestibulum fermentum rutrum tortor dictum tincidunt. Cras vestibulum risus at imperdiet malesuada. Nulla dignissim arcu nec nibh hendrerit, in convallis tellus pharetra. Nunc tristique libero non ante ultrices consectetur. In lacinia ipsum quis diam sollicitudin, sit amet venenatis neque auctor. Sed ut ipsum ac dui ullamcorper bibendum. Pellentesque sit amet mi imperdiet, convallis velit vel, vehicula ipsum. Nulla hendrerit, odio mollis egestas hendrerit, sem est egestas justo, at dapibus odio massa et leo.

Fusce efficitur nunc non ante tincidunt laoreet. Vivamus dictum magna eu nisl ullamcorper mollis. Cras magna odio, maximus eu luctus egestas, porttitor nec sem. Maecenas sed tortor aliquet, consequat dolor quis, cursus massa. Nulla consequat nisl ut lacus elementum mollis. Nulla facilisi. Praesent laoreet ante ligula, id porta nisl malesuada id. Sed eu quam semper, suscipit tortor eget, feugiat mauris. Maecenas hendrerit arcu ligula, vitae maximus orci efficitur quis. In feugiat lectus in velit aliquet tincidunt. Aenean sit amet neque mollis, laoreet leo tincidunt, volutpat arcu.

Donec id massa diam. Nunc ac nunc non massa bibendum convallis non in nisl. Phasellus at nisl cursus, aliquet nibh ut, varius nisl. Cras eget dolor neque. Pellentesque et maximus dui. Sed metus erat, facilisis et blandit vitae, facilisis quis diam. Nullam vitae mattis odio. Vivamus varius sapien non arcu convallis, ut varius est lobortis. Maecenas tristique sagittis nunc, non lobortis mi fermentum quis.

Vestibulum in consectetur nibh. Integer libero mauris, sagittis sed nulla tincidunt, venenatis vestibulum nibh. Praesent vitae ex non quam pretium luctus. Etiam fringilla mattis tellus, eu placerat enim vestibulum nec. Curabitur vitae dictum erat. Fusce non ligula vehicula, aliquam eros sit amet, pharetra felis. Suspendisse dapibus pretium dui. Donec quis erat est. Nunc varius dolor velit, sit amet consectetur enim finibus sit amet. Aenean malesuada erat sed libero vestibulum, vel varius dui gravida. Ut volutpat risus dui, quis euismod nisi ornare et. Nullam blandit iaculis ipsum. Donec ullamcorper turpis quis placerat tincidunt.

Fusce mi ante, euismod et lorem vitae, commodo fringilla ex. Maecenas sagittis euismod nibh. Integer vestibulum sit amet ipsum ut fringilla. Etiam bibendum, risus id malesuada faucibus, magna libero vulputate nulla, in suscipit tortor orci sed arcu. Sed malesuada ipsum nec faucibus pulvinar. Aliquam vehicula lorem sit amet nulla vulputate, eget efficitur mauris sagittis. Nullam lacus ipsum, bibendum sed laoreet at, tristique vel massa. Cras non lorem sit amet sapien auctor feugiat ac sed lorem. Pellentesque tellus erat, rhoncus nec venenatis ac, efficitur vitae felis. Sed in nunc erat. Nullam et quam ac diam rutrum auctor in id ante. Suspendisse pulvinar porttitor mattis. Cras ultrices tristique elit, sit amet vulputate diam ultricies sit amet. Sed scelerisque est eros, eget semper erat vehicula vel. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas.

@ 8f69ac99:4f92f5fd

O Partido LIVRE entra nas eleições legislativas de 2025 com um programa visionário, abrangente—e profundamente dependente da expansão da autoridade estatal. Apresentado como um plano progressista para uma sociedade mais verde e justa, o documento descreve centenas de propostas políticas que reconfiguram quase todos os aspectos da vida económica, social e institucional. Mas, por trás da retórica inclusiva, surge um modelo que levanta questões significativas sobre a viabilidade, a liberdade pessoal e os limites do planeamento centralizado.

---

Da Redistribuição para a Dependência

No coração do programa da LIVRE está a promessa de uma redistribuição radical. São propostas taxas sobre a riqueza, impostos sobre heranças e sobretaxas corporativas para financiar uma “herança social” para todos os jovens adultos, eliminar a pobreza e expandir dramaticamente os serviços públicos. Embora a intenção seja a justiça social, esta visão depende de mecanismos pesados de realocação de cima para baixo.

O que falta é uma reflexão sobre como a riqueza é criada, não apenas como deve ser redistribuída. Ao focar tanto na tributação e nas iniciativas lideradas pelo Estado, o programa subestima o papel do empreendedorismo, da inovação privada e da troca voluntária na criação do valor que procura redistribuir.

---

O Estado como Empregador, Banqueiro, Construtor e Guardião

O plano prevê um papel vastamente expandido para o sector público: não apenas na saúde, educação e infraestruturas, mas também nos sectores bancário, habitação, transportes e até nos meios de comunicação social. Serviços essenciais como água, electricidade, radiodifusão pública e banca deverão ser considerados “bens públicos”—protegendo-os efectivamente da privatização.

Embora esta abordagem possa agradar aos desconfiados das dinâmicas de mercado, ela também consolida o poder num único actor institucional. Historicamente, tal centralização tem levado a ineficiências, politização e a um papel reduzido para a sociedade civil e a autonomia local. O modelo do LIVRE deixa pouco espaço para a descentralização, associações voluntárias ou alternativas do sector privado—mesmo em áreas onde poderiam servir o público de forma mais eficaz.

---

Reescrever o Trabalho e o Tempo de Cima para Baixo

O LIVRE propõe reconfigurar o mercado de trabalho, impondo uma semana de trabalho de 30 horas, alargamento das licenças pagas e definindo rácio máximo de salários entre executivos e empregados. Estes podem parecer promissoras, mas tais normas rígidas podem erodir a flexibilidade, especialmente para pequenas empresas ou trabalhadores independentes. A promessa de igualdade de resultado vem à custa da autonomia, da produtividade e das preferências diversas dos indivíduos na força de trabalho.

---

Uma Visão de Inclusão—Com um Preço Institucional

O programa investe fortemente na inclusividade—desde os direitos das pessoas LGBTQIA+ até a justiça racial, desde o acesso a pessoas com deficiência até os cuidados para idosos. Estes objectivos são louváveis. Mas, em vez de fomentar a valorização de baixo para cima, a estratégia recorre a regulação, quotas e programas geridos pelo Estado. Ao fazê-lo, trata a inclusão como algo a ser legislado em vez de vivido, correndo o risco de fadiga social e sobrecarga burocrática.

---

A Europa, Mas Apenas Nos Termos do LIVRE

O LIVRE apoia a integração na UE—desde que a própria União Europeia seja reformada com base nas suas próprias prioridades sociais e ambientais. Embora isso posicione o partido como europeísta, também sugere uma lealdade condicional, que pode levar a fricções se não for possível alcançar consenso. Faltam reconhecimentos sobre os limites da alavancagem nacional em acordos internacionais.

---

Conclusão: Grandes Ideias, Grande Estado

A plataforma eleitoral do LIVRE é ousada, detalhada e profundamente idealista. Mas repousa sobre uma visão de sociedade onde as soluções fluem do centro, a riqueza é redistribuída antes de ser criada e a iniciativa pessoal é subordinada a planos colectivos. Não propõe apenas uma nova economia—mas um novo contrato social, mediado quase totalmente pelas instituições do Estado.

Para os eleitores que valorizam a associação voluntária, a governação local, a liberdade empreendedora e a intervenção limitada na vida privada, este programa oferece muito para reflectir—se não muito para abraçar.

---

Photo by Claudio Schwarz on Unsplash

@ 5d4b6c8d:8a1c1ee3

I was a bit more distracted than normal this month, but ~econ kept humming along.

• Posts: 228 (7th)
• Comments: 1459 (5th)
• Stacking: 128k (4th)
• Revenue: 74k (4th)

We're holding pretty steady, but haven't gotten back to our highs from last year.

With revenue down slightly, I'll move the post fee back towards the previous local max and conclude the posting fee optimization process for now. Going forward the posting fee will be set at 84 sats (until I decide to start messing with it again).

Next month, I'll start the comment fee optimization process.

We're still on pace for a profitable year and having a nice sized fund to pay out the end-of-year awards.

Thanks everyone for supporting this community!

Let me know if you have any suggestions for how to improve the territory.

originally posted at https://stacker.news/items/967545

@ 8f69ac99:4f92f5fd

O programa eleitoral do CHEGA para 2025 é ousado. Apresenta uma crítica abrangente aos últimos cinco decénios de governação em Portugal e oferece um ambicioso plano para o renascimento nacional—baseado em disciplina, tradição e autoridade estatal. Enquadrado como uma missão de resgate moral e institucional, o programa está repleto de propostas para reforçar a identidade nacional, reestruturar a educação, restaurar a lei e a ordem, e promover o renascimento demográfico.

No entanto, por toda a sua determinação, o programa do CHEGA levanta questões importantes: Qual é o custo de restaurar a ordem através de uma autoridade moral centralizada? Como um projeto cultural centrado no Estado se alinha com a liberdade individual? E pode surgir um verdadeiro renascimento ao impor uniformidade de cima para baixo?

---

Um Estado para a Família—Mas a Que Nível de Controlo?

O programa do CHEGA está fundamentado numa visão centrada na família: alívio fiscal, apoio à habitação, aposentação antecipada para avós e incentivos pró-natalistas rigorosos. A defesa do crescimento da população nativa é claramente priorizada em relação à imigração.

Mas, enquanto a defesa da autonomia familiar está em primeiro plano, a solução oferecida é a engenharia estatal da vida pessoal. A política fiscal, as escolhas reprodutivas e até os currículos escolares serão moldados por uma visão cultural e moral específica. Há pouco espaço para o pluralismo ou alternativas privadas—apenas um modelo de família, identidade e moralidade é reconhecido como legítimo.

---

Mérito, Sim—Mas Sempre Gerido de Cima

A reforma da educação do CHEGA propõe um retorno à meritocracia e à ordem: reintrodução de exames, aumento da autoridade dos professores e redução da burocracia. Estes são objetivos defensáveis. No entanto, a implementação pressupõe um filtro moral centralizado: banir certos temas (por exemplo, a teoria de género), tornar o conteúdo ideológico sujeito a veto parental e redesenhar a política educacional para excluir o que o partido considera como influências “woke” ou “esquerdistas”.

O risco é que as escolas se tornem campos de batalha pelo controlo cultural, em vez de instituições de pensamento independente. Uma verdadeira reforma educacional deve expandir a liberdade de escolha, e não substituir uma ortodoxia ideológica por outra.

---

Reforma da Justiça ou Deriva Autoritária?

O CHEGA defende uma postura firme contra o crime e a corrupção. Os apelos por julgamentos mais rápidos, penalidades mais severas e melhores condições para os profissionais da justiça reflectem frustrações legítimas do público. No entanto, o programa tende fortemente para a justiça retributiva, com propostas como sentenças de prisão perpétua e ampliação dos poderes de policiamento estatal.

Ausente nessa abordagem está qualquer menção a verificações e contrapesos sistémicos, salvaguardas de independência judicial, ou alternativas de justiça restaurativa. Sem esses mecanismos, um sistema de justiça focado exclusivamente no castigo corre o risco de se tornar um instrumento bruto de poder estatal.

---

Soberania Cultural vs. Autonomia Individual

A mensagem nacionalista do CHEGA é consistente: proteger a identidade portuguesa, as tradições e o perfil demográfico. O multiculturalismo e a imigração são apresentados não como desafios a serem geridos, mas como ameaças a serem resistidas. As políticas são estruturadas em torno da conformidade cultural—imigração apenas se culturalmente alinhada, escolaridade apenas se ideologicamente “limpa” e o serviço nacional reestruturado num ritual de lealdade.

No entanto, a liberdade de consciência, expressão e associação—fundamentos da sociedade democrática—são difíceis de reconciliar com uma uniformidade cultural imposta. O que começa como protecção pode rapidamente transformar-se em proibição.

---

O Custo Oculto da Virtude Liderada pelo Estado

O programa do CHEGA fala a linguagem da ordem, moralidade e restauração. Mas seu mecanismo é o Estado—e não um Estado minimalista. Desde a definição de conteúdo educacional até a orientação da formação familiar, o programa propõe um nível de intervenção que deixa pouco espaço para a iniciativa individual ou alternativas voluntárias.

Ao tentar corrigir as falhas de um sistema inchado e ineficiente, o CHEGA corre o risco de substituí-lo por um sistema rígido e moralizante—um que pode restaurar a hierarquia, mas à custa da flexibilidade e da soberania pessoal.

---

Conclusão: O Renascimento Deve Vir com Moderação

O programa do CHEGA para 2025 capta frustrações legítimas: decadência institucional, deslocalização cultural e estagnação económica. Mas a cura—um Estado centralizado e ideologicamente rígido—provavelmente não servirá os cidadãos. O verdadeiro renascimento exige menos dependência do poder político, e não mais.

Para eleitores que acreditam num governo limitado, descentralização e autonomia individual, a visão do CHEGA pode parecer mais um apelo pelo controlo do que um manifesto pela liberdade.

---

Photo by Claudio Schwarz on Unsplash

@ 975e4ad5:8d4847ce

With the advancement of quantum computers, a new threat emerges for the security of cryptocurrencies and blockchain technologies. These powerful machines have the potential to expose vulnerabilities in traditional cryptographic systems, which could jeopardize the safety of digital wallets. But don’t worry—modern wallets are already equipped to handle this threat with innovative solutions that make your funds nearly impossible to steal, even by a quantum computer. Let’s explore how this works and why you can rest easy.

The Threat of Quantum Computers

To understand how wallets protect us, we first need to grasp what makes quantum computers so dangerous. At the core of most cryptocurrencies, like Bitcoin, lies public and private key cryptography. The public key (or address) is like your bank account number—you share it to receive funds. The private key is like your PIN—it allows you to send funds and must remain secret.

Traditional cryptography, such as the ECDSA algorithm, relies on mathematical problems that are extremely difficult to solve with conventional computers. For instance, deriving a private key from a public key is practically impossible, as it would take millions of years of computation. However, quantum computers, thanks to algorithms like Shor’s, can significantly speed up this process. Theoretically, a sufficiently powerful quantum computer could uncover a private key from a public key in minutes or even seconds.

This is a problem because if someone gains access to your private key, they can send all your funds to their own address. But here’s the good news—modern wallets use a clever solution to render this threat powerless.

How Do Wallets Protect Us?

One of the most effective defenses against quantum computers is the use of one-time addresses in wallets. This means that for every transaction—whether receiving or sending funds—the wallet automatically generates a new public address. The old address, once used, remains in the transaction history but no longer holds any funds, as they are transferred to a new address.

Why Does This Work?

Imagine you’re sending or receiving cryptocurrency. Your wallet creates a new address for that transaction. After the funds are sent or received, that address becomes “used,” and the wallet automatically generates a new one for the next transaction. If a quantum computer manages to derive the private key from the public address of the used address, it will find nothing—because that address is already empty. Your funds are safely transferred to a new address, whose public key has not yet been exposed.

This strategy is known as HD (Hierarchical Deterministic) wallets. It allows the wallet to generate an infinite number of addresses from a single master key (seed) without compromising security. Each new address is unique and cannot be linked to the previous ones, making it impossible to trace your funds, even with a quantum computer.

Automation Makes It Effortless

The best part? You don’t need to worry about this process—it’s fully automated. When you use a modern wallet like MetaMask, Ledger, Trezor, or software wallets for Bitcoin, everything happens behind the scenes. You simply click “receive” or “send,” and the wallet takes care of generating new addresses. There’s no need to understand the complex technical details or manually manage your keys.

For example:

• You want to receive 0.1 BTC. Your wallet provides a new address, which you share with the sender.
• After receiving the funds, the wallet automatically prepares a new address for the next transaction.
• If you send some of the funds, the remaining amount (known as “change”) is sent to another new address generated by the wallet.

This system ensures that public addresses exposed on the blockchain no longer hold funds, making quantum attacks pointless.

Additional Protection: Toward Post-Quantum Cryptography

Beyond one-time addresses, blockchain developers are also working on post-quantum cryptography—algorithms that are resistant to quantum computers. Some blockchain networks are already experimenting with such solutions, like algorithms based on lattices (lattice-based cryptography). These methods don’t rely on the same mathematical problems that quantum computers can solve, offering long-term protection.

In the meantime, one-time addresses combined with current cryptographic standards provide enough security to safeguard your funds until post-quantum solutions become widely adopted.

Why You Shouldn’t Worry

Modern wallets are designed with the future in mind. They not only protect against today’s threats but also anticipate future risks, such as those posed by quantum computers. One-time addresses make exposed public keys useless to hackers, and automation ensures you don’t need to deal with the technicalities. HD wallets, which automatically generate new addresses, make the process seamless and secure for users.

Public key exposure only happens when necessary, reducing the risk of attacks, even from a quantum computer. In conclusion, while quantum computers pose a potential threat, modern wallets already offer effective solutions that make your cryptocurrencies nearly impossible to steal. With one-time addresses and the upcoming adoption of post-quantum cryptography, you can be confident that your funds are safe—today and tomorrow.

@ 83279ad2:bd49240d

test

@ c1e6505c:02b3157e

This is a long form test note from Untype.app

Seems like this could work well.

Here is a photograph of the infamous red firebird that has been in the same spot for over 10 years.

There is a header image up top as well. Will that be seen? Maybe?

Clean interface and you're able to type and see a preview window of what your post would like. Cool!

Text before the image prompt makes this lettering large and bold.

Here is a line break

---

Let me know if you can see this text that is now under the image.

BYE (IN BOLD)!

@ 78b3c1ed:5033eea9

・ThunderHubで焼いたマカロンがlncli printmacaroonでどう見えるか確認した。

ThunderHub macaroon permissions

get invoices invoices:read create invoices invoices:write get payments offchain:read pay invoices offchain:write get chain transactions onchain:read send to chain address onchain:write create chain address address:write get wallet info info:read stop daemon info:write この結果によれば、offchain:wirteとonchain:writeの権限がなければそのマカロンを使うクライアントは勝手にBTCを送金することができない。 info:writeがなければ勝手にLNDを止めたりすることができない。

・lncli printmacaroonでデフォルトで作られるmacaroonのpermissionsを調べてみた。 admin.macaroon { "version": 2, "location": "lnd", "root_key_id": "0", "permissions": [ "address:read", "address:write", "info:read", "info:write", "invoices:read", "invoices:write", "macaroon:generate", "macaroon:read", "macaroon:write", "message:read", "message:write", "offchain:read", "offchain:write", "onchain:read", "onchain:write", "peers:read", "peers:write", "signer:generate", "signer:read" ], "caveats": null } chainnotifier.macaroon { "version": 2, "location": "lnd", "root_key_id": "0", "permissions": [ "onchain:read" ], "caveats": null } invoice.macaroon { "version": 2, "location": "lnd", "root_key_id": "0", "permissions": [ "address:read", "address:write", "invoices:read", "invoices:write", "onchain:read" ], "caveats": null } invoices.macaroon { "version": 2, "location": "lnd", "root_key_id": "0", "permissions": [ "invoices:read", "invoices:write" ], "caveats": null } readonly.macaroon { "version": 2, "location": "lnd", "root_key_id": "0", "permissions": [ "address:read", "info:read", "invoices:read", "macaroon:read", "message:read", "offchain:read", "onchain:read", "peers:read", "signer:read" ], "caveats": null } router.macaroon { "version": 2, "location": "lnd", "root_key_id": "0", "permissions": [ "offchain:read", "offchain:write" ], "caveats": null } signer.macaroon { "version": 2, "location": "lnd", "root_key_id": "0", "permissions": [ "signer:generate", "signer:read" ], "caveats": null } walletkit.macaroon { "version": 2, "location": "lnd", "root_key_id": "0", "permissions": [ "address:read", "address:write", "onchain:read", "onchain:write" ], "caveats": null }

・lncli listpermissions コマンドですべての RPC メソッド URI と、それらを呼び出すために必要なマカロン権限を一覧表示できる。 LND v0.18.5-betaでやると1344行ほどのJSONができる。 AddInvoiceだとinvoice:writeのpermissionを持つmacaroonを使えばインボイスを作れるようだ。 "/lnrpc.Lightning/AddInvoice": { "permissions": [ { "entity": "invoices", "action": "write" } ] }, lncli listpermissionsからentityとactionを抜き出してみた。 ``` "entity": "address", "entity": "info", "entity": "invoices", "entity": "macaroon", "entity": "message", "entity": "offchain", "entity": "onchain", "entity": "peers", "entity": "signer",

"action": "generate" "action": "read" "action": "write" lncli とjqを組み合わせると例えば以下コマンドでinvoices:writeを必要とするRPCの一覧を表示できる。 invoices:writeだとAddInvoiceの他にホドルインボイス作成でも使ってるようだ lncli listpermissions | jq -r '.method_permissions | to_entries[] | select(.value.permissions[] | select(.entity == "invoices" and .action == "write")) | .key' /invoicesrpc.Invoices/AddHoldInvoice /invoicesrpc.Invoices/CancelInvoice /invoicesrpc.Invoices/HtlcModifier /invoicesrpc.Invoices/LookupInvoiceV2 /invoicesrpc.Invoices/SettleInvoice /lnrpc.Lightning/AddInvoice invoices:readだと以下となる。 /invoicesrpc.Invoices/SubscribeSingleInvoice /lnrpc.Lightning/ListInvoices /lnrpc.Lightning/LookupInvoice /lnrpc.Lightning/SubscribeInvoices LNの主だった機能のRPCはoffchainが必要ぽいので抜き出してみた。 offchain:write チャネルの開閉、ペイメントの送信までやってるみたい。 デフォルトのmacaroonでoffchain:writeを持ってるのはadminとrouterの2つだけ。openchannel,closechannelはonchain:writeのpermissionも必要なようだ。 /autopilotrpc.Autopilot/ModifyStatus /autopilotrpc.Autopilot/SetScores /lnrpc.Lightning/AbandonChannel /lnrpc.Lightning/BatchOpenChannel /lnrpc.Lightning/ChannelAcceptor /lnrpc.Lightning/CloseChannel /lnrpc.Lightning/DeleteAllPayments /lnrpc.Lightning/DeletePayment /lnrpc.Lightning/FundingStateStep /lnrpc.Lightning/OpenChannel /lnrpc.Lightning/OpenChannelSync /lnrpc.Lightning/RestoreChannelBackups /lnrpc.Lightning/SendCustomMessage /lnrpc.Lightning/SendPayment /lnrpc.Lightning/SendPaymentSync /lnrpc.Lightning/SendToRoute /lnrpc.Lightning/SendToRouteSync /lnrpc.Lightning/UpdateChannelPolicy /routerrpc.Router/HtlcInterceptor /routerrpc.Router/ResetMissionControl /routerrpc.Router/SendPayment /routerrpc.Router/SendPaymentV2 /routerrpc.Router/SendToRoute /routerrpc.Router/SendToRouteV2 /routerrpc.Router/SetMissionControlConfig /routerrpc.Router/UpdateChanStatus /routerrpc.Router/XAddLocalChanAliases /routerrpc.Router/XDeleteLocalChanAliases /routerrpc.Router/XImportMissionControl /wtclientrpc.WatchtowerClient/AddTower /wtclientrpc.WatchtowerClient/DeactivateTower /wtclientrpc.WatchtowerClient/RemoveTower /wtclientrpc.WatchtowerClient/TerminateSession "/lnrpc.Lightning/OpenChannel": { "permissions": [ { "entity": "onchain", "action": "write" }, { "entity": "offchain", "action": "write" } ] }, offchain:read readの方はチャネルやインボイスの状態を確認するためのpermissionのようだ。 /lnrpc.Lightning/ChannelBalance /lnrpc.Lightning/ClosedChannels /lnrpc.Lightning/DecodePayReq /lnrpc.Lightning/ExportAllChannelBackups /lnrpc.Lightning/ExportChannelBackup /lnrpc.Lightning/FeeReport /lnrpc.Lightning/ForwardingHistory /lnrpc.Lightning/GetDebugInfo /lnrpc.Lightning/ListAliases /lnrpc.Lightning/ListChannels /lnrpc.Lightning/ListPayments /lnrpc.Lightning/LookupHtlcResolution /lnrpc.Lightning/PendingChannels /lnrpc.Lightning/SubscribeChannelBackups /lnrpc.Lightning/SubscribeChannelEvents /lnrpc.Lightning/SubscribeCustomMessages /lnrpc.Lightning/VerifyChanBackup /routerrpc.Router/BuildRoute /routerrpc.Router/EstimateRouteFee /routerrpc.Router/GetMissionControlConfig /routerrpc.Router/QueryMissionControl /routerrpc.Router/QueryProbability /routerrpc.Router/SubscribeHtlcEvents /routerrpc.Router/TrackPayment /routerrpc.Router/TrackPaymentV2 /routerrpc.Router/TrackPayments /wtclientrpc.WatchtowerClient/GetTowerInfo /wtclientrpc.WatchtowerClient/ListTowers /wtclientrpc.WatchtowerClient/Policy /wtclientrpc.WatchtowerClient/Stats ・おまけ1 RPCメソッド名にopenを含む要素を抽出するコマンド lncli listpermissions | jq '.method_permissions | to_entries[] | select(.key | test("open"; "i"))' { "key": "/lnrpc.Lightning/BatchOpenChannel", "value": { "permissions": [ { "entity": "onchain", "action": "write" }, { "entity": "offchain", "action": "write" } ] } } { "key": "/lnrpc.Lightning/OpenChannel", "value": { "permissions": [ { "entity": "onchain", "action": "write" }, { "entity": "offchain", "action": "write" } ] } } { "key": "/lnrpc.Lightning/OpenChannelSync", "value": { "permissions": [ { "entity": "onchain", "action": "write" }, { "entity": "offchain", "action": "write" } ] } } ・おまけ２ thunderhubで作ったmacaroonはテキストで出力されコピペして使うもので、macaroonファイルになってない。 HEXをmacaroonファイルにするには以下コマンドでできる。HEXをコピペして置換する。またYOURSの箇所を自分でわかりやすい名称に置換すると良い。 echo -n "HEX" | xxd -r -p > YOURS.macaroon thunderhubで"Create Invoices, Get Invoices, Get Wallet Info, Get Payments, Pay Invoices"をチェックして作ったmacaroonのpermissionsは以下となる。 { "version": 2, "location": "lnd", "root_key_id": "0", "permissions": [ "info:read", "invoices:read", "invoices:write", "offchain:read", "offchain:write" ], "caveats": null } ``` offchain:writeはあるがonchain:writeがないのでチャネル開閉はできないはず。

@ 8f69ac99:4f92f5fd

O programa eleitoral do Bloco de Esquerda para 2025 apresenta uma visão ambiciosa para Portugal—uma visão marcada por um forte Estado central, propriedade pública alargada e uma densa rede de garantias sociais. O programa visa apelar a uma audiência ampla com promessas de justiça, igualdade e inclusão. Contudo, por trás da linguagem acessível, encontra-se uma estrutura rígida de cima para baixo que levanta questões cruciais sobre a autonomia pessoal, a sustentabilidade económica e os limites da intervenção estatal.

---

O Estado como Provedor de Tudo

A pedra angular do programa é um papel alargado para o Estado—não só na saúde e na educação, mas também na habitação, na banca, na energia, nos transportes e até na cultura. Algumas propostas incluem:

• Re-nacionalização de principais empresas de utilidades e transportes.
• Criação de um Serviço Nacional de Cuidados e de um Serviço Nacional de Justiça.
• Construção de 100.000 novas habitações públicas.
• Centralização da acção climática num novo Ministério da Acção Climática.

Embora estas propostas possam parecer socialmente generosas, reflectem uma concentração de poder que corre o risco de reduzir a escolha individual e sufocar alternativas locais ou privadas. Ao assumir que o Estado deve ser o principal solucionador de problemas em quase todos os sectores, o programa desvaloriza a sociedade civil, as pequenas empresas e a iniciativa pessoal.

---

Resposta à Crise Climática

O programa dá início a um "Programa de Emergência Climática", com ênfase no investimento em fontes de energia renováveis, sistemas de transportes públicos, melhorias na eficiência dos edifícios e práticas agrícolas sustentáveis. A criação de um Ministério da Ação Climática visa centralizar os esforços nestes sectores. Embora esta abordagem sinalize um forte compromisso com as questões ambientais, a viabilidade de uma transformação tão rápida e o potencial fardo económico devem ser cuidadosamente avaliados.

---

Redistribuição Económica ou Tributação Punitiva?

Outro pilar do programa é a reestruturação fiscal agressiva. O Bloco propõe novos impostos sobre heranças, riqueza e empresas digitais, aumento dos impostos corporativos e a eliminação das isenções fiscais para organizações religiosas e sociais. Embora o objetivo seja corrigir desigualdades, esta abordagem penaliza a formação de capital e o empreendedorismo—motores vitais para a mobilidade ascendente e inovação.

Mais importante ainda, não há grande discussão sobre como a já fragilizada economia portuguesa sustenta estes aumentos nos gastos públicos. O planeamento central do investimento, as estratégias de renegociação da dívida e as indústrias geridas pelo Estado são apresentadas como soluções—mas a experiência histórica e internacional sugere que, muitas vezes, isto leva à ineficiência, má alocação de recursos e captura política.

---

Igualdade Uniforme vs. Associação Voluntária

O programa coloca forte ênfase na política identitária, nas quotas de paridade de género e em mecanismos de inclusão de cima para baixo. Medidas como quotas nas universidades e no Parlamento, programação cultural nacional e políticas de diversidade geridas centralmente refletem uma intenção de engenheirar resultados sociais através do controlo administrativo.

Esta abordagem corre o risco de nivelar o pluralismo genuíno e a associação voluntária em favor da conformidade institucional. Em vez de empoderar indivíduos e comunidades para construir soluções diversas e orgânicas, prescreve uniformidade vinda de cima.

---

Um Retiro das Alianças Internacionais

O Bloco propõe também que Portugal se retire da NATO e termine os acordos com a UE que considera restritivos. Embora o impulso possa surgir do desejo de soberania, a alternativa parece ser um nacionalismo voltado para o interior, combinado com uma regulação pan-europeia que favorece o alinhamento ideológico em vez da cooperação de mercado.

---

Conclusão: O Preço da Promessa

O programa é ousado na sua ambição, mas depende fortemente da tomada de decisões centralizada, do aumento contínuo dos impostos e da crença de que o Estado pode gerir de forma equitativa e eficiente todos os aspectos da sociedade. A história demonstra que tal concentração de poder—por mais bem-intencionada que seja—tende a corroer a responsabilidade, sufocar a iniciativa individual e produzir estagnação burocrática.

Num momento em que Portugal precisa de mais flexibilidade, soluções descentralizadas e resiliência de baixo para cima, este programa traça um rumo que pode deixar os cidadãos mais dependentes e menos livres.

---

Photo by Claudio Schwarz on Unsplash

@ f32184ee:6d1c17bf

Ads Fueling Freedom

Ross Ulbricht’s "Decentralize Social Media" painted a picture of a user-centric, decentralized future that transcended the limitations of platforms like the tech giants of today. Though focused on social media, his concept provided a blueprint for decentralized content systems writ large. The PROMO Protocol, designed by NextBlock while participating in Sovereign Engineering, embodies this blueprint in the realm of advertising, leveraging Nostr and Bitcoin’s Lightning Network to give individuals control, foster a multi-provider ecosystem, and ensure secure value exchange. In this way, Ulbricht’s 2021 vision can be seen as a prescient prediction of the PROMO Protocol’s structure. This is a testament to the enduring power of his ideas, now finding form in NextBlock’s innovative approach.

[Current Platform-Centric Paradigm, source: Ross Ulbricht's Decentralize Social Media]

Ulbricht’s Vision: A Decentralized Social Protocol

In his 2021 Medium article Ulbricht proposed a revolutionary vision for a decentralized social protocol (DSP) to address the inherent flaws of centralized social media platforms, such as privacy violations and inconsistent content moderation. Writing from prison, Ulbricht argued that decentralization could empower users by giving them control over their own content and the value they create, while replacing single, monolithic platforms with a competitive ecosystem of interface providers, content servers, and advertisers. Though his focus was on social media, Ulbricht’s ideas laid a conceptual foundation that strikingly predicts the structure of NextBlock’s PROMO Protocol, a decentralized advertising system built on the Nostr protocol.

[A Decentralized Social Protocol (DSP), source: Ross Ulbricht's Decentralize Social Media]

Ulbricht’s Principles

Ulbricht’s article outlines several key principles for his DSP: * User Control: Users should own their content and dictate how their data and creations generate value, rather than being subject to the whims of centralized corporations. * Decentralized Infrastructure: Instead of a single platform, multiple interface providers, content hosts, and advertisers interoperate, fostering competition and resilience. * Privacy and Autonomy: Decentralized solutions for profile management, hosting, and interactions would protect user privacy and reduce reliance on unaccountable intermediaries. * Value Creation: Users, not platforms, should capture the economic benefits of their contributions, supported by decentralized mechanisms for transactions.

These ideas were forward-thinking in 2021, envisioning a shift away from the centralized giants dominating social media at the time. While Ulbricht didn’t specifically address advertising protocols, his framework for decentralization and user empowerment extends naturally to other domains, like NextBlock’s open-source offering: the PROMO Protocol.

NextBlock’s Implementation of PROMO Protocol

The PROMO Protocol powers NextBlock's Billboard app, a decentralized advertising protocol built on Nostr, a simple, open protocol for decentralized communication. The PROMO Protocol reimagines advertising by: * Empowering People: Individuals set their own ad prices (e.g., 500 sats/minute), giving them direct control over how their attention or space is monetized. * Marketplace Dynamics: Advertisers set budgets and maximum bids, competing within a decentralized system where a 20% service fee ensures operational sustainability. * Open-Source Flexibility: As an open-source protocol, it allows multiple developers to create interfaces or apps on top of it, avoiding the single-platform bottleneck Ulbricht critiqued. * Secure Payments: Using Strike Integration with Bitcoin Lightning Network, NextBlock enables bot-resistant and intermediary-free transactions, aligning value transfer with each person's control.

This structure decentralizes advertising in a way that mirrors Ulbricht’s broader vision for social systems, with aligned principles showing a specific use case: monetizing attention on Nostr.

Aligned Principles

Ulbricht’s 2021 article didn’t explicitly predict the PROMO Protocol, but its foundational concepts align remarkably well with NextBlock's implementation the protocol’s design: * Autonomy Over Value: Ulbricht argued that users should control their content and its economic benefits. In the PROMO Protocol, people dictate ad pricing, directly capturing the value of their participation. Whether it’s their time, influence, or digital space, rather than ceding it to a centralized ad network. * Ecosystem of Providers: Ulbricht envisioned multiple providers replacing a single platform. The PROMO Protocol’s open-source nature invites a similar diversity: anyone can build interfaces or tools on top of it, creating a competitive, decentralized advertising ecosystem rather than a walled garden. * Decentralized Transactions: Ulbricht’s DSP implied decentralized mechanisms for value exchange. NextBlock delivers this through the Bitcoin Lightning Network, ensuring that payments for ads are secure, instantaneous and final, a practical realization of Ulbricht’s call for user-controlled value flows. * Privacy and Control: While Ulbricht emphasized privacy in social interactions, the PROMO Protocol is public by default. Individuals are fully aware of all data that they generate since all Nostr messages are signed. All participants interact directly via Nostr.

[Blueprint Match, source NextBlock]

---

Who We Are

NextBlock is a US-based new media company reimagining digital ads for a decentralized future. Our founders, software and strategy experts, were hobbyist podcasters struggling to promote their work online without gaming the system. That sparked an idea: using new tech like Nostr and Bitcoin to build a decentralized attention market for people who value control and businesses seeking real connections.

Our first product, Billboard, is launching this June.

Open for All

Our model’s open-source! Check out the PROMO Protocol, built for promotion and attention trading. Anyone can join this decentralized ad network. Run your own billboard or use ours. This is a growing ecosystem for a new ad economy.

Our Vision

NextBlock wants to help build a new decentralized internet. Our revolutionary and transparent business model will bring honest revenue to companies hosting valuable digital spaces. Together, we will discover what our attention is really worth.

Read our Manifesto to learn more.

NextBlock is registered in Texas, USA.

@ 6ad3e2a3:c90b7740

There’s an annoying trend on Twitter wherein the algorithm feeds you a lot of threads like “five keys to gaining wealth” or “10 mistakes to avoid in relationships” that list a bunch of hacks for some ostensibly desirable state of affairs which for you is presumably lacking. It’s not that the hacks are wrong per se, more that the medium is the message. Reading threads about hacks on social media is almost surely not the path toward whatever is promised by them.

. . .

I’ve tried a lot of health supplements over the years. These days creatine is trendy, and of course Vitamin D (which I still take.) I don’t know if this is helping me, though it surely helps me pass my blood tests with robust levels. The more I learn about health and nutrition, the less I’m sure of anything beyond a few basics. Yes, replacing processed food with real food, moving your body and getting some sun are almost certainly good, but it’s harder to know how particular interventions affect me.

Maybe some of them work in the short term then lose their effect, Maybe some work better for particular phenotypes, but not for mine. Maybe my timing in the day is off, or I’m not combining them correctly for my lifestyle and circumstances. The body is a complex system, and complex systems are characterized by having unpredictable outputs given changes to initial conditions (inputs).

. . .

I started getting into Padel recently — a mini-tennis-like game where you can hit the ball off the back walls. I’d much rather chase a ball around for exercise than run or work out, and there’s a social aspect I enjoy. (By “social aspect”, I don’t really mean getting to know the people with whom I’m playing, but just the incidental interactions you get during the game, joking about it, for example, when you nearly impale someone at the net with a hard forehand.)

A few months ago, I was playing with some friends, and I was a little off. It’s embarrassing to play poorly at a sport, especially when (as is always the case in Padel) you have a doubles partner you’re letting down. Normally I’d be excoriating myself for my poor play, coaching myself to bend my knees more, not go for winners so much. But that day, I was tired — for some reason I hadn’t slept well — and I didn’t have the energy for much internal monologue. I just mishit a few balls, felt stupid about it and kept playing.

After a few games, my fortunes reversed. I was hitting the ball cleanly, smashing winners, rarely making errors. My partner and I started winning games and then sets. I was enjoying myself. In the midst of it I remember hitting an easy ball into the net and reflexively wanting to self-coach again. I wondered, “What tips did I give to right the ship when I had been playing poorly at the outset?” I racked my brain as I waited for the serve and realized, to my surprise, there had been none. The turnaround in my play was not due to self-coaching but its absence. I had started playing better because my mind had finally shut the fuck up for once.

Now when I’m not playing well, I resist, to the extent I’m capable, the urge to meddle. I intend to be more mind-less. Not so much telling the interior coach to shut up but not buying into the premise there is a problem to be solved at all. The coach isn’t just ignored, he’s fired. And he’s not just fired, his role was obsoleted.

You blew the point, you’re embarrassed about it and there’s nothing that needs to be done about it. Or that you started coaching yourself like a fool and made things worse. No matter how much you are doing the wrong thing nothing needs to be done about any of it whatsoever. There is always another ball coming across the net that needs to be struck until the game is over.

. . .

Most of the hacks, habits and heuristics we pick up to manage our lives only serve as yet more inputs in unfathomably complex systems whose outputs rarely track as we’d like. There are some basic ones that are now obvious to everyone like not injecting yourself with heroin (or mRNA boosters), but for the most part we just create more baggage for ourselves which justifies ever more hacks. It’s like taking medication for one problem that causes side effects, and then you need another medicine for that side effect, rinse and repeat, ad infinitum.

But this process can be reverse-engineered too. For every heuristic you drop, the problem it was put into place to solve re-emerges and has a chance to be observed. Observing won’t solve it, it’ll just bring it into the fold, give the complex system of which it is a part a chance to achieve an equilibrium with respect to it on its own.

You might still be embarrassed when you mishit the ball, but embarrassment is not a problem. And if embarrassment is not a problem, then mishitting a ball isn’t that bad. And if mishitting a ball isn’t that bad, then maybe you’re not worrying about what happens if you botch the next shot, instead fixing your attention on the ball. And so you disappear a little bit into the game, and it’s more fun as a result.

I honestly wish there were a hack for this — being more mindless — but I don’t know of any. And in any event, hack Substacks won’t get you any farther than hack Twitter threads.

@ 8f69ac99:4f92f5fd

O programa eleitoral do Partido Socialista (PS) para 2025 apresenta-se como pragmático e progressista, com foco no reforço dos serviços públicos, aumento salarial e acesso à habitação—tudo envolto numa mensagem de responsabilidade fiscal e cooperação europeia. O lema é de equilíbrio: fazer crescer a economia, proteger os vulneráveis, modernizar o Estado e manter a estabilidade.

Mas, como em muitos projectos políticos centristas, os detalhes revelam uma tensão conhecida: até que ponto pode o governo planear, gastar e regular sem sufocar a liberdade e a autonomia que sustentam a prosperidade duradoura?

---

Cortes Fiscais Selectivos, Mas com Mão Pesada

O PS propõe um conjunto de alívios fiscais—IVA a 0% nos alimentos essenciais, redução do IVA da electricidade, e incentivos a empresas que reinvistam lucros e aumentem salários. Estas medidas podem trazer algum alívio imediato, mas são altamente condicionadas e fortemente controladas pelo Estado.

Em vez de reduzir a carga fiscal de forma transversal e confiar que indivíduos e empresas saibam aplicar os seus recursos, o PS opta pela micro gestão fiscal baseada em incentivos dirigidos. Isso deixa pouco espaço para a espontaneidade ou para o empreendedorismo e prende a economia a um modelo de “boa conduta” definida centralmente.

---

Planeamento Salarial Sem Feedback do Mercado

O PS quer atingir um salário mínimo de 1.110€ e um salário médio de 2.000€ até 2029, através de metas anuais e acordos salariais. Embora salários mais altos sejam desejáveis, aumentá-los sem ganhos de produtividade e reformas estruturais competitivas pode sair caro—com inflação, falências ou crescimento do trabalho informal.

Quando os governos fixam resultados económicos sem ajustar os factores estruturais, arriscam distorcer os próprios mercados que pretendem ajudar. Numa economia saudável, os salários sobem com a criação de valor—não com optimismo administrativo.

---

Estado Social em Expansão—Mas Quem Escolhe?

Medidas como pré-escolar gratuito, fim das propinas, grandes investimentos em habitação pública, e SNS modernizado seguem a estratégia conhecida: aumentar a oferta pública em nome da equidade. Mas este aumento da oferta estatal tende a reduzir a escolha, prolongar tempos de espera e, frequentemente, baixar a qualidade devido à captura burocrática.

O uso de parcerias público-privadas e sociais é louvável em teoria—mas o Estado continua a ser o guardião, o que significa que até soluções “privadas” ficam subordinadas aos objectivos públicos. Isso esbate a linha entre apoio e controlo, entre parceria e dependência.

---

Transição Climática e Coesão Territorial: Planeamento Central, Outra Vez

O compromisso do PS com uma “transição climática justa” e a revitalização regional parece bem-intencionado—mas assenta em planeamento centralizado, subsídios e investimento público a longo prazo. Historicamente, abordagens deste tipo têm dificuldade em competir com a flexibilidade, o risco e o conhecimento local que os sistemas descentralizados proporcionam.

Uma abordagem mais livre focar-se-ia em remover barreiras, não em direccionar investimento; em dar poder à governação local, não em subsidiá-la a partir de Lisboa.

---

Internacionalismo com Custo Interno

O PS reafirma o seu apoio à UE e à NATO, defende a Ucrânia e promete reconhecer a Palestina—posições que projectam clareza moral. No entanto, compromete-se também com aumento da despesa em defesa e ajuda externa, sem explicar claramente como estes encargos se alinham com as prioridades internas ou as limitações orçamentais.

O apoio a causas globais é nobre—mas deve ser fundamentado em consentimento democrático e transparência orçamental, e não assumido como dever moral incontestável.

---

Conclusão: Estabilidade Sim, Mas com um Preço

O programa do PS é, à primeira vista, o mais “moderado” entre os principais partidos. Evita extremos, promete estabilidade e privilegia o investimento público em vez do controlo directo. Mas a lógica que o sustenta continua a ser paternalista: o Estado deve conduzir a economia, planear salários, moldar escolhas e garantir resultados.

Esta visão não é hostil à liberdade, mas frequentemente ignora-a. A liberdade floresce não só no que o Estado dá, mas sobretudo no que permite às pessoas fazer por si mesmas, sem interferência.

Para quem valoriza autodeterminação, governo limitado e ordem social espontânea, o programa do PS poderá oferecer uma administração competente—mas não uma sociedade verdadeiramente livre.

---

Photo by Claudio Schwarz on Unsplash

@ df478568:2a951e67

"It might make sense just to get some in case it catches on. If enough people think the same way, that becomes a self fulfilling prophecy. Once it gets bootstrapped, there are so many applications if you could effortlessly pay a few cents to a website as easily as dropping coins in a vending machine." --Satoshi Nakamoto The Cryptography Mailing List--January 17, 2009

Forgot to add the good part about micropayments. While I don't think Bitcoin is practical for smaller micropayments right now, it will eventually be as storage and bandwidth costs continue to fall. If Bitcoin catches on on a big scale, it may already be the case by that time. Another way they can become more practical is if I implement client-only mode and the number of network nodes consolidates into a smaller number of professional server farms. Whatever size micropayments you need will eventually be practical. I think in 5 or 10 years, the bandwidth and storage will seem trivial. --Satoshi Nakamoto Bitcoin Talk-- August 5, 2010

I very be coded some HTML buttons using Claude and uploaded it to https://github.com/GhostZaps/ It's just a button that links to zapper.fun.

I signed up for Substack to build an email address, but learned adding different payment options to Substack is against their terms and services. Since I write about nostr, these terms seem as silly as someone saying Craig Wright is Satoshi. It's easy to build an audience on Substack however, or so I thought. Why is it easier to build an audience on Subtack though? Because Substack is a platform that markets to writers. Anyone with a ~~pen~~ ~~keyboard~~ smartphone and an email can create an account with Substack. There's just one problem: You are an Internet serf, working the land for your Internet landlord--The Duke of Substack.

Then I saw that Shawn posted about Substack's UX.

I should have grabbed my reading glasses before pushing the post button, but it occurred to me that I could use Ghost to do this and there is probably a way to hack it to accept bitcoin payments over the lightning network and host it yourself. So I spun my noddle, doodled some plans...And then it hit me. Ghost allows for markdown and HTML. I learned HTML and CSS with free-code camp, but ain't nobody got time to type CSS so I vibe-coded a button that ~~baits~~ sends the clicker to my zapper.fun page. This can be used on any blog that allows you to paste html into it so I added it to my Ghost blog self-hosted on a Start 9. The blog is on TOR at http://p66dxywd2xpyyrdfxwilqcxmchmfw2ixmn2vm74q3atf22du7qmkihyd.onion/, but most people around me have been conditioned to fear the dark web so I used the cloudflared to host my newsletter on the clear net at https://marc26z.com/

Integrating Nostr Into My Self-Hosted Ghost Newsletter

I would venture to say I am more technical than the average person and I know HTML, but my CSS is fuzzy. I also know how to print("Hello world!") in python, but I an NPC beyond the basics. Nevertheless, I found that I know enough to make a button. I can't code well enough to create my own nostr long-form client and create plugins for ghost that send lightning payments to lighting channel, but I know enough about nostr to know that I don't need to. That's why nostr is so F@#%-ing cool! It's all connected. ** - One button takes you to zapper.fun where you can zap anywhere between 1 and ,000,000 sats.** - Another button sends you to a zap planner pre-set to send 5,000 sats to the author per month using nostr. - Yet another button sends you to a zap planner preset to send 2,500 sats per month.

The possibilities are endless. I entered a link that takes the clicker to my Shopstr Merch Store. The point is to write as self-sovereign as possible. I might need to change my lightning address when stuff breaks every now and then, but I like the idea of busking for sats by writing on the Internet using the Value 4 Value model. I dislike ads, but I also want people to buy stuff from people I do business with because I want to promote using bitcoin as peer-to-peer electronic cash, not NGU porn. I'm not prude. I enjoy looking at the price displayed on my BlockClock micro every now and then, but I am not an NGU porn addict.

This line made this pattern, that line made this pattern. All that Bolinger Bart Simpson bullshit has nothing to with bitcoin, a peer-to-peer electronic cash system. It is the musings of a population trapped in the fiat mind-set. Bitcoin is permissionless so I realized I was bieng a hipocryte by using a permissioned payment system becaue it was easier than writing a little vibe code. I don't need permission to write for sats. I don't need to give my bank account number to Substack. I don't need to pay a 10$ vig to publish on a a platform which is not designed for stacking sats. I can write on Ghost and integrate clients that already exist in the multi-nostr-verse.

Nostr Payment Buttons

The buttons can be fouund at https://github.com/Marc26z/GhostZapButton

You can use them yourself. Just replace my npub with your npub or add any other link you want. It doesn't technically need to be a nostr link. It can be anything. I have a link to another Ghost article with other buttons that lead down different sat pledging amounts. It's early. Everyone who spends bitcoin is on nostr and nostr is small, but growing community. I want to be part of this community. I want to find other writers on nostr and stay away from Substack.

Support By Pledging 5,000 Sats Per Month

Here's what it looks like on Ghost: https://marc26z.com/zaps-on-ghost/

npub1marc26z8nh3xkj5rcx7ufkatvx6ueqhp5vfw9v5teq26z254renshtf3g0

@ f10512df:c9293bb3

Details

• 🍳 Cook time: 5-7 minutes
• 🍽️ Servings: 1

Ingredients

• 2 eggs
• Shredded cheese (Sharp cheddar is a favorite)
• 1 Tbsp olive oil or ghee

Directions

1. Add oil to a non-stick pan and allow it to get hot (med-high heat)
2. Add eggs and additional toppings, scramble and wait for the edges to get brown.
3. Add shredded cheese while edges are browning. It is best if cheese begins to melt before flipping.
4. Flip, and make sure all cheese stayed down, and there is enough oil left in the pan.
5. Keep checking until pan side of eggs lift easily. Done correctly, the cheese will form a crisp layer.
6. When fully cooked, serve with cheese right side up and enjoy!

@ 1739d937:3e3136ef

MLS over Nostr - 30th April 2025

YO! Exciting stuff in this update so no intro, let's get straight into it.

🚢 Libraries Released

I've created 4 new Rust crates to make implementing NIP-EE (MLS) messaging easy for other projects. These are now part of the rust-nostr project (thanks nostr:npub1drvpzev3syqt0kjrls50050uzf25gehpz9vgdw08hvex7e0vgfeq0eseet) but aren't quite released to crates.io yet. They will be included in the next release of that library. My hope is that these libraries will give nostr developers a simple, safe, and specification-compliant way to work with MLS messaging in their applications.

Here's a quick overview of each:

nostr_mls_storage

One of the challenges of using MLS messaging is that clients have to store quite a lot of state about groups, keys, and messages. Initially, I implemented all of this in White Noise but knew that eventually this would need to be done in a more generalized way.

This crate defines traits and types that are used by the storage implementation crates and sets those up to wrap the OpenMLS storage layer. Now, instead of apps having to implement storage for both OpenMLS and Nostr, you simply pick your storage backend and go from there.

Importantly, because these are generic traits, it allows for the creation of any number of storage implementations for different backend storage providers; postgres, lmdb, nostrdb, etc. To start I've created two implementations; detailed below.

nostr_mls_memory_storage

This is a simple implementation of the nostr_mls_storage traits that uses an in-memory store (that doesn't persist anything to disc). This is principally for testing.

nostr_mls_sqlite_storage

This is a production ready implementation of the nostr_mls_storage traits that uses a persistent local sqlite database to store all data.

nostr_mls

This is the main library that app developers will interact with. Once you've chose a backend and instantiated an instance of NostrMls you can then interact with a simple set of methods to create key packages, create groups, send messages, process welcomes and messages, and more.

If you want to see a complete example of what the interface looks like check out mls_memory.rs.

I'll continue to add to this library over time as I implement more of the MLS protocol features.

🚧 White Noise Refactor

As a result of these new libraries, I was able to remove a huge amount of code from White Noise and refactor large parts of the app to make the codebase easier to understand and maintain. Because of this large refactor and the changes in the underlying storage layer, if you've installed White Noise before you'll need to delete it from your device before you trying to install again.

🖼️ Encrypted Media with Blossom

Let's be honest: Group chat would be basically useless if you couldn't share memes and gifs. Well, now you can in White Noise. Media in groups is encrypted using an MLS secret and uploaded to Blossom with a one-time use keypair. This gives groups a way to have rich conversations with images and documents and anything else while also maintaining the privacy and security of the conversation.

This is still in a rough state but rendering improvements are coming next.

📱 Damn Mobile

The app is still in a semi-broken state on Android and fully broken state on iOS. Now that I have the libraries released and the White Noise core code refactored, I'm focused 100% on fixing these issues. My goal is to have a beta version live on Zapstore in a few weeks.

🧑‍💻 Join Us

I'm looking for mobile developers on both Android and iOS to join the team and help us build the best possible apps for these platforms. I have grant funding available for the right people. Come and help us build secure, permissionless, censorship-resistant messaging. I can think of few projects that deserve your attention more than securing freedom of speech and freedom of association for the entire world. If you're interested or know someone who might be, please reach out to me directly.

🙏 Thanks to the People

Last but not least: A HUGE thank you to all the folks that have been helping make this project happen. You can check out the people that are directly working on the apps on Following._ (and follow them). There are also a lot of people behind the scenes that have helped in myriad ways to get us this far. Thank you thank you thank you.

🔗 Links

Libraries

• nostr_mls
• nostr_mls_storage
• nostr_mls_memory_storage
• nostr_mls_sqlite_storage

White Noise

• White Noise Repo
• White Noise Releases

Other

• Previous updates

@ f10512df:c9293bb3

Chef's notes

Use a tea bag to hold the spices. I like to fill it and drape it on the side of the pan so the flavors get in, and then toss it before serving. Easier than picking rosemary out of your teeth later.

Details

• ⏲️ Prep time: 20 minutes
• 🍳 Cook time: 1 hour 45 from scratch, 45 if using chicken stock
• 🍽️ Servings: 4

Ingredients

• 1 Cup Carrots (sliced)
• 1C celery (sliced)
• 2 cloves garlic
• 1 tsp dried thyme
• 1/2 tsp dried minced onion
• 2 Tbsp lemon juice (or more to taste)
• 1/2 Tbsp salt (to taste)
• 1 rotisserie chicken
• 2 tsp dried rosemary (or 1-2 sprigs fresh)
• 8 C water & additional 1-2 C later
• 10 oz pre-cooked noodles
• 1 tsp cracked pepper (to taste)

Directions

1. Remove chicken meat from bones and set aside. Do not discard skin. Put bones and skin in a large stock pot and add water. Let boil covered for one hour, and then remove bones and strain out any bits of skin from broth.
2. Add chopped vegetables, spices, and lemon juice to broth with up to 2 C. additional water to replace what might have boiled away. Simmer over low to medium heat (covered) for another half hour, stirring occasionally. Add in chicken meat. Taste test and add additional salt if needed.
3. When vegetables are cooked, add in noodles and stir for an additional 2-3 minutes until hot (uncovered), and enjoy.
4. If using store bought chicken stock, only simmer until vegetables are cooked (about half an hour).

@ a39d19ec:3d88f61e

Die Debatte um Migration, Grenzsicherung und Abschiebungen wird in Deutschland meist emotional geführt. Wer fordert, dass illegale Einwanderer abgeschoben werden, sieht sich nicht selten dem Vorwurf des Rassismus ausgesetzt. Doch dieser Vorwurf ist nicht nur sachlich unbegründet, sondern verkehrt die Realität ins Gegenteil: Tatsächlich sind es gerade diejenigen, die hinter jeder Forderung nach Rechtssicherheit eine rassistische Motivation vermuten, die selbst in erster Linie nach Hautfarbe, Herkunft oder Nationalität urteilen.

Das Recht steht über Emotionen

Deutschland ist ein Rechtsstaat. Das bedeutet, dass Regeln nicht nach Bauchgefühl oder politischer Stimmungslage ausgelegt werden können, sondern auf klaren gesetzlichen Grundlagen beruhen müssen. Einer dieser Grundsätze ist in Artikel 16a des Grundgesetzes verankert. Dort heißt es:

„Auf Absatz 1 [Asylrecht] kann sich nicht berufen, wer aus einem Mitgliedstaat der Europäischen Gemeinschaften oder aus einem anderen Drittstaat einreist, in dem die Anwendung des Abkommens über die Rechtsstellung der Flüchtlinge und der Europäischen Menschenrechtskonvention sichergestellt ist.“

Das bedeutet, dass jeder, der über sichere Drittstaaten nach Deutschland einreist, keinen Anspruch auf Asyl hat. Wer dennoch bleibt, hält sich illegal im Land auf und unterliegt den geltenden Regelungen zur Rückführung. Die Forderung nach Abschiebungen ist daher nichts anderes als die Forderung nach der Einhaltung von Recht und Gesetz.

Die Umkehrung des Rassismusbegriffs

Wer einerseits behauptet, dass das deutsche Asyl- und Aufenthaltsrecht strikt durchgesetzt werden soll, und andererseits nicht nach Herkunft oder Hautfarbe unterscheidet, handelt wertneutral. Diejenigen jedoch, die in einer solchen Forderung nach Rechtsstaatlichkeit einen rassistischen Unterton sehen, projizieren ihre eigenen Denkmuster auf andere: Sie unterstellen, dass die Debatte ausschließlich entlang ethnischer, rassistischer oder nationaler Kriterien geführt wird – und genau das ist eine rassistische Denkweise.

Jemand, der illegale Einwanderung kritisiert, tut dies nicht, weil ihn die Herkunft der Menschen interessiert, sondern weil er den Rechtsstaat respektiert. Hingegen erkennt jemand, der hinter dieser Kritik Rassismus wittert, offenbar in erster Linie die „Rasse“ oder Herkunft der betreffenden Personen und reduziert sie darauf.

Finanzielle Belastung statt ideologischer Debatte

Neben der rechtlichen gibt es auch eine ökonomische Komponente. Der deutsche Wohlfahrtsstaat basiert auf einem Solidarprinzip: Die Bürger zahlen in das System ein, um sich gegenseitig in schwierigen Zeiten zu unterstützen. Dieser Wohlstand wurde über Generationen hinweg von denjenigen erarbeitet, die hier seit langem leben. Die Priorität liegt daher darauf, die vorhandenen Mittel zuerst unter denjenigen zu verteilen, die durch Steuern, Sozialabgaben und Arbeit zum Erhalt dieses Systems beitragen – nicht unter denen, die sich durch illegale Einreise und fehlende wirtschaftliche Eigenleistung in das System begeben.

Das ist keine ideologische Frage, sondern eine rein wirtschaftliche Abwägung. Ein Sozialsystem kann nur dann nachhaltig funktionieren, wenn es nicht unbegrenzt belastet wird. Würde Deutschland keine klaren Regeln zur Einwanderung und Abschiebung haben, würde dies unweigerlich zur Überlastung des Sozialstaates führen – mit negativen Konsequenzen für alle.

Sozialpatriotismus

Ein weiterer wichtiger Aspekt ist der Schutz der Arbeitsleistung jener Generationen, die Deutschland nach dem Zweiten Weltkrieg mühsam wieder aufgebaut haben. Während oft betont wird, dass die Deutschen moralisch kein Erbe aus der Zeit vor 1945 beanspruchen dürfen – außer der Verantwortung für den Holocaust –, ist es umso bedeutsamer, das neue Erbe nach 1945 zu respektieren, das auf Fleiß, Disziplin und harter Arbeit beruht. Der Wiederaufbau war eine kollektive Leistung deutscher Menschen, deren Früchte nicht bedenkenlos verteilt werden dürfen, sondern vorrangig denjenigen zugutekommen sollten, die dieses Fundament mitgeschaffen oder es über Generationen mitgetragen haben.

Rechtstaatlichkeit ist nicht verhandelbar

Wer sich für eine konsequente Abschiebepraxis ausspricht, tut dies nicht aus rassistischen Motiven, sondern aus Respekt vor der Rechtsstaatlichkeit und den wirtschaftlichen Grundlagen des Landes. Der Vorwurf des Rassismus in diesem Kontext ist daher nicht nur falsch, sondern entlarvt eine selektive Wahrnehmung nach rassistischen Merkmalen bei denjenigen, die ihn erheben.

@ 1c19eb1a:e22fb0bc

After my first major review of Primal on Android, we're going to go a very different direction for this next review. Primal is your standard "Twitter clone" type of kind 1 note client, now branching into long-form. They also have a team of developers working on making it one of the best clients to fill that use-case. By contrast, this review will not be focusing on any client at all. Not even an "other stuff" client.

Instead, we will be reviewing a very useful tool created and maintained by nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5 called #Amber. For those unfamiliar with Amber, it is an #Android application dedicated to managing your signing keys, and allowing you to log into various #Nostr applications without having to paste in your private key, better known as your #nsec. It is not recommended to paste your nsec into various applications because they each represent another means by which it could be compromised, and anyone who has your nsec can post as you. On Nostr, your #npub is your identity, and your signature using your private key is considered absolute proof that any given note, reaction, follow update, or profile change was authorized by the rightful owner of that identity.

It happens less often these days, but early on, when the only way to try out a new client was by inputting your nsec, users had their nsec compromised from time to time, or they would suspect that their key may have been compromised. When this occurs, there is no way to recover your account, or set a new private key, deprecating the previous one. The only thing you can do is start over from scratch, letting everyone know that your key has been compromised and to follow you on your new npub.

If you use Amber to log into other Nostr apps, you significantly reduce the likelihood that your private key will be compromised, because only one application has access to it, and all other applications reach out to Amber to sign any events. This isn't quite as secure as storing your private key on a separate device that isn't connected to the internet whatsoever, like many of us have grown accustomed to with securing our #Bitcoin, but then again, an online persona isn't nearly as important to secure for most of us as our entire life savings.

Amber is the first application of its kind for managing your Nostr keys on a mobile device. nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5 didn't merely develop the application, but literally created the specification for accomplishing external signing on Android which can be found in NIP-55. Unfortunately, Amber is only available for Android. A signer application for iOS is in the works from nostr:npub1yaul8k059377u9lsu67de7y637w4jtgeuwcmh5n7788l6xnlnrgs3tvjmf, but is not ready for use at this time. There is also a new mobile signer app for Android and iOS called Nowser, but I have not yet had a chance to try this app out. From a cursory look at the Android version, it is indeed in the very early stages of development and cannot be compared with Amber.

This review of Amber is current as of version 3.2.5.

Overall Impression

Score: 4.7 / 5 (Updated 4/21/2025)

I cannot speak highly enough about Amber as a tool that every Nostr user on Android should start using if they are not already. When the day comes that we have more options for well-developed signer apps on mobile, my opinion may very well change, but until then Amber is what we have available to us. Even so, it is an incredibly well thought-out and reliable tool for securing your nsec.

Despite being the only well-established Android signer available for Android, Amber can be compared with other external signing methods available on other platforms. Even with more competition in this arena, though, Amber still holds up incredibly well. If you are signing into web applications on a desktop, I still would recommend using a browser extension like #Alby or #Nos2x, as the experience is usually faster, more seamless, and far more web apps support this signing method (NIP-07) than currently support the two methods employed by Amber. Nevertheless that gap is definitely narrowing.

A running list I created of applications that support login and signing with Amber can be found here: Nostr Clients with External Signer Support

I have run into relatively few bugs in my extensive use of Amber for all of my mobile signing needs. Occasionally the application crashes when trying to send it a signing request from a couple of applications, but I would not be surprised if this is no fault of Amber at all, and rather the fault of those specific apps, since it works flawlessly with the vast majority of apps that support either NIP-55 or NIP-46 login.

I also believe that mobile is the ideal platform to use for this type of application. First, because most people use Nostr clients on their phone more than on a desktop. There are, of course, exceptions to that, but in general we spend more time on our phones when interacting online. New users are also more likely to be introduced to Nostr by a friend having them download a Nostr client on their phone than on a PC, and that can be a prime opportunity to introduce the new user to protecting their private key. Finally, I agree with the following assessment from nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn.

nostr:nevent1qqsw0r6gzn05xg67h5q2xkplwsuzedjxw9lf7ntrxjl8ajm350fcyugprfmhxue69uhhyetvv9ujumn0wd68yurvv438xtnrdaksyg9hyaxj3clfswlhyrd5kjsj5v04clhjvgeq6pwztmysfzdvn93gev7awu9v

The one downside to Amber is that it will be quite foreign for new users. That is partially unavoidable with Nostr, since folks are not accustomed to public/private key cryptography in general, let alone using a private key to log into websites or social media apps. However, the initial signup process is a bit cumbersome if Amber is being used as the means of initially generating a key pair. I think some of this could be foregone at start-up in favor of streamlining onboarding, and then encourage the user to back-up their private key at a later time.

Features

Amber has some features that may surprise you, outside of just storing your private key and signing requests from your favorite Nostr clients. It is a full key management application, supporting multiple accounts, various backup methods, and even the ability to authorize other users to access a Nostr profile you control.

Android Signing

This is the signing method where Amber really shines in both speed and ease of use. Any Android application that supports this standard, and even some progressive web-apps that can be installed to your Android's home-screen, can very quickly and seamlessly connect with Amber to authorize anything that you need signed with your nsec. All you have to do is select "Login with Amber" in clients like #Amethyst or #0xChat and the app will reach out to Amber for all signing requests from there on out. If you had previously signed into the app with your nsec, you will first need to log out, then choose the option to use Amber when you log back in.

This is a massive deal, because everything you do on Nostr requires a signature from your private key. Log in? Needs a signature. Post a "GM" note? Needs a signature. Follow someone who zapped your note? Needs a signature. Zap them back? You guessed it; needs a signature. When you paste your private key into an application, it will automatically sign a lot of these actions without you ever being asked for approval, but you will quickly realize just how many things the client is doing on your behalf when Amber is asking you to approve them each time.

Now, this can also get quite annoying after a while. I recommend using the setting that allows Amber to automatically sign for basic functions, which will cut down on some of the authorization spam. Once you have been asked to authorize the same type of action a few times, you can also toggle the option to automatically authorize that action in the future. Don't worry, though, you have full control to require Amber to ask you for permission again if you want to be alerted each time, and this toggle is specific to each application, so it's not a blanket approval for all Nostr clients you connect with.

This method of signing is just as fast as signing via browser extension on web clients, which users may be more accustomed to. Everything is happening locally on the device, so it can be very snappy and secure.

Nostr Connect/Bunker Signing

This next method of signing has a bit of a delay, because it is using a Nostr relay to send encrypted information back and forth between the app the user is interacting with and Amber to obtain signatures remotely. It isn't a significant delay most of the time, but it is just enough to be noticeable.

Also, unlike the previous signing method that would automatically switch to Amber as the active application when a signing request is sent, this method only sends you a notification that you must be watching for. This can lead to situations where you are wondering why something isn't working in a client you signed into remotely, because it is waiting on you to authorize the action and you didn't notice the notification from Amber. As you use the application, you get used to the need to check for such authorization requests from time to time, or when something isn't working as expected.

By default, Amber will use relay.nsec.app to communicate with whichever Nostr app you are connecting to. You can set a different relay for this purpose, if you like, though not just any relay will support the event kinds that Amber uses for remote signing. You can even run your own relay just for your own signing purposes. In fact, the creator of Amber has a relay application you can run on your phone, called Citrine, that can be used for signing with any web app you are using locally on your phone. This is definitely more of an advanced option, but it is there for you if you want it. For most users, sticking with relay.nsec.app will be just fine, especially since the contents of the events sent back and forth for signing are all encrypted.

Something many users may not realize is that this remote signing feature allows for issuing signing permissions to team members. For instance, if anyone ever joined me in writing reviews, I could issue them a connection string from Amber, and limit their permissions to just posting long-form draft events. Anything else they tried to do would require my explicit approval each time. Moreover, I could revoke those permissions if I ever felt they were being abused, without the need to start over with a whole new npub. Of course, this requires that your phone is online whenever a team member is trying to sign using the connection string you issued, and it requires you pay attention to your notifications so you can approve or reject requests you have not set to auto-approve. However, this is probably only useful for small teams, and larger businesses will want to find a more robust solution for managing access to their npub, such as Keycast from nostr:npub1zuuajd7u3sx8xu92yav9jwxpr839cs0kc3q6t56vd5u9q033xmhsk6c2uc.

The method for establishing a connection between Amber and a Nostr app for remote signing can vary for each app. Most, at minimum, will support obtaining a connection string from Amber that starts with "bunker://" and pasting it in at the time of login. Then you just need to approve the connection request from Amber and the client will log you in and send any subsequent signing requests to Amber using the same connection string.

Some clients will also offer the option to scan a QR code to connect the client to Amber. This is quite convenient, but just remember that this also means the client is setting which relay will be used for communication between the two. Clients with this option will also have a connection string you can copy and paste into Amber to achieve the same purpose. For instance, you may need this option if you are trying to connect to an app on your phone and therefore can't scan the QR code using Amber on the same phone.

Multiple Accounts

Amber does not lock you into using it with only a single set of keys. You can add all of your Nostr "accounts" to Amber and use it for signing events for each independently. Of course, Nostr doesn't actually have "accounts" in the traditional sense. Your identity is simply your key-pair, and Amber stores and accesses each private key as needed.

When first signing in using native Android signing as described above, Amber will default to whichever account was most recently selected, but you can switch to the account that is needed before approving the request. After initial login, Amber will automatically detect the account that the signing request is for.

Key Backup & Restore

Amber allows multiple ways to back up your private key. As most users would expect, you can get your standard nsec and copy/paste it to a password manager, but you can also obtain your private key as a list of mnemonic seed words, an encrypted version of your key called an ncryptsec, or even a QR code of your nsec or ncryptsec.

Additionally, in order to gain access to this information, Amber requires you to enter your device's PIN or use biometric authentication. This isn't cold-storage level protection for your private key by any means, especially since your phone is an internet connected device and does not store your key within a secure element, but it is about as secure as you can ask for while having your key accessible for signing Nostr events.

Tor Support

While Amber does not have Tor support within the app itself, it does support connecting to Tor through Orbot. This would be used with remote signing so that Amber would not connect directly over clearnet to the relay used for communication with the Nostr app requesting the signature. Instead, Amber would connect through Tor, so the relay would not see your IP address. This means you can utilize the remote signing option without compromising your anonymity.

Additional Security

Amber allows the user the option to require either biometric or PIN authentication before approving signing requests. This can provide that extra bit of assurance that no one will be able to sign events using your private key if they happen to gain access to your phone. The PIN you set in Amber is also independent from the PIN to unlock your device, allowing for separation of access.

Can My Grandma Use It?

Score: 4.6 / 5 (Updated 4/21/2025)

At the end of the day, Amber is a tool for those who have some concept of the importance of protecting their private key by not pasting it into every Nostr client that comes along. This concept in itself is not terribly approachable to an average person. They are used to just plugging their password into every service they use, and even worse, they usually have the same password for everything so they can more readily remember it. The idea that they should never enter their "Nostr password" into any Nostr application would never occur to them unless someone first explained how cryptography works related to public/private key pairs.

That said, I think there can be some improvements made to how users are introduced to these concepts, and that a signer application like Amber might be ideal for the job. Considering Amber as a new user's first touch-point with Nostr, I think it holds up well, but could be somewhat streamlined.

Upon opening the app, the user is prompted to either use their existing private key or "Create a new Nostr account." This is straightforward enough. "Account" is not a technically correct term with Nostr, but it is a term that new users would be familiar with and understand the basic concept.

The next screen announces that the account is ready, and presents the user with their public key, explaining that it is "a sort of username" that will allow others to find them on Nostr. While it is good to explain this to the user, it is unnecessary information at this point. This screen also prompts the user to set a nickname and set a password to encrypt their private key. Since the backup options also allow the user to set this password, I think this step could be pushed to a later time. This screen would better serve the new user if it simply prompted them to set a nickname and short bio that could be saved to a few default relays.

Of course, Amber is currently prompting for a password to be set up-front because the next screen requires the new user to download a "backup kit" in order to continue. While I do believe it is a good idea to encourage the creation of a backup, it is not crucial to do so immediately upon creation of a new npub that has nothing at stake if the private key is lost. This is something the UI could remind the user to do at a later time, reducing the friction of profile creation, and expediting getting them into the action.

Outside of these minor onboarding friction points, I think Amber does a great job of explaining to the user the purpose of each of its features, all within the app and without any need to reference external documentation. As long as the user understands the basic concept that their private key is being stored by Amber in order to sign requests from other Nostr apps, so they don't have to be given the private key, Amber is very good about explaining the rest without getting too far into the technical weeds.

The most glaring usability issue with Amber is that it isn't available in the Play Store. Average users expect to be able to find applications they can trust in their mobile device's default app store. There is a valid argument to be made that they are incorrect in this assumption, but that doesn't change the fact that this is the assumption most people make. They believe that applications in the Play Store are "safe" and that anything they can't install through the Play Store is suspect. The prompts that the Android operating system requires the user to approve when installing "unknown apps" certainly doesn't help with this impression.

Now, I absolutely love the Zapstore from nostr:npub1wf4pufsucer5va8g9p0rj5dnhvfeh6d8w0g6eayaep5dhps6rsgs43dgh9, but it doesn't do much to alleviate this issue. Users will still need to be convinced that it is safe to install the Zapstore from the GitHub repo, and then install Amber from there. Furthermore, this adds yet another step to the onboarding process.

Instead of:

• Install Amber
• Set up your keys
• Install the client you want to use
• Log in with Amber

The process becomes:

• Go to the Zapstore GitHub and download the latest version from the releases page.
• Install the APK you downloaded, allowing any prompt to install unknown apps.
• Open Zapstore and install Amber, allowing any prompt to install unknown apps again.
• Open Amber and set up your keys.
• Install the client you want to use
• Log in with Amber

An application as important as Amber for protecting users' private keys should be as readily available to the new user as possible. New users are the ones most prone to making mistakes that could compromise their private keys. Amber should be available to them in the Play Store.

UPDATE: As of version 3.2.8 released on 4/21/2025, the onboarding flow for Amber has been greatly improved! Now, when selecting to set up a new "account" the user is informed on the very next screen, "Your Nostr account is ready!" and given their public key/npub. The only field the user must fill in is their "nickname"/display name and hit "Continue."

From there the user is asked if they want Amber to automatically approve basic actions, or manually approve each app, and then they are shown a new Applications screen, with a prompt to create a backup of their account. This prompt persists until the user has done so.

As you can see, the user is also encouraged to find applications that can be used with Amber with links to nostrapps.com and the Zapstore.

Thanks to these updates, Amber is now the smoothest and most user-friendly onboarding experience I have seen for Nostr to date. Sure, it doesn't have anything for setting up a profile picture or lightning address, but that is better done in a client like Amethyst or YakiHonne, anyway. Just tap "create," type in a handle to call yourself, and you're done!

How do UI Look?

Score: 4.5 / 5

Amber's UI can be described as clean but utilitarian. But then, Amber is a tool, so this is somewhat expected. It is not an app you will be spending a lot of time in, so the UI just needs to be serviceable. I would say it accomplishes this and then some. UI elements are generally easy to understand what they do, and page headings fill in the gaps where that is not the case.

I am not the biggest fan of the color-scheme, particularly in light-mode, but it is not bad in dark-mode at all, and Amber follows whatever theme you have set for your device in that respect. Additionally, the color choice does make sense given the application's name.

It must also be taken into consideration that Amber is almost entirely the product of a single developer's work. He has done a great job producing an app that is not only useful, but pleasant to interact with. The same cannot be said for most utility apps I have previously used, with interfaces that clearly made good design the lowest priority. While Amber's UI may not be the most beautiful Nostr app I have seen, design was clearly not an afterthought, either, and it is appreciated.

Relay Management

Score: 4.9 / 5

Even though Amber is not a Nostr client, where users can browse notes from their favorite npubs, it still relies heavily on relays for some of its features. Primarily, it uses relays for communicating with other Nostr apps for remote signing requests. However, it also uses relays to fetch profile data, so that each private key you add to Amber will automatically load your chosen username and profile picture.

In the relay settings, users can choose which relays are being used to fetch profile data, and which relays will be used by default when creating new remote signing connection strings.

The user can also see which relays are currently connected to Amber and even look at the information that has been passed back and forth on each of those active relays. This information about actively connected relays is not only available within the application, but also in the notification that Amber has to keep in your device's notification tray in order to continue to operate in the background while you are using other apps.

Optionality is the name of the game when it comes to how Amber handles relay selection. The user can just stick with the default signing relay, use their own relay as the default, or even use a different relay for each Nostr application that they connect to for remote signing. Amber gives the user an incredible amount of flexibility in this regard.

In addition to all of this, because not all relays accept the event types needed for remote signing, when you add a relay address to Amber, it automatically tests that relay to see if it will work. This alone can be a massive time saver, so users aren't trying to use relays that don't support remote signing and wondering why they can't log into noStrudel with the connection string they got from Amber.

The only way I could see relay management being improved would be some means of giving the user relay recommendations, in case they want to use a relay other than relay.nsec.app, but they aren't sure which other relays will accept remote signing events. That said, most users who want to use a different relay for signing remote events will likely be using their own, in which case recommendations aren't needed.

Current Users' Questions

The AskNostr hashtag can be a good indication of the pain points that other users are currently having with any Nostr application. Here are some of the most common questions submitted about Amber in the last two months.

nostr:nevent1qqsfrdr68fafgcvl8dgnhm9hxpsjxuks78afxhu8yewhtyf3d7mkg9gpzemhxue69uhhyetvv9ujumn0wd68ytnzv9hxgq3qkgh77xxt7hhtt4u528hecnx69rhagla8jj3tclgyf9wvkxa6dc0sxp0e6m

This is a good example of Amber working correctly, but the app the user is trying to log into not working. In my experience with #Olas in particular, it sometimes allows remote signer login, and sometimes doesn't. Amber will receive the signing request and I will approve it, but Olas remains on the login screen.

If Amber is receiving the signing requests, and you are approving them, the fault is likely with the application you are trying to log into.

That's it. That's all the repeated questions I could find. Oh, there were a few one-off questions where relay.nsec.app wouldn't connect, or where the user's out-of-date web browser was the issue. Outside of that, though, there were no common questions about how to use Amber, and that is a testament to Amber's ease of use all on its own.

Wrap Up

If you are on Android and you are not already using Amber to protect your nsec, please do yourself a favor and get it installed. It's not at all complicated to set up, and it will make trying out all the latest Nostr clients a safe and pleasant experience.

If you are a client developer and you have not added support for NIP-55 or NIP-46, do your users the courtesy of respecting the sanctity of their private keys. Even developers who have no intention of compromising their users' keys can inadvertently do so. Make that eventuality impossible by adding support for NIP-55 and NIP-46 signing.

Finally, I apologize for the extended time it took me to get this review finished. The time I have available is scarce, Nostr is distracting, and nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5 kept improving Amber even as I was putting it through its paces over the last two months. Keep shipping, my friend! You have made one of the most useful tools we have seen for Nostr to date!

Now... What should I review next?

@ 4e616576:43c4fee8

asdfasdfsadfaf

@ 4e616576:43c4fee8

asdfasdf

@ 4e616576:43c4fee8

asdffasdf