@ DEG Mods

The project claims and communicates to everyone that mods published on it can't be taken down by the project/site owners, and that creators and users can't be banned, as well as not needing the site's permission to publish mods on it, citing that all of this is possible because of the protocol that its built on, Nostr. However, that's a quick response on how any of this is possible, and most people aren't technically knowledgeable enough to go and research it, let alone have the energy to do so.

That's why we thought it'd be a good idea to explain the tech, what's happening in the background, how the site currently works, why users need to use a new method of registration and login, and how things would change later on.

How does Nostr work?

Nostr is the protocol that DEG Mods is built on and is the core of what makes it possible to have that censorship-resistant and permissionless benefits. To summarize how it works, let's see how almost all sites work in comparison.

Be it a normal blog site like WordPress or Medium, or a social media site like X/Twitter or Facebook, all of them work similarly. There's the site that a person uses to create an account and publish a post on, and that same account is used to post data which gets sent and saved in one or more servers controlled by the site owner. Then, if someone else wants to view that person's post or profile, they'd use that same site to communicate with the one-entity-controlled servers and retrieve the relevant data/information.

That's how almost all sites work. Now, if such a site wants to ban a user or takedown their posts, that central entity (the site owners) can delete that account and/or delete its posts, and it's gone.

So how does a site built on Nostr work in comparison? It differs in two main points, the first being the account creation process, where instead of filling up a form and sending your personal data to have your account created, you'd generate an account, which would produce two keys, a public and a private one (think username and password), and since that process is a mathematical and cryptographic result, that means that you didn't even ask the site to create the account, you just did, whether they liked it or not. You could've also done it offline too, without being connected to the internet. What that means is that they couldn't stop you from making an account, and they can't ban your account. You actually control it.

The other point that it differs from traditional sites is how it handles people publishing content to it and how it retrieves it. Once you create a piece of content, a blog post or a short social post, it creates a file with that data in it, signs it (think like a signature, a unique squiggle/drawing, but happening with math and cryptography) using your public address (username), and that's only possible because you have the private key (password) to do it, then sends that file to multiple different relays (servers) that aren't necessarily associated with the site you're currently using, not controlled by them or by one entity.

So there are multiple copies of your published content spread across multiple servers, controlled by different entities, be it other companies, or random people, and yes, you can run your own as well, to have a backup copy of your content as well as your friends and family and/or select individuals as well, which is very doable since it was made to be easy and efficient, but that's for another post/guide when the time is right. In a sense, the more popular a post is, the more it gets decentralized and strengthens its censorship resistance.

With that said, if someone else wants to see your posts, they'd search for it and view it, and the site they're on would communicate with those decentralized servers to find the content and present it to you.

What all of this means is that you didn't need permission to make an account, or to log in, and you didn't need permission to publish content or view them. What's also interesting is that you would be able to go to another site that's built on the same tech, and in a similar way, publish content there, and it can appear on that first site as well. As an example, imagine if you made a post on Facebook and it appeared on X/Twitter, Instagram, YouTube, and Reddit.

Another point to consider is that it doesn't have to be a site, it can be a PC software or a mobile app as well, and all of them can share similar functionality and data publishing and retrieval.

How does DEG Mods work?

Now that the underlying tech/protocol for DEG Mods has been somewhat explained, here's how we're applying that here with mods.

When you want to register or log into the site, it's mentioned that you need to download and install a browser extension, and what that extension does is create the account for you, create that public and private key pair, store it within it, within your PC, which means that only you know your account, and nobody is in control of it besides you, and with it you'd use it to sign into the site and sign-off on various actions like publishing a mod post, sending a comment, reacting to a post, and so on. Without your signature from that keypair you have in your browser extension, no action would be taken.

With that said, if you somehow lost your keypair, specifically your private key, or somehow it was leaked to someone, there would be no way for you to change that private key or retrieve it. There's no "change password" or "forgot password" process here. With freedom comes responsibility, so keep that in mind.

So, once you've set up your browser extension and have managed to log in, you go ahead and attempt to publish a mod if you're a mod creator, where you fill out the details in the appropriate mod submission page, from the title, body text, screenshots and so on, and then you reach the area where you'd share your mod files with. You don't upload the mod files to DEG Mods / Nostr, but rather upload them to a regular server of your choice, get the file link from there, and add it in its appropriate field. After you add any other relevant data, you publish your mod, and now everyone will be able to view your mod page and download it.

Now, you're probably wondering how mods can be censorship-resistant, as we have claimed, even though the mod files are on another site or person's server where they can delete them. Let's say that scenario happened, where you published a mod, and the download button broke because the server host deleted the files. Your mod post is still up, and your account is still up, so the only thing that's broken is the download button. You'd simply upload the files to a different server host provider, and replace the old link with the new one when you edit your mod post.

The download button is now working again. You didn't have to publish a new mod post, you didn't get banned so you didn't have to find a different mod site and then create a new account, to publish the mod yet again, and didn't have to remarket that new page again and lose out on previous efforts, you also didn't have to rebuild the lost connections with your followers and have them create an account on another site for them to do so, only to continuously repeat this process over and over again as similar scenarios continue to occur. You just simply updated the mod post with a new download link.

This exact scenario happened with one of the mods on the site, where their mod page was taken down from various sites because of a malicious attacker, yet that didn't happen on DEG Mods' end, and even when the download links were taken down and resulted in the download link being broken, the creator simply uploaded it elsewhere and updated the mod post with the new link, resulting in a functional download button again, as if nothing happened. Their mod page on DEG Mods was up the whole time throughout their initial launch month period, whereas everywhere else they've tried has failed them.

They didn't have their mod post/page taken down, their account couldn't be banned, they didn't have to remarket anything again, and they didn't lose the connection between themselves and their fans.

Questions & Answers

We'll most likely update this post with relevant new information as they come, as well as new questions with their answers, and with that said, here are some of those.

Doesn't [insert anti-censorship site here] do the same thing?

From all the current mod sites we've looked into, they're only anti-censorship, as in they're against it, meaning they weren't built from the ground up to be censorship-resistant. They can still take down mod posts, they can still ban you, and you need their permission to post on their site. On DEG Mods, you don't need our permission to do anything, we can't (not won't, can't) take down your mod post, and we can't ban your account. The best we can do is hide posts, and even then all of them are still accessible. As far as we know, in regards to the values of modding, DEG Mods is the first true mod site out there, and others would be categorized as gated mod sites. This might be a bold claim, and we're not above having an inflated ego, so share your thoughts or criticism of the project if you think that's not the case and knock our potentially inflated ego down.

Uploading mod files to other sites is a pain. Isn't there something you can do?

Yes. Luckily, there is new tech out there that brings the same censorship benefits to the mod files themselves, though not necessarily at the same level or power considering these would be much larger files than a normal post would be.

At some point, we'll be utilizing and implementing something called Blossom, and with that implementation, creators would simply drag and drop their fields into the mod submission page and have that mod file (a .zip for example) and have it uploaded to one or more Blossom servers, where it would be packaged and signed using the creator's public key/address, and that file would now be identifiable and verifiable, where people can confirm that it's a file that came from you directly. That same file can potentially be backed up by fans who want to help you out, along with having a backup of the files yourself on your PC, home server, or rented server.

Let's say that your server host doesn't want to provide you with service anymore and has deleted your mod file. What will happen when someone clicks the download button on the mod page is that it'll attempt to search for that same file, since it's identifiable and verifiable by its unique ID, which was created using the creator's signature, searching for it on multiple different available Blossom servers, and brings it back to the user to download it. From the user's perspective, it'd behave normally where they'd just wait for the download to start and finish.

What does that result in? Mod files are now censorship-resistant too.