@ c1e9ab3a:9cb56b43

# 1. Introduction Modern election systems must balance **privacy** (no one sees how individuals vote) with **public verifiability** (everyone can confirm the correctness of the tally). Achieving this in a decentralized, tamper-resistant manner remains a challenge. Nostr (a lightweight protocol for censorship-resistant communication) offers a promising platform for distributing and archiving election data (ballots) without relying on a single central server. This paper presents a design where: 1. Each *voter* generates a **new ephemeral Nostr keypair** for an election. 2. The election authority (EA) **blind-signs** this ephemeral public key (npub) to prove the voter is authorized, without revealing which voter owns which ephemeral key. 3. Voters cast *encrypted ballots* to Nostr relays, each carrying an **OpenTimestamps** proof to confirm the ballot’s time anchor. 4. **Re-voting** is allowed: a voter can replace a previously cast ballot by publishing a *new* ballot with a *newer* timestamp. 5. Only the *latest valid ballot* (per ephemeral key) is counted. We combine well-known cryptographic primitives—**blind signatures**, **homomorphic or mix-net encryption**, **threshold key management**, and **time anchoring**—into an end-to-end system that preserves anonymity, assures correctness, and prevents double-voting. --- # 2. Roles and Components ## 2.1 Voters - **Long-Term (“KYC-bound”) Key**: Each voter has some identity-verified Nostr public key used only for official communication with the EA (not for voting). - **Ephemeral Voting Key**: For each election, the voter **locally generates** a new Nostr keypair \((nsec_e, npub_e)\). - This is the “one-time” identity used to sign ballots. - The EA never learns the real identity behind \(\npub_e\) because of **blinding**. ## 2.2 Election Authority (EA) - Maintains the **official voter registry**: who is entitled to vote. - **Blind-Signs** each valid voter’s ephemeral public key to authorize exactly one ephemeral key per voter. - Publishes a **minimal voter roll**: e.g., “Voter #12345 has been issued a valid ephemeral key,” without revealing which ephemeral key. ## 2.3 Nostr Relays - Decentralized servers that store and forward events. - Voters post their ballots to relays, which replicate them. - No single relay is critical; the same ballot can be posted to multiple relays for redundancy. ## 2.4 Cryptographic Framework 1. **Blind Signatures**: The EA signs a blinded version of \(\npub_e\). 2. **Homomorphic or Mix-Net Encryption**: Ensures the content of each ballot remains private; only aggregate results or a shuffled set are ever decrypted. 3. **Threshold / General Access Structure**: Multiple trustees (EA plus candidate representatives, for example) must collaborate to produce a final decryption. 4. **OpenTimestamps (OTS)**: Attaches a verifiable timestamp proof to each ballot, anchoring it to a blockchain or other tamper-resistant time reference. --- # 3. Protocol Lifecycle This section walks through **voter registration**, **ephemeral key authorization**, **casting (and re-casting) ballots**, and finally the **tally**. ## 3.1 Registration & Minimal Voter Roll 1. **Legal/KYC Verification** - Each real-world voter proves their identity to the EA (per legal procedures). - The EA records that the voter is eligible to cast one ballot, referencing their long-term identity key (\(\npub_{\mathrm{KYC}}\)). 2. **Issue Authorization “Slot”** - The EA’s voter roll notes “this person can receive exactly one blind signature for an ephemeral key.” - The roll does *not* store an ephemeral key—just notes that it can be requested. ## 3.2 Generating and Blinding the Ephemeral Key 1. **Voter Creates Ephemeral Key** - Locally, the voter’s client generates a fresh \((nsec_e, npub_e)\). 2. **Blinding** - The client blinds \(\npub_e\) to produce \(\npub_{e,\mathrm{blinded}}\). This ensures the EA cannot learn the real \(\npub_e\). 3. **Blind Signature Request** - The voter, using their **KYC-bound key** (\(\npub_{\mathrm{KYC}}\)), sends \(\npub_{e,\mathrm{blinded}}\) to the EA (perhaps via a secure direct message or a “giftwrapped DM”). - The EA checks that this voter has not already been issued a blind signature. - If authorized, the EA signs \(\npub_{e,\mathrm{blinded}}\) with its private key and returns the blinded signature. 4. **Unblinding** - The voter’s client unblinds the signature, obtaining a **valid signature** on \(\npub_e\). - Now \(\npub_e\) is a **blinded ephemeral public key** that the EA has effectively “authorized,” without knowing which voter it belongs to. 5. **Roll Update** - The EA updates its minimal roll to note that “Voter #12345 received a signature,” but does *not* publish \(\npub_e\). ## 3.3 Casting an Encrypted Ballot with OpenTimestamps When the voter is ready to vote: 1. **Compose Encrypted Ballot** - The ballot can be **homomorphically** encrypted (e.g., with Paillier or ElGamal) or structured for a **mix-net**. - Optionally include Zero-Knowledge Proofs (ZKPs) showing the ballot is valid (one candidate per race, etc.). 2. **Obtain OTS Timestamp** - The voter’s client computes a **hash** \(H\) of the ballot data (ciphertext + ZKPs). - The client sends \(H\) to an **OpenTimestamps** aggregator. - The aggregator returns a **timestamp proof** verifying that “this hash was seen at or before block/time \(T\).” 3. **Create a “Timestamped Ballot” Payload** - Combine: 1. **Encrypted ballot** data. 2. **OTS proof** for the hash of the ballot. 3. **EA’s signature** on \(\npub_e\) (the blind-signed ephemeral key). 4. A final **signature** by the voter’s ephemeral key \((nsec_e)\) over the entire package. 4. **Publish to Nostr** - The voter posts the complete “timestamped ballot” event to one or more relays. - Observers see “an event from ephemeral key \(\npub_e\), with an OTS proof and the EA’s blind signature,” but cannot identify the real voter or see the vote’s contents. ### 3.4 Re-Voting (Updating the Ballot) If the voter wishes to revise their vote (due to coercion, a mistake, or simply a change of mind): 1. **Generate a New Encrypted Ballot** - Possibly with different candidate choices. 2. **Obtain a New OTS Proof** - The new ballot has a fresh hash \(H'\). - The OTS aggregator provides a new proof anchored at a *later* block/time than the old one. 3. **Publish the Updated Ballot** - Again, sign with \(\npub_e\). - Relays store both ballots, but the *newer* OTS timestamp shows which ballot is “final.” **Rule**: The final vote for ephemeral key \(\npub_e\) is determined by the ballot with the **highest valid OTS proof** prior to the election’s closing. ## 3.5 Election Closing & Tally 1. **Close Signal** - At a specified time or block height, the EA publishes a “closing token.” - Any ballot with an OTS anchor referencing a time/block *after* the closing is invalid. 2. **Collect Final Ballots** - Observers (or official tally software) gather the *latest valid* ballot from each ephemeral key. - They confirm the OTS proofs are valid and that no ephemeral key posted two different ballots with the **same** timestamp. 3. **Decryption / Summation** - If homomorphic, the system sums the encrypted votes and uses a **threshold** of trustees to decrypt the aggregate. - If a mix-net, the ballots are shuffled and partially decrypted, also requiring multiple trustees. - In either case, individual votes remain hidden, but the final counts are revealed. 4. **Public Audit** - Anyone can fetch all ballots from the Nostr relays, verify OTS proofs, check the EA’s blind signature, and confirm no ephemeral key was used twice. - The final totals can be recomputed from the publicly available data. --- # 4. Ensuring One Vote Per Voter & No Invalid Voters 1. **One Blind Signature per Registered Voter** - The EA’s internal list ensures each real voter only obtains one ephemeral key signature. 2. **Blind Signature** - Ensures an *unauthorized* ephemeral key cannot pass validation (forging the EA’s signature is cryptographically infeasible). 3. **Public Ledger of Ballots** - Because each ballot references an EA-signed key, any ballot with a fake or duplicate signature is easily spotted. --- # 5. Security and Privacy Analysis 1. **Voter Anonymity** - The EA never sees the unblinded ephemeral key. It cannot link \(\npub_e\) to a specific person. - Observers only see “some ephemeral key posted a ballot,” not the real identity of the voter. 2. **Ballot Secrecy** - **Homomorphic Encryption** or **Mix-Net**: no one can decrypt an individual ballot; only aggregated or shuffled results are revealed. - The ephemeral key used for signing does not decrypt the ballot—the election’s threshold key does, after the election. 3. **Verifiable Timestamping** - **OpenTimestamps** ensures each ballot’s time anchor cannot be forged or backdated. - Re-voting is transparent: a later OTS proof overrides earlier ones from the same ephemeral key. 4. **Preventing Double Voting** - Each ephemeral key is unique and authorized once. - Re-voting by the same key overwrites the old ballot but does not *increase* the total count. 5. **Protection Against Coercion** - Because the voter can re-cast until the deadline, a coerced vote can be replaced privately. - No receipts (individual decryption) are possible—only the final aggregated tally is revealed. 6. **Threshold / Multi-Party Control** - Multiple trustees must collaborate to decrypt final results, preventing a single entity from tampering or prematurely viewing partial tallies. --- # 6. Implementation Considerations 1. **Blind Signature Techniques** - Commonly implemented with RSA-based Chaumian blind signatures or BLS-based schemes. - Must ensure no link between \(\npub_{e,\mathrm{blinded}}\) and \(\npub_e\). 2. **OpenTimestamps Scalability** - If millions of voters are posting ballots simultaneously, multiple timestamp aggregators or batch anchoring might be needed. - Verification logic on the client side or by public auditors must confirm each OTS proof’s integrity. 3. **Relay Coordination** - The system must ensure no single relay can censor ballots. Voters may publish to multiple relays. - Tally fetchers cross-verify events from different relays. 4. **Ease of Use** - The user interface must hide the complexity of ephemeral key generation, blind signing, and OTS proof retrieval—making it as simple as possible for non-technical voters. 5. **Legal Framework** - If law requires publicly listing which voters have cast a ballot, you might track “Voter #12345 used their ephemeral key” without revealing the ephemeral key. Or you omit that if secrecy about *who voted* is desired. 6. **Closing Time Edge Cases** - The system uses a *block/time anchor* from OTS. Slight unpredictability in block generation might require a small buffer around the official close. This is a policy choice. --- # 7. Conclusion We propose an **election system** that leverages **Nostr** for decentralizing ballot publication, **blinded ephemeral keys** for robust voter anonymity, **homomorphic/mix-net encryption** for ballot secrecy, **threshold cryptography** for collaborative final decryption, **OpenTimestamps** for tamper-proof time anchoring, and **re-voting** to combat coercion. **Key Advantages**: 1. **Anonymity**: The EA cannot link ballots to specific voters. 2. **One Voter, One Credential**: Strict enforcement through blind signatures. 3. **Verifiable Ordering**: OTS ensures each ballot has a unique, provable time anchor. 4. **Updatability**: Voters can correct or override coerced ballots by posting a newer one before closing. 5. **Decentralized Audit**: Anyone can fetch ballots from Nostr, verify the EA’s signatures and OTS proofs, and confirm the threshold-decrypted results match the posted ballots. Such a design shows promise for secure, privacy-preserving **digital elections**, though real-world deployment will require careful **policy, legal, and usability** considerations. By combining cryptography with decentralized relays and an external timestamp anchor, the system can uphold both **individual privacy** and **publicly auditable correctness**.

@ 6e0ea5d6:0327f353

People naturally gravitate toward what they are already good at, often neglecting the development of complementary essential skills—creating an asymmetric growth. However, this common imbalance is a mistake we don’t have to repeat. To stand out, one must seek completeness. If you possess natural intelligence, don’t rely solely on it—strengthen your body through physical training or martial arts. If you are naturally athletic, nourish your mind with great books and intellectual content. Aspiring to excellence demands this balance: When your ambition is to be a king, you must first become a warrior-scholar. Staying on the throne depends precisely on this deliberate fusion of seemingly opposite strengths. "The society that separates its scholars from its warriors will have its thinking done by cowards and its fighting done by fools." — Thucydides "If your son is quiet and intelligent, emphasize boldness, leadership, and physicality. If your son is tall and impulsive, emphasize learning, mindfulness, and critical thinking. You cannot be a complete man when you only have 50% of the equation." Thank you for reading, my friend! If this message resonated with you, consider leaving your "🥃" as a token of appreciation. A toast to our family!

@ 8da249fe:ecc00e09

É um sistema eletrônico de dinheiro P2P, ou seja, é uma forma de dinheiro essencialmente digital, onde as pessoas podem transacionar sem precisar de um intermediário ou estar sujeito a autoridades centralizadas (Sistema Financeiro Governamental). Ou seja, não há nenhuma existe de "Casa da Moedas" que façam o controle de dinheiro circulante e factíveis a movimentos artificiais de manejo de crises econômicas que pioram o processo de estabilização financeira. Para que o Bitcoin não seja alvo de fraudes e golpes o controle é feito por um sistema colaborativo de todos os usuários que validam suas transferências em um sistema de audição que chamamos de blockchain. Como o Bitcoin funciona? A moeda Bitcoin é um item eletrônico colecionável criando de forma de ser induplicável e não copiável. Este tipo de "arquivo" eletrônico tem propriedades de dinheiro, quando há o envio deste arquivo é retirado do seu local de armazenamento e transferido para outro sem gerar cópia. Todas as transferências deste tipo de "arquivo" são registradas em um livro contábel que tem o nome de blockchain. Por isso que o Bitcoin é de fato uma moeda e não algo que possa ser um método de estelionato. Pois há uma auditoria voluntária de todos os usuários na Blockchain garantindo que não haja fraude e injeção de Bitcoin de forma artificial no sistema.

@ dbb19ae0:c3f22d5a

Using Nostr_sdk 0.39 (Latest) module to send dm ```python # test with 0.39 # working import asyncio from nostr_sdk import Client, NostrSigner, Keys, PublicKey, init_logger, LogLevel async def send_direct_message(nsec, recipient_npub, message): init_logger(LogLevel.INFO) sender_keys = Keys.parse(nsec) sender_client = NostrSigner.keys(sender_keys) client = Client(sender_client) public_key = sender_keys.public_key() print(f"From Public key (npub): {public_key.to_bech32()}") await client.add_relay("wss://relay.damus.io") await client.connect() print(f"to Public key (npub): {recipient_npub}") await client.send_private_msg(PublicKey.parse(recipient_npub), message, []) await asyncio.sleep(10) print(f"Message sent") if __name__ == '__main__': nsec = "nsec1 ... replace with your nsec" recipient_npub = "npub ... replace with npub to send dm" message = "Hello there, this is a message!" asyncio.run(send_direct_message(nsec, recipient_npub, message)) ```

@ 7a7d16c9:1a700636

Watched an awesome [video](https://youtu.be/QEJpZjg8GuA?si=ceYEbMeFO-Ind6KO) from one who I subscribe on YT. I've been trying to put my finger on what it is that I don't like about the major social media platforms. Alec Watson gave me the answer in one of his latest videos: "Algorithmic Complacency". TLDR: Rather than read, watch, and collaborate with those I follow online, modern social media platforms like to tell me what content I should consume. Nostr, Bluesky, and Mastodon don't do this - I can see what I want and what I don't, without relying on a computer algorithm to tell me. This got me thinking about my own use of social media platforms and my recent adoption of the Fedi-verse to circumvent the machine telling me how I should consume online content. I don't subscribe to any one platform. I've not found one that addresses all my online social needs, nor one that feature the diverse audiences I follow. Here's a rundown of what I use: YouTube - the easiest of the bunch. YT has become my new binge TV. Initially a frequented site for learning how to replace a garbage disposal or to learn some of the tricks with Davinci Resolve, YT quickly became my platform of choice for learning and entertainment content. Yes, YT has an algorithm and provides recommendations - it's how I found Technology Connections - but I like that I can use the subscriptions feed to just see content that I follow in addition to that which YT recommends. Facebook - the favorite with the old guard. TBH, I've never liked big tech owning my voice on the Internet. I'd have deleted my FB account along with X and Instagram, long ago, except that it's the one platform that my family uses. My mother uses Facebook, so do my distant cousins, but only a subset use the other platforms, and none use the Fedi-verse. FB remains as the one platform for me to post the occasional vacation photo and to find out that my cousin got married last week - and no I didn't get an invite. Vero - I'm a photographer and love to post some of my more interesting art pieces online for feedback, so I can improve my craft. I used to use Instagram, until it went over to the algorithm dark side and filled my feed with short-form video. Vero maintains to be what Instagram used to be. I've not checked out Pixelfed (yet). Mastodon - After Musk took over Twitter and rebranded it to X, I swiftly left and moved to Mastodon. I hate the idea of a single business entity owning my content and right to free speech online. Like many, I have my own issues with Musk and his business practices and shouldn't have to deal with them as part of my online presence. Mastodon was and still is, the place where I get to collaborate with people I've never met in person on likeminded topics of interests. Mastodon relies on federated servers, which people own; so, there's that to consider. I've managed to find a server that caters to my interests and fulfills my desire to collaborate online. Then comes Nostr... My friend \_@briangreen.net introduced me to Nostr. As a long-term orange-pill advocate, I was thrilled to join Nostr to collaborate on the latest Bitcoin and Crypto news. I will say that Nostr appears less diverse in topics but that's rapidly changing as I am now seeing a lot of posts on photography, meshtastic, and other personal interests of mine. I love that Nostr is not so much a platform, but a federated protocol. I don't have to subscribe to any one app and web site to post and read content. For now, I use both Mastodon and Nostr to scratch my online collab itch. A nice thing about the Fedi-verse is that there's plenty of cross-posting apps. I use [OpenVibe](https://openvibe.social/) to post and consume content in one place. Their app is slick and works as advertised. How do you use social media? Is Nostr your only platform, or do you still use the traditional ones?

@ 460c25e6:ef85065c

If you don't know where your posts are, you might as well just stay in the centralized Twitter. You either take control of your relay lists, or they will control you. Amethyst offers several lists of relays for our users. We are going to go one by one to help clarify what they are and which options are best for each one. ## Public Home/Outbox Relays Home relays store all YOUR content: all your posts, likes, replies, lists, etc. It's your home. Amethyst will send your posts here first. Your followers will use these relays to get new posts from you. So, if you don't have anything there, **they will not receive your updates**. Home relays must allow queries from anyone, ideally without the need to authenticate. They can limit writes to paid users without affecting anyone's experience. This list should have a maximum of 3 relays. More than that will only make your followers waste their mobile data getting your posts. Keep it simple. Out of the 3 relays, I recommend: - 1 large public, international relay: nos.lol, nostr.mom, relay.damus.io, etc. - 1 personal relay to store a copy of all your content in a place no one can delete. Go to [relay.tools](https://relay.tools/) and never be censored again. - 1 really fast relay located in your country: paid options like http://nostr.wine are great Do not include relays that block users from seeing posts in this list. If you do, no one will see your posts. ## Public Inbox Relays This relay type receives all replies, comments, likes, and zaps to your posts. If you are not getting notifications or you don't see replies from your friends, it is likely because you don't have the right setup here. If you are getting too much spam in your replies, it's probably because your inbox relays are not protecting you enough. Paid relays can filter inbox spam out. Inbox relays must allow anyone to write into them. It's the opposite of the outbox relay. They can limit who can download the posts to their paid subscribers without affecting anyone's experience. This list should have a maximum of 3 relays as well. Again, keep it small. More than that will just make you spend more of your data plan downloading the same notifications from all these different servers. Out of the 3 relays, I recommend: - 1 large public, international relay: nos.lol, nostr.mom, relay.damus.io, etc. - 1 personal relay to store a copy of your notifications, invites, cashu tokens and zaps. - 1 really fast relay located in your country: go to [nostr.watch](https://nostr.watch/relays/find) and find relays in your country Terrible options include: - nostr.wine should not be here. - filter.nostr.wine should not be here. - inbox.nostr.wine should not be here. ## DM Inbox Relays These are the relays used to receive DMs and private content. Others will use these relays to send DMs to you. **If you don't have it setup, you will miss DMs**. DM Inbox relays should accept any message from anyone, but only allow you to download them. Generally speaking, you only need 3 for reliability. One of them should be a personal relay to make sure you have a copy of all your messages. The others can be open if you want push notifications or closed if you want full privacy. Good options are: - inbox.nostr.wine and auth.nostr1.com: anyone can send messages and only you can download. Not even our push notification server has access to them to notify you. - a personal relay to make sure no one can censor you. Advanced settings on personal relays can also store your DMs privately. Talk to your relay operator for more details. - a public relay if you want DM notifications from our servers. Make sure to add at least one public relay if you want to see DM notifications. ## Private Home Relays Private Relays are for things no one should see, like your drafts, lists, app settings, bookmarks etc. Ideally, these relays are either local or require authentication before posting AND downloading each user\'s content. There are no dedicated relays for this category yet, so I would use a local relay like Citrine on Android and a personal relay on relay.tools. Keep in mind that if you choose a local relay only, a client on the desktop might not be able to see the drafts from clients on mobile and vice versa. ## Search relays: This is the list of relays to use on Amethyst's search and user tagging with @. **Tagging and searching will not work if there is nothing here.**. This option requires NIP-50 compliance from each relay. Hit the Default button to use all available options on existence today: - nostr.wine - relay.nostr.band - relay.noswhere.com ## Local Relays: This is your local storage. Everything will load faster if it comes from this relay. You should install Citrine on Android and write ws://localhost:4869 in this option. ## General Relays: This section contains the default relays used to download content from your follows. Notice how you can activate and deactivate the Home, Messages (old-style DMs), Chat (public chats), and Global options in each. Keep 5-6 large relays on this list and activate them for as many categories (Home, Messages (old-style DMs), Chat, and Global) as possible. Amethyst will provide additional recommendations to this list from your follows with information on which of your follows might need the additional relay in your list. Add them if you feel like you are missing their posts or if it is just taking too long to load them. ## My setup Here's what I use: 1. Go to [relay.tools](https://relay.tools/) and create a relay for yourself. 2. Go to [nostr.wine](https://nostr.wine/) and pay for their subscription. 3. Go to [inbox.nostr.wine](https://inbox.nostr.wine/) and pay for their subscription. 4. Go to [nostr.watch](https://nostr.watch/relays/find) and find a good relay in your country. 5. Download Citrine to your phone. Then, on your relay lists, put: Public Home/Outbox Relays: - nostr.wine - nos.lol or an in-country relay. - <your.relay>.nostr1.com Public Inbox Relays - nos.lol or an in-country relay - <your.relay>.nostr1.com DM Inbox Relays - inbox.nostr.wine - <your.relay>.nostr1.com Private Home Relays - ws://localhost:4869 (Citrine) - <your.relay>.nostr1.com (if you want) Search Relays - nostr.wine - relay.nostr.band - relay.noswhere.com Local Relays - ws://localhost:4869 (Citrine) General Relays - nos.lol - relay.damus.io - relay.primal.net - nostr.mom And a few of the recommended relays from Amethyst. ## Final Considerations Remember, relays can see what your Nostr client is requesting and downloading at all times. They can track what you see and see what you like. They can sell that information to the highest bidder, they can delete your content or content that a sponsor asked them to delete (like a negative review for instance) and they can censor you in any way they see fit. Before using any random free relay out there, make sure you trust its operator and you know its terms of service and privacy policies.