Tony Giorgio

The man, the myth, the legend.

Embracing Nostr: My Journey from Skeptic to Advocate

I used to despise Nostr. To me, it was a complete hack attempting to call itself decentralized. It wasn't that I didn't believe it was decentralized (instead, I would call it distributed), but I thought it was not architected in a way to hold up. And believing that it would ever gain any adoption or prove itself as resilient seemed nonsensical to me.

I came from the Decentralized Identity (DID) world. To me, that was the solution that had even a slight chance of solving the problems it set out to address. My first "bitcoin" job in 2018 involved a Verifiable Credential-like solution that anchored certificates to an individual's bitcoin address and stored the merkle root hash of multiple certificates onto bitcoin's blockchain in a single transaction. The Verifiable Credential community was intertwined with the Decentralized Identity community, so that's where I got my start with those concepts. I have advised and worked at a few different DID-related companies since then, mainly because I understood it well and thought it was the soundest solution when anyone brought up technical problems they wanted to solve. It wasn't that I enjoyed working on it. In fact, I didn't even mention that it existed at one of my jobs until it was undeniable that it was the exact solution they were searching for.


Upon initial inspection, DIDs seem complex. The core specification is lengthy, and a few supporting specifications accompany it. It took me a while to figure out, but conceptually, it's straightforward. Ultimately, it's an object that references an ID, multiple public key delegations, a list of supporting services the person understands and where they are located, and a signature. The devil is in all the technical specifications and recommendations for generating and parsing a DID. But it's not without reason. I know many talented minds have spent years weighing the pros and cons of each decision.

However, while I still believe DIDs are an excellent solution for identity, their technical complexity is also their downfall. This is combined with the spec writers' need for more product development skills. Some people are brilliant, but if you ask them if they'd rather spend their days arguing over spec decisions, compiling documentation, writing endlessly, or managing processes - they would choose that over building products or startups. It's no offense to them; people are made differently. When you think of the crowd gathering around a solution, it's essential to consider who is in your company and who will build.

(As an aside, it seemed like every W3C event I attended would always end with some people crying about "not being seen or heard" or having a group session to reflect on someone's feelings that were hurt throughout the event. I'll let you form your own opinions about some of the people in that crowd.)

That's not to say that I don't think DIDs will ever gain traction, perhaps eventually. But they need builders. There are far too many talkers. The best chance I see for DIDs gaining any use is if they come in to solve the problems Nostr is terrible at and make it EASY for developers and users.

Change of Mind about Nostr

Besides the technical aspects of Nostr I didn't like, I was also not a fan of social media. I got rid of my Twitter account in 2021 and was generally much happier. I had little interest in using another one. It wasn't until recently that I eventually needed to communicate more broadly online. However, I was not returning to Twitter, which is currently crashing and burning in a massive dumpster fire.

Nonetheless, Nostr can be more than just social media, and there are some exciting things I may need to use it for. For instance, what got me to open my mind to using Nostr in some way within Mutiny was for coinjoin/payjoin-related activity, something Ben Carman revealed to me a few months back. Anonymizing services must know the least information about the participants, including their IP addresses. And when TOR is not possible, one way to accomplish something like that is by publishing messages intended for a service to relays, almost like a VPN. Services can now only see a pubkey (which can be one-time use) and the message contents. No IP information is leaked to the service, as long as they are not operating a relay that the user communicates with. This is great for privacy. A recent bitcoin magazine article by L0la summarizes some of that.

After I was open to the idea of it, one of our initial proofs of concept for Nostr was within the Mutiny Wallet waitlist, which works by allowing someone to sign up via email address or Nostr pubkey. After they sign up with their pubkey, we send them an encrypted DM informing them they are on the list. Another excellent win for privacy since this can be any random pubkey, and it's much easier to obtain than another email address. It was also way easier to integrate than email address sending. We spent a good week going back and forth with our email provider, trying to troubleshoot why emails were not being sent. But in a few hours, Ben got auto DM's working on Nostr.

That core tech for the waitlist got us interested in building Blastr. This serverless relay proxy blasts out your messages to most other relays. We currently get about 25k events per day that we blast out to 300 other relays. Another win for privacy since not all those relays have to tie your pubkey/event to your IP address.

At this moment, I began to realize the potential of what Nostr is excellent at when I look at it in this light: broadcasting. As an identity system, it is lacking. For getting a message out there into the world where only one shared relay needs to see it for it to be helpful to the recipient, it has done a fantastic job. Hopefully, the availability of free relays persists enough for it to be beneficial here.


The biggest thing Nostr has going for it is a community not just of users using it as social media, but for developers as well. Nostr is incredibly simple to develop on and can be incremental as a developer builds more advanced features. This goes back to surrounding yourself with good company. Easy solutions attract developers, which bring better products and more users, some of which will be more developers. The cycle repeats. As more developers come in, the technical problems I have with Nostr start to get fixed, and many already have. That's not to say that all will, and it's not to say that there won't be more problems down the line (there will be). But this playground and early adoption of a community are hopeful for the future of Nostr. I watched from afar, but the Nostr conference in Costa Rica was a beautiful and timely event to help solidify the community even more.

A Long Enough Timeline

I think Nostr has a great chance of becoming useful now and in the medium term. However, on a long enough timeline, it will grow into a similar solution as the early Internet had become. Signing a message with a private key is not a new idea, and it has been done for decades in a standard form that few of us know and use today, called PGP. How many people actually do this? Incredibly few. How many people maintain lists of PGP keys they trust, SSL certificates they trust, or DNS providers they trust? How many people got pushed out of their self-hosted email because of the complexities and censorship added to SMTP?

The idea that Nostr survives this while still being built on top of the same cancerous system that has centralized the Internet is still a joke. However, I'll learn to enjoy it and take advantage of it while I can. Maybe we can make some iterative progress in making the Internet a bit more decentralized. Doubtful; I believe it'll look like it does today on a long enough timeline. The Web of Trust model does not scale, and I have little faith in the "decentralization" of the Internet in the long term.

Final Thoughts

If anything, take advantage of the data interoperability and free relays while you can. Enjoy the lack of censorship with the great community it has built up so far. In the end, Nostr may not be the perfect solution for every problem, but its strengths in broadcasting and its passionate community make it a valuable tool for promoting privacy and decentralization online. Embrace Nostr for what it does well and work to improve its limitations, fostering a sense of collaboration and progress within the community.

And follow my npub: npub1t0nyg64g5vwprva52wlcmt7fkdr07v5dr7s35raq9g0xgc0k4xcsedjgqv