The NOSTR Protocol: Social Media 3.0

Buckle up, buttercup. We’ve got a new way to pass notes online. I’m not sure I can build a Table of Contents here for you, but here’s a quick summary of what this article will be about:

• What is NOSTR?
• Why is NOSTR different than traditional social media platforms?
• How do we use NOSTR?

As most of you know, there’s a TikTok ban looming on the horizon (assuming Byte Dance won’t sell out). This has caused a stir for content-creators who are not only at risk of losing their audience and all the engagement stats and replies on all their posts, but also are facing an immediate stoppage of a source of income that, in some cases, is a major contributor to creators’ budgets.

On top of the possible TikTok ban, the Meta-owned entities have been dialing up the censorship, banning individuals and journalists as well as changing the algorithm to be “less political” in hopes that we will all forget what it was like to have social media without an algorithm. Don’t even get me started on the dumpster-fire that is the app formerly known as Twitter. But all these legacy social platforms have one thing in common: CENTRALIZED CONTROL.

This is where Nostr becomes relevant to everyone who creates content on the internet…

What is NOSTR?

NOSTR itself is a protocol that stands for Notes and Other Stuff Transmitted by Relays. It involves 3 components: profiles, clients, and relays. Your profile is like your account where all your notes get coded. The client is the app you choose to help you code notes and view others’ notes. The relays transmit notes from senders to receivers. Let’s dig into each of these in more detail.

The Nostr Protocol

Maybe you think you don’t understand what a protocol is, but you’ll be surprised to learn that you’re already very familiar with something called SMS protocol, and you probably didn’t even realize it. SMS protocol is a set of rules used to transmit text messages across mobile networks. This protocol is what used to limit our texts to a certain number of characters, and in fact, Twitter was built on the back of SMS protocol as a way to use your cell phone to text-to-tweet with your mobile connection, which was very helpful in times when internet connection was less abundant or purposely being cut-off (a la OWS). That’s why tweets used to be constrained to 140 characters. SMS is a private communications protocol, whereas Nostr is a public communications protocol.

The NOSTR protocol is an open-source set of rules for storing and displaying public posts or ‘notes’ as JSON (blocks of code) that are linked as a chain of ‘events’ to your profile and sent out on one or more relays. These notes are designed in a way to heavily discourage deletion or editing, even by the creator, so think of them as permanent transactions.

Yes, this does sound a lot like blockchain technology, as it should, since it is certainly a web3 tech and shares many of the same advantages (i.e. it’s transparent, decentralized, self-custodial), but NOSTR is technically not a blockchain. I’m not going to go into more about this here, but if you want a deeper dive on what makes Nostr web3 but not quite blockchain, just let me know.

The notes themselves can include text, links, and other media types. There is no character limit on notes or replies, but there seem to be upload limits for videos, which are pretty easily worked around by hosting the video somewhere else and then embedding or linking to Nostr.

Nostr Profiles

Your Nostr profile is established by the creation of a super-encrypted key pair — your public and private key, also known as your npub (pub = public) and nsec (sec = secure) — and is completely controlled by you. This is amazing because it means that no one can control your account or your content in any way, but it can also be a little disconcerting because there is no tech support nor way to retrieve a private key if it gets lost. You have to be accountable for your profile info, but there are tools like Alby that have emerged to help with this key-management issue. This system deters people from trying to hack your account, because the number one way people get hacked is through fraudulent account-recovery attempts (i.e. a bad actor hits “lost password” until they can guess the code and go in and change your email so you can’t get back in, etc.).

Your profile contains your bio — with your picture, description, website, lightning wallet address and NIP-05, which looks like an email address but is actually an identifier produced by a process that you complete to verify your identity and get a verified badge on Nostr — details on how to do that are linked there. Your profile also contains all your notes, replies, engagement data, and all your direct messages, which are basically private notes. All that data belongs to you and is tied to your profile.

When you post to your profile, you digitally sign each post with your keys. In the beginning, this had to be done manually for every note, but now most clients have set up a function to allow auto-signing of notes until you log out of the client. Alby can also help with signing notes if you use web or desktop clients. This ensures accountability on the user-side for any nefarious notes, while protecting the clients and relays from culpability.

There is no such thing as a “private” nostr profile. This helps provide transparency and contributes to the overall “web of trust” on Nostr, alongside not being easily able to delete notes. Think about it… It’s hard to gaslight folks online when you can’t delete or edit your posts. This naturally raises trust levels among users.

Nostr Clients

You use “clients” to create your Nostr notes. A client is an app that allows you to construct notes and engage with other people’s notes (without having to know how to code JSON). Every one of the clients will display your exact same Nostr profile and notes because you’ll sign into every client with your unique private key. Each clients’ search tools are based around hashtags.

Some Nostr clients are web-based and others are downloadable from the app stores. They all have slightly different look-and-feel as well as different features. For example, Damus looks and feels a lot like old-Twitter and has just been updated to show how many reposts a note has, just like Twitter displays retweet stats. It also shows suggested and trending (yes, actually trending, not fake trending lol) hashtags in its search view, which helps you find other creators in your field or niche. Primal includes its own lightning wallet setup, so it seems to work the best for sending “zaps,” or Satoshi tips, to others, and I love their search view with trending hashtags as little bubbles. Plebstr makes it easy to connect to others’ relays and follow folks, and alongside your ‘following’ feed, they have a purely chronological ‘global’ search (which can be a dangerous game if you’re sensitive to shocking or NSFW content, so be careful out there). Plebstr also has an in-app GIF selector, which is definitely a nod to millennials everywhere. Lol.

It’s probably easier for me to show you, so here are some screenshots of how my profile appears on each client that I just mentioned:

This shows my profile view, notifications view, and search view on Damus, an iOS Nostr client.

This shows my profile view, notifications view, and search view on Primal, an iOS Nostr client.

This shows my profile view, notifications view, and search view on Plebstr, an iOS Nostr client.

Notice how the notifications and search features as well as the profile layout are slightly different depending on the client? I can also change my display settings — like to show in dark mode or to auto-blur images — and my privacy settings (i.e. ‘hide notes tagged #NSFW’) in each client separately. But all the clients are simply showing me the same data in different ways, with different ‘shells,’ so to speak. Note: The variance in number of Followers is a little bit wonky, and I believe has to do with relay overlap (or lack thereof), but that will get ironed out as the clients and relays continue to develop.

If I update my profile info (or bio) in Damus, it auto-updates on the other clients because my profile is independent of the clients themselves. If I post to one client, that same post shows on the others. The clients just help me post to, search through, and read from Nostr without having to know computer code.

In general, all clients use a very simple algorithm to populate your “home” feed (a.k.a. fyp) which is basically a command to: display notes from people you follow + people that they follow. This also contributes to the “web of trust” on Nostr because people with no followers, like bots or spammers, will only show up in the “global” feeds and not in your main feed.

Clients are being developed right now to display certain note-types in their main feeds, like video notes or audio notes or even long-form text notes. In this way, these clients can almost mimic current social app functionality like you might see on TikTok or Spotify or Medium, pulling only from Nostr data that meet certain note-type criteria. Any developer or group of devs can build a Nostr client since the Nostr protocol is open source.

Nostr Relays

Similarly, anyone can host a relay — which are the mechanisms by which your notes get passed around. A relay is basically an extremely simple server that is built to relay, or transmit, data between users. You may hear them called “dumb” servers, which from what I understand means they have one job and one job only: to receive and send Nostr data. For this reason, it is easy to take a piece of hardware as simple as a Raspberry Pie and start your own relay that users anywhere in the world can join.

The relay operators can also act as semi-moderators when necessary. So imagine that a person is harassing someone else. The victim in this case has two options: to block/mute the bully and to report them. These reports get logged to the bully’s profile just like any other event and users can even see how many reports have been made against others. In some clients like Amethyst on Android, the bully themselves can view and read the reports on their profile (which I find hilarious). In most cases, reports get routed to the relays that are transmitting the bully’s messages. If the relay is popular and the relay operator is very engaged, they may decide to boot a bully from their relay after a certain number of reports are made against them. This does not stop the bully from keeping their old notes nor continuing to produce notes, it only stops them from sharing to that particular relay. In this way, antisocial behavior can be ostracized from the mainstream without truly censoring anyone.

The other interesting thing about relay operators is that they are the only ones in the Nostr-verse that see all notes’ IP addresses. This was designed to help flag spammers and bots. The idea is that if too many notes are being sent out from the same IP address, the relay will be informed and could choose to boot those profiles. Again, this won’t censor the spammer, it will just make them less annoying to the mainstream crowd. Relays can also see how many followers a profile has and make decisions on whether or not to continue to transmit their notes, so people with no followers may be booted from relays occasionally to clean up the relay.

Why Is This So Different From Twitter?

Allow me use a metaphor here. I know it’s extensive, but I think it’s helpful to understand that we are looking at two very different methods of posting to an audience online. Note: If you’re already a web3 wizard, feel free to skip this section.

In this metaphor, you, the content creator, are a Fish Enthusiast, (humor me, people) and your content, a.k.a. posts or notes, are a collection of your favorite fish.

Legacy social media platforms, a.k.a. Twitter, TikTok, Instagram, Facebook, and yes, even Mastodon, etc., are different Aquariums.

• Once you put your fav fish into an aquarium, the CEO of the aquarium decides what happens to those fish — maybe they get put in the front for everyone to see, or maybe they get shadowbanned.
• Neither the creator nor the visitor has much control over what they get to see at the Aquarium because the tour (algorithm) is programmed to show you the shiniest fish and loop you endlessly into the gift shop.
• The aquarium decides which fish can swim together by separating them into different tanks (servers). For example, most of the aquarium CEOs have decided it’s too “dangerous” for American fish to swim in the same tank as non-American fish. *side eye*
• You can’t take your fish to another aquarium — all you can do is make a clone of the fish or place a flyer (link) to the first aquarium, which is frowned upon by other aquarium owners. If the aquarium shuts down, you don’t get your fish back.
• The aquarium CEO gets rich off the traffic of all the fish enthusiasts coming to see your collection of fishes. In most cases, you get zero besides kudos or clout.

On the other hand, NOSTR is more of a Glass-Bottom Boat Ride.

• As the fish enthusiast using Nostr, you tag all your favorite fish with your profile info (public and private keys) and throw them directly into the sea (open web) and never put them inside any one aquarium or any one tank.
• Nostr clients, like Primal, Damus, Plebstr, Coracle, Amethyst, etc., are the glass-bottom boats that anyone can use to go see all the fish.
• No matter which boat you hop on, you’ll see and engage with the same fish as people on the other boats. Nobody’s fish are artificially hidden or separated from the others. Everybody’s just vibing, checking out all the fish in the sea.
• Nostr relays are currents in the sea, transmitting fish from place to place so different people can see them. You can send your fish along as many or as few currents as you want to reach more visitors. The voice of Crush the Turtle from Finding Nemo is echoing in my brain: “Righteous!”, but I digress.
• If other fish enthusiasts really like your fish, they can “zap,” or tip, you in Bitcoin directly! There’s no aquarium CEO to decide who gets monetized and how many hoops your fish have to jump through to get there. All you have to have is a profile and a lightning wallet set up.

What I just described is the difference between centralized platforms versus a decentralized protocol.

Legacy social media platforms have centralized control with absolutely zero online social safety net. If my TikTok account gets banned, I have no recourse to get that data back — I have no way to go find all the people I used to follow again — I have no digital social portfolio or virtual clout. All that disappears if a centralized platform disappears. I would be forced to start back at zero with a new account on another platform. So many creators have already experienced this due to their accounts being mysteriously disabled by the platform authorities!

With Nostr — that can only happen if all clients and all relays cease to exist. This is what makes Nostr resilient and resistant to censorship. On Nostr, nobody can “take down” my profile or my posts for any reason unless they are purely illegal, in which case the alphabet soup agencies could come knocking because all this is public data on the internet, after all. No one person or committee can implement across-the-board censorship or “anti-bullying” rules such as, “Flag and demote anyone who posts certain emojis” (iykyk), which we all realize now has been a way to control the narrative and tone-police more than to actually ensure people’s safety online. And it also means I am responsible for creating and moderating my own online social experience through following, unfollowing, searching and muting. For the most part, we are all adults here and can manage social interactions, even the controversial, explicit, and conflict-laden ones.

So How Do We Use NOSTR?

Welcome to the fun part! Glad you made it this far!

If you want to use Nostr, here are the four steps to get started.

1. The first thing you want to do is establish your profile and get your public and private keys. I recommend doing this with Primal client because it has an iOS and Android version and you can also complete the next step easily. Remember to store your private key (nsec) offline in a safe location like a password manager.
2. The second thing to do is set up your lightning wallet. If you’re using Primal, it’s super simple to do. But you don’t have to use the Primal wallet — you can hook any lightning wallet to your profile using your lightning wallet address. This allows you to accept and receive zaps, or BTC tips, from other users and instantly monetize your content.
3. The third step is optional, but I went ahead and did it — that is to set up your NIP-05, which is a verification step and adds a verified badge to your account. Here are the instructions on how to do this which includes a list of NIP-05 providers.
4. The fourth and final step is to ENJOY NOSTR. :) Search for hashtags in your interest areas and follow some folks to populate your home feed. Use “#Introductions” in your first note to help other people find and follow you. Engage in the comments of others’ posts to continue to grow your network. Go look at the relays for people you are following and join some of them. Send and receive some zaps! Download other clients and log into them with your private key to see which ones you prefer. The world is now your oyster, and you are its Nostrich. Lol.

If you want to learn more, I highly recommend this info repository. Also ask me any questions in the comments (or better yet, over on Nostr) and I will do my best to answer them or find someone who can. For iOS users, I def recommend trying Primal, Damus, and Plebstr. For web clients, I’ve heard great things about Coracle, Iris, and Snort. For Android or Play Store users, check out Amethyst. Hope this was helpful. I truly believe decentralized social media is the future. Only time will tell.

Until next time, go forth and become ungovernable.

Love y’all.