Listen to senior practitioners discuss how to get out of the circle of Web3 products.
Organized by: Square DAO
On February 11, 2023, SquareDao and 2DAO3 jointly held an AMA . We were honored to invite Founder Robert Mao of ArcBlock, COO Moka of Bitkeep, CTO Peter of Particle Network, Founder Wade of Safeheron, and Founder w3tester of zCloak Network . DID, Nostr, who will be the entrance for one billion users to enter Web3?" This topic was exchanged.
guests
· Robert Mao Arc Block Founder
· Moka BitkeepCOO
· Peter Particle Network CTO
· Wade Wang Safeheron Founder&CEO
· w3tester zCloak Network Founder
Activity review
Q1: Please introduce yourself first
Moderator @Patrick: I am from Blue Rush Ventures, and I used to be a Web2 entrepreneur. I am quite familiar with Lao Mao and many people here, because we all came from the Web2 era. Blue Rush Ventures is a relatively well-known USD fund in Web2, with a large scale. For Web3, we cannot miss it. So I'm also looking at related tracks.
Moderator @Vinx: I worked on tens of millions of social products in a big Web2 factory. At that time, I was mainly responsible for registration and login, so I was very curious about wallets, identities, and recently Nostr. From 2015 to 2017, I worked on social products, and from the end of 2016, I devoted myself to Web3. In the past, I have done a lot of solutions for blockchain scenarios, most of which are in the industrial blockchain part.
At the beginning of last year, we came up with an idea. After all, we all had relatively mature methodology training in major Web2 factories, and saw that Web3 has very good technologies, but lacks product strength, so we established 2DAO3, hoping to make more Much of the good stuff and fun stuff from Web2 is going to Web3. This is the original intention of 2DAO3.
Guest @老肖: Hello everyone, I am Laomao, the founder of ArcBlock, who has devoted himself to the blockchain since 2017. Our goal is to create a new generation of cloud computing services with the blockchain as the bottom layer, so that developers can easily develop, deploy and run Dapp, and the experience can be as easy to use as Internet applications in the Web2 era.
Web3 is still in its early days, and the result is a high barrier to entry. Now we have just reached a turning point, and the underlying technology has matured to a certain extent. The public's interest in Web3 began to be strong, and people outside the circle began to look at Web3. If the user onboard problem can be solved, a tipping point will be reached at a certain point in time, and Web3 products will spring up like mushrooms after rain. Although today's Web3 products are broken and not easy to use, once it detonates, many people will suddenly realize that Web3 is really what users need.
Guest @Moka: I also came over from a big Web2 factory. I have worked on a social product application with hundreds of millions of global dau. Now I come to BitKeep to lead the operation, marketing and growth team. BitKeep is a decentralized Web3 Multichain wallet, which can be regarded as one of the wallets with the most abundant swap and nft transaction functions in the industry. Its development goal is to provide the most convenient and efficient one-stop service for global encryption users, from From deposit and withdrawal exchange, cryptocurrency, Multichain asset management to BB transaction, Cross-chain transaction, nft market, etc., all can be experienced with one click.
Guest @w3tester: I am the founder of zCloak Network. I have always been a computer science student. I was studying for a master’s and doctor’s degree in the Netherlands. I also started to accept Bitcoin in a country where the Dutch hacker culture is more prevalent. It was 2011, which was relatively early. We have always understood crypto from the perspective of hackers. zCloak Network is a set of infrastructure for privacy DID based on Zero-knowledge Proof. It is hoped that there will be a decentralized Internet, so that the user's identity and data can be carried out locally instead of in the cloud server, and the user's identity can be truly stored. Sovereignty and data sovereignty are returned to users. So we're very excited about Nostr, and from a technical standpoint, there's a lot of overlap between what Nostr is doing and what we've been doing for two years.
Guest @Peter: I am the CTO of Particle. I was a serial entrepreneur of Web2 before. From 0 to 1, I have made products with hundreds of millions of users in the social and overseas game tracks. I discovered the GameFi track infrastructure by accident. It is very simple, so we cut into the development platform track of building Web3 products. The core of particle is to provide developers with a series of middleware SDKs to help developers deliver their Web3 products better, faster, and more safely. It is positioned as a full-stack development platform. The core is to give the middleware platform to Do a good job and take the initiative to serve developers.
Q2: The world suffers from the application of Web3 killer for a long time. Recently, the Nostr decentralized social protocol has exploded. Its social product Damus has reached a small 100W users in just two months. What imagination space has the explosion of Nostr opened up for us, especially from different perspectives such as product managers, needs, usage scenarios and user pain points, what changes and possibilities has it brought to users?
Guest @老那: My first intuitive feeling after seeing Nostr is that Nostr’s ID is actually the simplest DID, which uses the public key as the user ID to sign and verify messages. It is equivalent to some of the lowest-level and commonly used technologies in the current blockchain. Its plain and simple design makes it possible for a very large number of people to participate.
The design of Nostr is very compatible with the W3C DID system. If the Nostr protocol itself is very successful and is used by many people, it will become a part of DID, or the protocol can be improved so that all people who support DID can use it. very good.
Compared with the Web 2.0 era, when social products sprung up like mushrooms, many products like Facebook and Twitter did not have a clear winner. Users need to maintain their own accounts on different social products, and they cannot communicate with each other. People will wonder if it is possible to make social networks centered on individuals, without the need to register on each platform? But various attempts were unsuccessful until Nostr appeared. Nostr provides a solution for a person-centric social network, which embodies a democratic and transparent protocol, although it still has many problems, but its amazing growth in a short period of time inspires me as a rough and low usability A product has the potential to be successful as long as it satisfies the desires and needs of users.
The innovation lies in its social networking. As a social user, everyone tends to think that the social network belongs to me, not to others. I don't want my voice to be influenced by others.
Guest @Moka: Nostr is a decentralized protocol similar to Web2.5. It does not have an actual chain, but its operation logic is similar to that of the blockchain. It needs to be signed with a private key to transfer money, etc., and it can also be transferred through a public key address. Implement follow users. Its operation is all about the control of a private key, similar to a wallet. The wallet is equivalent to a super hub for users to interact in the decentralized network.
Regarding the possible combination of wallets and Nostr, for example, Damus has a bitcoin tipping function, but the current tipping can only accept bitcoins, and wallet functions such as Lightning Network are still too high for ordinary users. BitKeep Wallet already has a complete red envelope reward function. If combined with Nostr’s capabilities, it can help users lower the threshold of use and improve user experience, and can also reduce gas fees to a certain extent.
Guest @Wade Wang: In the Web2 era, I have worked at Damai.com for ten years as a technical director, turning Damai.com from a niche concert market into a leading concert market. Make Damai.com a monopolistic leader in the concert ticketing market. Later, I entered the currency circle, partnered with Zhao Dong, and became RenrenBit. At the peak, I managed more than 310,000 US dollars, so we have very large security needs. We also considered many related pain points and solutions when we made the wallet.
Nostr is actually very interesting, but there are some problems:
The first question, when registering, it will give the user a public key and a private key. From the perspective of security, I asked some users how to keep the private key. One way is that they directly take screenshots and put them in their mobile phones , that's fine. The second is that he finds it inconvenient to take screenshots, so he pastes the private key directly into WeChat/DingTalk/Feishu for storage. In the third option, he will paste it directly into his notepad. In fact, some security risks have already begun to arise.
The second question, I saw a lot of people posting his public address, but all of them are private keys. For the vast majority of users, especially the novice users on the c-end, they don’t know the public key and private key. difference. I think this is at the product level, or at the technical level to solve this problem.
The third question is that it is still a protocol, not an application. At the protocol layer, its biggest advantage is that it can become every small group, create its own router, and split into many areas. From the perspective of users, its core is to solve the problem of anti-regulation, such as making the information sent by users unable to be deleted. Some users care about the information he saves on social media, which is often in the cloud. The information that users really care about can never be deleted and can be displayed. This is the core. In addition, the platform must also have the function of guiding interaction and interaction. The Nostr protocol gives everyone a possibility, but at the level of developing applications, it still has many thresholds, so we need to give developers more imagination when expanding development. I think the Nostr protocol will exist for a long time, and it will explode at some point in time.
There must be a demand for anti-regulation, but the problem is that you cannot directly tell him to "anti-regulation", which is meaningless. No one understands what "anti-regulation" means. Only experienced groups, he has very big pain points. What kind of users are we trying to capture? It's the users who really, really care about being deleted from social media.
Then why is it not the Chinese who invented Nostr, but the Americans? Iranians and Chinese may feel more deeply about them. But for c-end users, it is like a fish, it only has 7 seconds of memory. It's the same with the coin circle leek. You can't teach humanity. But we can capture what they care most about in many segmented groups.
Guest @w3tester: I look at this from the perspective of self sovereignty. The guest just mentioned that Nostr may be a partial Web2. 5 application. I don't think Jack Dorsey necessarily agrees with this point. Jack Dorsey thinks it belongs to Web 5.
The founder of Nostr is Fiat Jeff, the core developer of Bitcoin and Lightning Network. Jack Dorsey knew that Fiat Jeff was working on such a set of things through his friends, and he donated 14 bitcoins to them to support the development. Unlike many Web3 projects with capital support, this project was born at the grassroots, spontaneous, and independent. The team is not doing Nostr for the purpose of issuing coins. He believes that the existing protocol is indeed problematic and wants to improve it, so he proposes a new protocol.
We return to self sovereignty. Let’s talk about personal sovereignty, and mention that everyone must be able to control their own identity and data. This statement is actually a bit false. Think about it carefully, what do you mean by “I control my identity”? What is my identity? What is my ID? Just now Lao Mao also mentioned that the W3C and DID standards have been established for a long time, but their adoption is still very limited. In the past, DeFi, GameFi, and NFT developed very vigorously. One of the main reasons was that they could make money. Everyone thought it was fun, but the "identity" thing has always been in a tepid state. W3C standards are too complex for most people.
Moderator @Patrick: Can you explain what is the most minimalist DID?
Guest @w3tester: In W3C, DID is an identifier of identity, which can solve the problem of identity distinction. Similar to an ID number, a DID is a unique identifier used to distinguish different people. In the centralized system, the identity is provided by others, and the individual is in a passive situation, for example, the account is withdrawn, and the use of decentralized identifiers can avoid this situation. A humanized identifier is basically required to be globally unique and generated by an individual, for example, the ID number is issued uniformly by the country and is globally unique. Nostr can generate unique identifiers based on cryptography.
In the context of W3C, DID is not a decentralized identity, but an identifier of identity. The identifier is very simple, that is, to solve the problem of who is who in some way. In the real society, everyone has their own ID number, which is given by the state, and everyone is unique. The ID number is an identifier, an identifier. The name is not good, there is a high probability that the person behind the same name is not the same person. The main reason for the decentralized identifier is that in the intermediary system, your identifier is given by someone else. If he gave it to you today, he may take it back for you tomorrow. Your historical social connections and data are gone.
So we say that the decentralized identifier must have at least two conditions: the first is globally unique, and the second is controlled by myself. Like Nostr, based on the principle of cryptography, a random number is calculated locally. This random number is your private key, and the public key corresponding to the random number is the identifier you display to the outside world.
It is slightly different from the public key often mentioned in Ethereum. For example, there are some things that Nostr can do, but Ethereum cannot. Nostr’s identifier is the public key, while Ethereum’s identifier is the wallet address, which is the hash of the public key. When we send a transaction, your public key can be recovered from the transaction (from the signature).
Moderator @Patrick: Mr. Zhang, what impact will Nostr have on your business and wallet DID?
Guest @w3tester: The core of our business has always been the user's self-sovereign identity and data autonomy. After having a self-sovereign identity, the signature can prove that the data is original to me, not someone else. Digital signatures can do different things in two different scenarios.
The first thing is to confirm the rights. For example, if I have something with intellectual property rights, after I post it, I can prove that I posted it first, not someone else, and this must be combined with the timestamp.
The second application is to indicate a support license. For example, if I say something and express a point of view, if I add a signature to this thing, it is tantamount to telling the world that I really said what I said, not someone else said it through my mouth.
The fact that Nostr signs data based on cryptography has achieved a very fundamental paradigm shift.
In the Web2.0 era, the credibility of data is usually strongly correlated with the location where the data is stored. For example, if we want to check a person's ID card data, we usually obtain it through the official database API, so the credibility of the data is relatively high. However, if the person puts his ID card data in a plain text file on his own computer, then we have doubts about the authenticity of the data.
But with Nostr, we generally call it autonomous data or self-certifying data. When your data is digitally signed, you will suddenly find that the location where the data is stored is no longer important, and its source is no longer important. The moment I see this piece of data, I can verify whether the data comes from the public key owner through the signature.
At present, there are still some problems in the Nostr protocol, such as private key and public key management. We are working hard to improve these issues in our own products.
Guest @Peter: We are a middleware platform for service developers and do not have our own c-end products. Nostr is the only Web3 product I have seen that has exploded in the circle of friends and has grown rapidly in terms of data. It also verifies that the current explosion of the entire Web3 application layer is the main aspect. Even if there are still some problems in the product, as long as the core problem is solved and it is valuable to users, it will be supported by users. So I think it is a very good start for many project parties doing Web3 applications.
In essence, everyone is still using cryptography to solve unsolved problems in Web2, such as data ownership and anti-censorship issues. Nostr's underlying protocol is a c-end product for users. Its current underlying DID is not fundamentally different from the public key of the previous DID. The core lies in its explosion in the application of minimalist social application scenarios. In the past, DIDs were more infrastructure-oriented, rather than cutting in from the perspective of application. As for whether it will become a DID standard in the future, such as being adopted by the GameFi project, it is related to user traffic. If Nostr is not popular, many people may not discuss it.
Q3: After the emergence of the Nostr protocol, there are several hotly discussed directions for the improvement of Nostr. The first is to make some technical improvements for Nostr, such as whether it is possible to increase the storage capacity, or achieve the ability of massive persistence like Twitter? The second direction is the improvement of the operation layer, including incentives for relays, ecological construction, etc., and some improvements in the operation layer such as preventing spam. The third direction is the application of multi-scenario. For these three directions, which direction would you suggest that the current Nostr protocol should improve? And which direction is the highest priority?
Guest @Moka: I think these ideas are pretty good. Nostr has indeed achieved decentralized social media. I think one of the most urgent and important things is how to do some decentralized information review with a reward mechanism through the decentralized relayer. Because when the decentralized media grows bigger and bigger, its business growth is very obvious. The obvious business growth will bring all kinds of very rubbish or uncontrollable content distribution. How to keep it decentralized At the same time, it can maintain the stability and health of the ecology, which should be a point that this application can focus on in the next development.
Guest @Peter: First of all, its underlying private key management needs to be improved. At present, for ordinary users, no matter what method you ask him to use to back up, he has no cognition. Even after Nostr is converted Seed Phrase, there are still such problems. So is it possible for Nostr to help users keep their private keys by providing mp c or other better security solutions. In addition, I think Nostr is more critical. It can do some strategies for the migration of the relationship chain of some current social products, such as the friendship relationship with Twitter can be directly migrated to Nostr. In the past, metamask or other plug-in products that brought Web3 experience into Web2 products essentially wanted to add some Web3 functions to existing social networks. If Nostr can communicate with users on Twitter Chain, I think this is a very important thing for its overall development, because the most important thing in social networking is the relationship chain.
Q4: So the first layer is MPC, and the second layer is the relationship chain, both of which are urgent problems to be solved. Mr. Wang, from the perspective of your professional MPC, what suggestions do you have for the current private key storage and Nostr protocol?
Guest @Wade Wang: From the perspective of MPC, it is very easy for existing technologies to support the current private key storage and Nostr protocol.
In our opinion, the private key of MPC is actually very troublesome, including its backup, cloud computing, how to eliminate single point of failure, etc. In fact, there are still many problems. Here we need MPC to be more transparent around the relevant infrastructure, so that more developers can easily extend MPC into their own applications. This is also an important reason why we open source MPC.
Q5: High-end technologies such as MCP and Zero-knowledge Proof, which originally solve asset management and financial asset management scenarios, will give people enough sense of security. But for example, in the direction of Nostr, it is more used in social networking or content distribution. Do you think that in high-frequency and low-value applications, it is also a promotion for the scene, because everyone hopes that technology can explode on a Killer APP. come out:
Guest @w3tester: We sent a Zero-knowledge Proof(zero knowledge proof) on Nostr a week ago, but I did not send the data directly to Nostr, but sent an address like apfs. That's very interesting. Zero-knowledge Proof are a globally visible thing. If the Zero-knowledge Proof is a proof of my identity or other attributes, it means that everyone in the world can independently verify it.
The meaning here is that in social scenarios, Zero-knowledge Proof can be used for proof calculations from 1 to n / 1 to 1, and can use the Nostr social network to prove certain things without revealing any information related to personal privacy.
Zero-knowledge Proof have been widely used in schemes such as on-chain transfers and capacity expansion to protect user privacy. In social scenarios, Zero-knowledge Proof have not been applied yet, based on personal social data, produced content data, personal identity data, sports data, health data and property data, etc. to do Zero-knowledge Proof, relying on Nostr to form a Zero-knowledge Proof The scene of verification and use is that I think it has a very good prospect. In the Web3 era, privacy protection has become a focus of attention, and Nostr can help us achieve safer and more private use and sharing of personal data.
This set of technology is relatively mature in zClock. It is currently undergoing internal testing, and many activities have been held in the community. Nostr has given us a large-scale network for distributing and using Zero-knowledge Proof data, which is also our main practice direction this year. .
Q6: Generally speaking, the current encryption industry has not reached a better plan for privacy regulation. So what do you think based on the existing ones, such as zero-insert wallets and Nostr's existing public-private key system, can better conduct privacy supervision. After all, this is a very important threshold for both Nostr and DID to enter 1 billion users.
Guest @老那: There is no perfect answer to this topic. What I have heard in other organizations recently, and I agree with the basic point of view, is that everyone believes that user privacy should be respected, but in fact users often ignore the issue of privacy leakage in terms of behavior. So there's going to be a huge gap here. This gap is if you pay special attention to privacy, but from the perspective of users, it may constitute an additional burden of use. However, from the perspective of the government, they are just legislators, making demands at a more macro level. For some companies, they always try to obtain a large amount of user data and profit from it, so the relationship between these parties is Very fragmented.
At present, the Nostr protocol uses public and private keys to achieve identity authentication. Although this is not truly anonymous, it is equivalent to doing a double hash of your identify, but the advantage is that you can continue to express a stable identity in a social environment. status. I think from the perspective of whether to protect user privacy, there is actually no essential difference between the method adopted by Nostr and the original traditional Web2 form. However, in traditional Web2.0 companies, users may be required to authenticate with their real names and save all private data, so as to obtain more benefits, but at the same time, companies also face huge liabilities and legal risks. In places like the European Union, companies You will face huge fines and serious legal liabilities. In a distributed social network like Nostr, it is not easy for the government to find the operator of Nostr or a software provider. The personal information of users is a bunch of hash numbers, which is relatively difficult to track and supervise. I think It is a very good and effective means of circumventing privacy regulation.
Q7: I have another question for Patrick. I just posted a picture in the small group, which shows the approximate data of Nostr since its launch: For example, Nostr's global popularity is concentrated in China, up to 80%. Including its highest daily activity reached 84,000 on February 2, it fell by half by February 9, and it was only about 29,000 on February 10. Now it's full of spam. From Patrick's point of view as a vc, will you configure your portfolio in the direction of the Nostr protocol?
Moderator @Patrick: I think first of all, we need to look at this issue at different levels.
I feel that the wallet is a lower layer, and Nostr is on the upper layer. Why didn't I put Nostr on the bottom layer? After all, I don't think it has a consensus layer. It relies on computing power for consensus and encryption.
Once layered, I feel that the previous logic has not changed. We have also started to focus more on the application layer since last year. From this point of view, the application layer will look more at the GameFi class, which can bring mass users and have closed-loop external effects. But today Nostr opened a window, social networking can be like this, the following is a UGC / music can also be like this? I think this must also be an inspiration to entrepreneurs, and I also look at this issue from the perspective of entrepreneurs.
Moderator @Vinx: The summary of each guest just now is very exciting. In fact, the development of the entire Web2 started with social products, such as QQ back then, and then content products, such as Zhihu, Bilibili, etc., followed by communities. We can now see all kinds of communities. Finally, Douyin represents a content distribution mechanism with thousands of people and faces. I think this is the path formed by the evolution of Web2 technology. I have a prediction myself. I am more inclined to believe that content will be the point of explosion of Web3, because Web3 already has a community, but so far, I have not seen a content track in Web3.
I often see people discussing that if Web3 is over-financialized, it will become a niche. We are more eager for it to develop into the consumer market, for example, it can make more contributions to content consumption. So when I saw Nostr, the first thing I thought of was not social networking, but content distribution and protection. As Zhang Xiao mentioned just now, the protection of content, as well as the entire content industry, whether it is music or short videos, pictures or text, I think it may be the track that Nostr should dig deep in the future. When it is time, it may be easier for us to attack social networks that have been well served by Web2.
Q8: From the perspective of functions and user needs, will Nostr bring great changes to the wallet application?
Guest @Moka: Nostr is indeed a phenomenon-level application. Past wallet applications include metamask, which has an absolute leading position in the market, and it is mainly used as a wallet plug-in for PC browsers. Nowadays, the growth of many phenomenal applications starts from the scene. For example, there is a social or game scene first, and then the closed account experience is also done well. Many mobile applications that have independent scenarios and form a closed loop will not access external wallets. Wallet applications need to rethink the future development direction. Although there are some challenges, it is also an opportunity to rethink the future development direction. This opportunity lies in how to design our core positioning in the future.
For us, Nostr must not be an entrance. We position ourselves as a pan-transactional Web3 entrance, providing a variety of scenarios and functions, including wallets, NFT markets, and trading markets. The future direction of transformation is to be able to A pan-transactional Web3 portal that provides users with multiple values and scenarios. BitKeep Wallet can cooperate with Nostr in terms of binding domain names, etc., but the core positioning is trading, because the wallet is still an important channel for users to make Web3 payments. In the Web3 system, there are needs for DID and Nostr, such as displaying unique IDs, achievements, gaining community recognition and popularity, etc., and there are also needs for anti-censorship speech, but some users cannot represent all, we still think that the transaction is at this stage and core needs of the future.
Guest @老那: I think the Nostr protocol itself has no impact on the core business of the wallet, it can be used as an extension of the wallet. When Nostr was very popular, our wallet directly built a web version of Nostr, so that our wallet users can directly enter Nostr. Nostr has a NIP that allows private keys to be provided externally, but I think this poses a serious security risk. The Nostr protocol is only an application layer protocol and has no impact on the core of the wallet. If a lot of interesting applications can be developed on Nostr, these applications can support wallet login, and use Nostr to deliver messages or content, it will be feasible. The XMTP protocol invested by S61 may be affected by Nostr. This is a message protocol that claims to be a blockchain wallet. I think it is a big blow to them. Of course, it depends on how well they run. Fast or not.
Regarding the DID as a wallet scenario, will it be replaced by Nostr? I don't think so at all. Because Nostr is the underlying communication or message content distribution protocol, it uses a public key as an identifier. Nostr needs someone to manage the private key corresponding to the public key, otherwise these public keys will not be effectively managed and used. At present, Nostr products are relatively primitive, causing many people not to pay attention to it, and it cannot meet actual needs. However, if Nostr can be better developed, it will be able to better support various types of wallet needs. Although Nostr's community is primarily made up of Bitcoin's OGs (Original Owners) rather than Ethereum supporters, Nostr is an open protocol that everyone can build upon and improve upon.
Guest @Wade Wang: From the perspective of the b-end, there are two types of enterprises in the b-end:
One is that customers need to follow the compliance route and be supervised, such as banks, and there are many centralized exchanges or asset management platforms:
If they want to do asset management business, they must build a custody system, and there are three pain points:
First, how can the private key of the hot wallet avoid being stolen? There are two ways of being stolen, one is internal engineers, the other is hackers;
Second, how to manage hot and cold wallets by multiple people;
The third is the problem faced by all trading centralized platforms. How can he convince all users in a technically verifiable way that the platform cannot and will not misappropriate coins.
These are three problems that have not been well resolved from 2017 to now, so there is MPC.
In addition, you have this technology, how can you prove that your technology is good? Traditional institutions don't believe you. They believe in the ISO27001 made by the Big Four. After something goes wrong, they must have insurance. Finally, they have to complete the financial supervision bureau's credibility assessment of its technical security. Their biggest concern is compliance.
Another type of customers are Web3 developers or development teams. The route they take is completely open source, transparent, and decentralized. Issues they face include:
The first is the customer's private key, how to eliminate single-point hidden dangers;
The second is how to use Web2 experience to do Web3;
The third type, if you are involved in MPC, you need to know that different chains, different algorithms, etc. have their own adaptations, and everyone will see whether you have open source, and whether your open source code has been audited by the algorithm. At present, there is only one company in the world that is doing audits——Switzerland's Kudelski Security is doing MPC algorithm audits.
If you want to use MPC, the open source project I recommend is ZenGo, which is the most open source and has very high performance. At the same time, he also passed the audit of the Swiss company. The other is Unbound Security in Israel, which was acquired by Coinbase, and in Asia, it is us, Safeheron. The three companies are continuously open source and updated, and the development languages used are also different. For example, our Safeheron uses C++. This development language can better use MPC across platforms, such as browsers, mobile phones and servers. ; And it can be adapted to different TEE encryption chips, such as Intel SGX, to achieve hardware-level trusted encryption protection.
As for the relationship between MPC and Nostr, MPC is more low-level. We provide Web3 wallets with MPC capabilities, such as privatization or customization. Nostr is just a protocol, it does not need to consider this matter, theoretically all wallets can be adapted.
Single-point problems still require MPC, and we prefer to open source from the cryptography level, often in a decentralized way, to provide this capability to more developers. The current MPC has a shortage of IT resources, which leads to only a small number of wallets doing MPC
Guest @w3tester: In fact, the reason is very simple. The Nostr protocol only stipulates the method and algorithm for generating public and private keys. In theory, all wallet products can be adapted to Nostr. The public key signature algorithm he uses is the improved Schnorr Signature of the basic Bitcoin. As long as the wallet product supports this signature algorithm, you already support Nostr. So the wallet and Nostr are in a mutually supportive relationship. If you are the provider of the wallet, you can directly add social network + end-to-end encrypted communication infrastructure to the product by adopting the Nostr protocol. I think it is a good thing, so everyone should embrace it.
From a narrower point of view, the wallet is mainly an asset-oriented function. Today, Snort and Damus on Nostr have launched the post-based Lightning Network tipping function. A guest mentioned the creator economy earlier, and it took only a week on Nostr to realize it. I write an article and post it directly on Nostr, and everyone can reward bitcoin based on my post. The hack spirit of the open source community is very strong.
Guest @Wade Wang: An independent wallet should not be the entrance for users to enter the Web3 world. Next, the wallet may allow users to do more authorization management. Users do not need to enter external webpages in Metamask, but do fund transfer and control through authorization. The point of being divided into two core layers is that the application layer relies on common protocols and can do micropayments, high-frequency payments, etc. He can even do some risk control strategies similar to WeChat at the protocol layer.
Nostr let everyone see a possibility. One of the points just discussed is what would he do if he made a wallet? Taobao is also the first to do e-commerce and incubate Alipay. Things that have been subverted, such as Stephen's in the Solana ecosystem, has been proven to be a popular c-side application, which can strip off the entire underlying basic things and use it as an independent service. In essence, everyone integrates the payment scenario into their high-frequency scenario.
@host: Alright, we’re almost done talking today, thank you for your participation!
