mirror of
https://github.com/nostr-protocol/nips.git
synced 2024-12-23 00:45:53 -05:00
29 lines
2.1 KiB
Markdown
29 lines
2.1 KiB
Markdown
|
# NIP-068 Blinded Nostr Assets
|
||
|
|
||
|
Centralized file storage (e.g. Amazon) is great for availability and speed but susceptible to censorship.
|
||
|
|
||
|
Decentralized file hosting (for images, etc.) is a difficult problem to solve.
|
||
|
|
||
|
Nostr thrives on simplicity, so I'd like to suggest a way of utilizing centralized file storage defensively so that hosts are less likely to censor or deplatform content.
|
||
|
|
||
|
An image (or any file) can be encrypted with a password (maybe AES-256-CBC), given a random filename, and uploaded as a BLOB to a centralized host. The note that references the image URI will also contain the information necessary to decrypt the image. When a client loads a note referencing an encrypted image, it will fetch the BLOB and decrypt it locally to display it.
|
||
|
|
||
|
Although this increases client load, it prevents the host from assessing the stored content without having knowledge of the particular note that holds the decryption information.
|
||
|
|
||
|
This NIP is for defining how a file is encrypted and stored and how it is referenced, retrieved and decrypted in the client so that all clients can consistently recognize and handle blinded assets.
|
||
|
|
||
|
The ubiquitous availability of cheap programmatic cloud hosting can be seen as a kind of decentralized mesh we can use to our advantage as long as the content hosted is uncensorable. If the host can't see the content they won't have a reason to censor it. Unless hosts begin to ban encrypted content, this seems fairly robust.
|
||
|
|
||
|
If this made Amazon upset and they began to siphon notes from relays to index their blinded assets, we have another tool we can use: zaps https://github.com/nostr-protocol/nips/pull/224
|
||
|
|
||
|
Consequently, if a lightning paywall is put up to prevent an angry host from indexing encrypted content, this also serves as a great generalized way for users to monetize their content.
|
||
|
|
||
|
Simply: if enabled, you must zap a note to receive the decryption information to decrypt the media.
|
||
|
|
||
|
There are many ways this paywall could be implemented. I'm looking to the nostr community for ideas.
|
||
|
|
||
|
AES-256-CBC encryption references
|
||
|
|
||
|
- https://stackoverflow.com/a/39412887
|
||
|
- https://www.npmjs.com/package/aes-js
|