With #nostr the every published event is a ‘verifiable credential’

This is the big difference between other efforts where the ‘issuer-holder-verifier’ model that is bolted on top on an otherwise insecure communications infrastructure.

The fundamental problem is that no matter how much engineering, or ‘bolting on’ the issue remains that the roles of issuer, holder, verifier are technologically separated leading to weird power imbalances, mitigated by governance in the shorter term, but the technical architectures win out in the long run.

With nostr, issuer, holder, verifier are all bound together in an npub with an nsec. All npubs are created technologically equal at the outset - all are issuers, holders, verifiers.

Governance is still required, but it is at a different starting point. No party has the technological upper hand, so governance needs to start on which npubs to trust. A government or a spammer start at the same point generating the npub. But the difference with #nostr there is no technological barrier to building a web of trust that is appropriate for the context at hand. The spammer won’t go very far in trust; the government might try to go too far, but #nostr is neutral in each extreme circumstance.


Finally, you as an npub, have the exact same power of issuer-holder-verifier as any other npub. #nostr will not give you any asymmetric advantage, but more importantly, not subject you to any unwanted asymmetric disadvantage that all of the existing ‘bolt-on’ solutions, however mitigated, eventually manifest these disadvantages.

So, to conclude- #nostr makes everyone an equal issuer-holder-verifier. Everyone is equal in capability at the outset (but not necessarily equally trusted)