fiatjaf built Nostr so you can’t be silenced. Jack Dorsey put $10M behind it. The protocol works exactly as designed.

And yet most people still leave within 10 minutes.

Nothing went wrong with the protocol. What’s missing is the trust layer — and nobody built it properly yet.

Open to everyone means open to bots, scammers, and noise. When you remove the gatekeepers, you also remove the invisible scaffolding that made social media bearable. The result is a room where everyone is shouting and nobody knows who anyone else is. Technically free. Practically unusable.

How trust actually works

A stranger approaches you on the street and asks for money — you keep walking. Your best friend calls and says “hey, I need your help” — you drop everything. Same ask. Completely different response. What changed wasn’t the request. It was who it came from.

You run this calculation constantly. You just don’t call it Web of Trust. You call it knowing people.

WoT makes that computable. People you follow: inner circle. People they follow: one step out. Four or five degrees out: strangers. Random pubkeys with no connection to your network: noise.

This is exactly how trust works offline. The question is why nobody built it properly for Nostr yet.

The current situation

Some clients try. Most fail.

Every app implements WoT in isolation — fetching follow lists, computing graphs, caching, invalidating, then doing it all over again on every other client separately. Mobile barely handles it. So most users end up manually blocking spam like it’s early Twitter.

Worse: even when a client does implement WoT, it’s siloed. Trust graph on one client doesn’t carry to another. Users switch apps and go back to zero. They’re not owning their trust layer — the app is. The app can change how it weighs things, what it shows, what it filters — with no transparency and no recourse.

That’s a centralization problem wearing a decentralization costume.

If you’re building a Nostr client and handling trust yourself, you’re becoming the gatekeeper you were supposed to replace. You’re making one trust decision for all your users. That’s not Nostr. That’s Twitter with better branding.

What Nostr WoT is

One extension. The WoT lives there, not inside your app.

window.nostr.wot.getTrustScore(pubkey);

One line. Your client gets trust data without building or maintaining the graph. Filter feeds, flag impersonators, collapse posts outside the user’s trust radius — however you want to use it.

Users define their own rules

Most reputation systems make one decision for everyone. An algorithm decides what’s spam. You can’t see inside it. You can’t change it.

Nostr WoT works the other way. Users set their own scoring parameters — how much weight distance carries, where the trust radius cuts off, what threshold filters content in or out. The graph computation is shared infrastructure. What they do with the results is entirely theirs.

We’re also adding mute list support. Users will be able to block accounts, deprioritize clusters, define their own rules — and none of it leaves their device. Runs locally. The network never sees it. Other Nostr users have no idea what their mutes look like.

On every existing platform, mutes and blocks are data fed back to the platform. They learn from rejections. They use it. Here, the boundary a user draws stays theirs. Locally computed. Locally enforced. Invisible to everyone else.

The infrastructure exists. Use it.

nostr-wot.com — visualize your trust graph in the playground Chrome + Firefox extensions live github.com/nostr-wot — fork it, run your own oracle, contribute contact@nostr-wot.com — we’ll help you integrate

WoT without decentralized infrastructure isn’t WoT. It’s another black-box ranking system with a better name. The protocol gave us user-owned identity. The next step is user-owned trust — and it needs to be built at the infrastructure level, not inside every client separately.