Notes app for decentralized infrastructures (Nostr and Web5)
Blockcore Notes is an app for your public and personal notes. It is built to support the Nostr and Web5 (coming in the future).
The Nostr support for Blockcore Notes relies on using your Nostr identity (public key) and uses a set of relays to publish and store your notes. You can run your own personal relay to always keep a backup of your notes.
The Web5 support for Blockcore Notes relies on using your DID and use your DWN (Decentralized Web Nodes) to publish and store your notes. The Blockcore Wallet already supports and hosts an internal DWN within the extension, this can be used to store a local copy of all your notes.
Blockcore Notes require that you use an extension that keeps your keys secure and is responsible for performing signing of your notes, and performs encryption and decryption for private notes.
We suggest using Blockcore Wallet (Chrome Web Store), but other options are available such as nos2x and Alby.
A goal of Blockcore Notes is to be feature rich and have functionality that goes beyond the NIP-specifications.
- Mobile and Desktop
- Organize people and circles
- Activity Feed (Notifications)
- Following Feed
- Reactions (turn off in Settings)
- Rich Media Support, videos, music, podcast and YouTube.
- Thread View
- Profile View and Edit
- Infinity Scroll (go far back on user posts)
- Import and Export of backup (JSON file)
- Import and Export of contacts (publish)
- Identify Verification
- Browser Extension and Private Key Import supported
- Advanced Relay Management
- Profile Edit
- Notes Management (save notes)
- Media Player (listen to podcasts, music or watch videos while reading feeds)
- NIP-01: Basic protocol flow description
- NIP-02: Contact List and Petnames
- NIP-04: Encrypted Direct Message
- NIP-05: Mapping Nostr keys to DNS-based internet identifiers
- NIP-06: Basic key derivation from mnemonic seed phrase
- NIP-07:
window.nostrcapability for web browsers - NIP-08: Handling Mentions
- NIP-09: Event Deletion
- NIP-10: Conventions for clients' use of
eandptags in text events - NIP-11: Relay Information Document
- NIP-14: Subject tag in text events.
- NIP-19: bech32-encoded entities
- NIP-21:
nostr:URL scheme - NIP-23: Long-form Content
- NIP-25: Reactions
- NIP-26: Delegated Event Signing
- NIP-27: Text Note References
- NIP-28: Public Chat
- NIP-36: Sensitive Content
- NIP-40: Expiration Timestamp
- NIP-42: Authentication of clients to relays
- NIP-50: Keywords filter
- NIP-56: Reporting
- NIP-57: Lightning Zaps
- NIP-58: Badges
- NIP-65: Relay List Metadata
Run ng serve for a dev server. Navigate to http://localhost:4200/. The application will automatically reload if you change any of the source files.
Run ng generate component component-name to generate a new component. You can also use ng generate directive|pipe|service|class|guard|interface|enum|module.
Run ng build to build the project. The build artifacts will be stored in the dist/ directory.
Run ng test to execute the unit tests via Karma.
Run ng e2e to execute the end-to-end tests via a platform of your choice. To use this command, you need to first add a package that implements end-to-end testing capabilities.
To get more help on the Angular CLI use ng help or go check out the Angular CLI Overview and Command Reference page.
Thoughts and ideas:
- Validate the content of certain limit and don't render at all if content is too long, or at least cut the content and only render X length. Then allow users to manually retrieve that exact event upon request.
Data Flow:
- Event received from relays... pushed into an event processor, which pushes events into individual services based upon the type.
- Individual services grabs existing event from StateService, if available, updates (if replaceable event or profile) or simply ignores. Maybe log "observed on relay".
- If not available, push into the StateService and schedule a database put.
- StateService should always keep some items in-memory: Profiles, Circles and more.
There are many ways a web app can be exploited when it allow user contributed content. Any and all measurements to avoid exploits should be done, like sanitizing the input.