Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
nostr-crdt
Advanced tools
[![npm version](https://badge.fury.io/js/nostr-crdt.svg)](https://badge.fury.io/js/nostr-crdt) [![Coverage Status](https://coveralls.io/repos/github/YousefED/nostr-crdt/badge.svg?branch=main)](https://coveralls.io/github/YousefED/nostr-crdt?branch=main)
Readme
nostr-crdt is an experiment to run decentralized, collaborative (multiplayer) apps over nostr. CRDT application updates are sent as Nostr events.
The NostrProvider is a sync provider for Yjs, a proven, high performance CRDT implementation.
Create apps like this and run them over Nostr:
In the examples directory, you'll find some live examples:
When using CRDTs (Conflict-free Replicated Data Types), you don't need to store "the current application state" in a central database. Instead, the state is derived from all updates that have been made.
Nostr-crdt shares these updates using the Nostr protocol as events. Instead of social updates or chat messages (main use-case for nostr), we send an event stream of data model updates (for the rich-text demo for example, updates are "rich-text document edits", for the TODO-list examples, updates are the creation or completion of todo items) over the Nostr protocol.
The main code to create a simple, collaborative TODO list on top of nostr-crdt is < 100 lines (see App.tsx).
An initial event is created to define a "room" (like a document or todo-list). Updates to this room are sent by creating nostr events with an #e
tag to the initial event id (room id).
Updates could be spread across relays, or stored locally in clients and synced at a later moment.
nostr-crdt currently works with Yjs or SyncedStore.
To setup nostr-crdt, 3 steps are needed:
Y.Doc
NostrProvider
import { NostrProvider, createNostrCRDTRoom } from "nostr-crdt";
import { generatePrivateKey, relayInit } from "nostr-tools";
import * as Y from "yjs";
const nostrClient = relayInit("wss://nostr-url");
await nostrClient.connect();
const key = generatePrivateKey();
const ydoc = new Y.Doc();
// Send a first event using Nostr to create a new "room"
// (not necessary when joining an existing room)
const roomId = await createNostrCRDTRoom(doc, nostrClient, key, "demo");
// Create and connect the NostrProvider to the Y.Doc
const nostrProprovidervider = new NostrProvider(
doc,
client,
key,
roomId,
"demo"
);
await provider.initialize();
// array of numbers which produce a sum
const yarray = ydoc.getArray("count");
// observe changes of the sum
yarray.observe((event) => {
// print updates when the data changes
console.log("new sum: " + yarray.toArray().reduce((a, b) => a + b));
});
// add 1 to the sum
yarray.push([1]); // => "new sum: 1"
Note that you don't need to have a connection to a Relay for the demo apps to work. With nostr-crdt you can build local-first apps, and sync over nostr as soon as you're back online.
Read more about the benefits of Local-first software in this essay
The current state is a proof of concept to gather community feedback. Brainstorm of future work necessary:
FAQs
[![npm version](https://badge.fury.io/js/nostr-crdt.svg)](https://badge.fury.io/js/nostr-crdt) [![Coverage Status](https://coveralls.io/repos/github/YousefED/nostr-crdt/badge.svg?branch=main)](https://coveralls.io/github/YousefED/nostr-crdt?branch=main)
The npm package nostr-crdt receives a total of 0 weekly downloads. As such, nostr-crdt popularity was classified as not popular.
We found that nostr-crdt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.