Posts state: "Real Nostr clients don't require any servers, they can work completely on the client side." Threads criticize apps becoming inaccessible when a domain name expired and call to "circumvent" web/domain flaws to build Nostr clients that "can't be controlled by anyone." Includes nostr event id: nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68. Keywords: nostr, dns, domain, clients, expired, webauthn, nsec, nist.
Created 3 days ago • 31 documents • Range: 12/28 3:28pm – 12/28 7:11pm
"> PWA in my opinion will be the most insecure one so far. > > It doesn't matter how long the developer can maintain for the app or the domain itself. The moment the domain gets expired (which could be anytime), The same PWA app just stops working like it used to be. > > It doesn't matter when it was hosted at vercel or github pages where it could live for quite long because the moment the owner of the domain changes, It could go either dead or ended up being malicious. > > Doesn't matter the fact that the key has been stored in encrypted string. Since the update of an PWA app can be pushed at anytime without user's knowledge, It can be compromised by the owner at anyway. --- Yonle, not a long ago."
I agree, however, it's great for those who want to deliver a service to people in a closed and controlled system like iOS, and potentially a to-be-closed system like google-android. Let's assume both iOS and Google-Android are super locked down (well, iOS already is), and they won't allow a service/tool i've built to be distributed on their OS (or they would if they KYC me and/or demand undesirable changes, both of which I wouldn't want to do for example), but users want it. So, assuming my service/tool can be a PWA, so I make/release it, and while it does have the downsides and risks you mentioned, users on those locked systems are able to use the service/tool I made now, bypassing the case of Apple and Google.
Encrypted messaging only works if it survives failure. That’s the flaw nostr:nprofile1qyv8wumn8ghj7enfd36x2u3wdehhxarj9emkjmn99uq3jamnwvaz7tmswfjk66t4d5h8qunfd4skctnwv46z7qpqzuuajd7u3sx8xu92yav9jwxpr839cs0kc3q6t56vd5u9q033xmhsfce088 points to in even the best centralized tools: one company, one infrastructure, one outage away from silence. nostr:nprofile1qy88wumn8ghj7mn0wvhxcmmv9uq3wamnwvaz7tmjv4kxz7fwwpexjmtpdshxuet59uqzqawhxlp5wfr3q2wyfpmtxvxj9ppg3fp80x6erghdfk4pcmq8a7hhwp9puf uses Nostr and novel cryptography to remove the server as a choke point. If one relay fails, you move on. Secure communication shouldn’t depend on permission or uptime from anyone else. Watch full episode on nostr:nprofile1qy28wumn8ghj7mtfwdekkete9ejx2umfvahqzrthwden5te0dehhxtnvdakqqgxup0q7qdfxz7mm6rm4dpr06y80lrtg22nut2n7zyacr8mp05lc3u69jf2l & zap ahead! 😉 https://blossom.primal.net/ee71f6689996b4bd7116b8223e541a642a95c51d37a770d2439e6dc7fdc493fc.mp4
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
nak - can do auto post - schedulineg
Exhibit B nostr:nevent1qvzqqqqqqypzq77777lz9hvwt86xqrsyf2jn588ewk5aclf8mavr80rhmduy5kq9qyghwumn8ghj7mn0wd68ytnhd9hx2tcppemhxue69uhkummn9ekx7mp0qqs0gj2wtukkxx9zyrnkq0e0m57q5jzqsxmdzhtxmc7vj5wtf4zp0fgty0t4p
"NIP-05 is weird... It's supposed to be a mapping to a DNS identifier, so it sounds logical to use DNS for that - but no, you have to use HTTP/S and a well-known file. I guess I understand that it's more universal through well-known, but it still seems weird to me Or am I missing something?"
You aren't missing anything, web developers are just not familiar with DNS so unless your API is JSON bullshit, you are facing headwinds with web devs. So you won't get as much cool hackathon demos. It might be smart to use the worse tech to acquire Devs... It is depressing though when you get neither.
and i hate to admit it to you, but you #nostr users & devs back then seems very excited about PWA apps replacing the natives. now that the SSL certification expired thing happened, You see that yourself now, right? quite ironic, yet, really unfortunately stupid. nostr:nevent1qqsf2mt3jupuvnsuhqxkla699qn92746yz4vwwgp2hgyfdzle6v29wcpzdmhxue69uhk7enxvd5xz6tw9ec82c30qgsrg73rwzgq6xd5u36kyg2ef69a5ur2uhrcthsfuk0yvp0ergplf8qrqsqqqqqpf30xu9
> PWA in my opinion will be the most insecure one so far. > > It doesn't matter how long the developer can maintain for the app or the domain itself. The moment the domain gets expired (which could be anytime), The same PWA app just stops working like it used to be. > > It doesn't matter when it was hosted at vercel or github pages where it could live for quite long because the moment the owner of the domain changes, It could go either dead or ended up being malicious. > > Doesn't matter the fact that the key has been stored in encrypted string. Since the update of an PWA app can be pushed at anytime without user's knowledge, It can be compromised by the owner at anyway. --- Yonle, not a long ago.
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
🔴 Muslims follow all prophets and messengers, peace be upon them ⚠️ God has said in the Quran: { They say, "Be Jews or Christians [so] you will be guided." Say, "Rather, [we follow] the religion of Abraham, inclining toward truth, and he was not of the polytheists."( 2: 135 ) Say, [O believers], "We have believed in Allah and what has been revealed to us and what has been revealed to Abraham and Ishmael and Isaac and Jacob and the Descendants and what was given to Moses and Jesus and what was given to the prophets from their Lord. We make no distinction between any of them, and we are Muslims [in submission] to Him." (2:136)}
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
That part makes sense. But how would you make a nostr metrics client? If I remember right Artur was from a web-crawling background and made is own nostr crawler from scratch. Or you mean just for publishing, like writing daily stats events to the relays?
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
Already worked on / working on what you're thinking. On what I've built (still in-dev) resulted in no more reliance on DNS at all, IANA / IP can 'not' be the identity target but rather an NPUB would be, and there's no reliance on CA to co-sign your cert, you self-sign and it's still secure without a need for validity expiration. Here's a short demo: https://files.catbox.moe/84bw6j.mp4
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
yup.
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
on it / already have a DNS solution called DNN =3 (not released yet, but can video-demo / there are one/two clips of it)
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
Assuming this one has its project files somewhere that is accessible, then it would work without a server, i'm assuming. The presented issue isn't the nostr client itself (i assume, i didn't use it), but rather people's reliance on 'nsec.app', their reliance on that one domain, on that one individual that controls it, to present people with the project that it has. The issue is people's reliance on ICANN-DNS/IANA and CA. With that said, I'm building the solution, and progress so far is DNS issue is handled (no reliance), and CA issue is handled as well (no reliance). IANA is half-handled and ready to be future handled for a future where mesh internet (example: Tollgate) becomes more of a thing. Once this solution is up and running (calling it DNN), I'd imagine people would just grab the hash of a project (like nsec.app), slap it in the address bar and download/use it (or load/use it) from whever it can be grabbed from (someone will make this or me i didn't think too much about this specific process in this parapraph).
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
But hey, secp256k1 is "edgy" isn't it? 🤪
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
Those guys of course. Though you could make a technical argument that something like Ed25519 is a better choice for this kind of use case. Or ML-KEM for interop with Chrome's post quantum hooks. Or this or that. Anyway, we're not talking about reinventing the whole internet based on secp256k1. Right?
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
yes, we should go back to http, and make the encryption protocol level :p
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
Then run it on a PC and you can access it from the browser of any device in your LAN.
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
I guess nostr:npub1xdtducdnjerex88gkg2qk2atsdlqsyxqaag4h05jmcpyspqt30wscmntxy runs both of these domains, which would explain why they’re down at the same time. I haven’t found the repo for nsec.app yet to try running it locally.
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
Are all these things because of secp256k1 or because these guys who made these things decided to not support it?
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
Biggest issue there imo is secp256k1. It's just not a curve you can easily do this kind of core infra stuff with. It's not supported by passkeys (webauthn), it's not supported by SubtleCrypto, it's not supported by the secure enclaves of iOS or Android devices, you can't use a secp256k1-based certificate to sign a tls 1.3 handshake, then there's JWTs, JOSE, list goes on. It's just absent from a ton of web standards. mainly because it isn't NIST-stamped, so it's sidelined most places by secp256r1. Basically if the goal from the start is to replace the certificate chain and all the rest, secp256k1 is definitely not what you'd choose.
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
nsec.app shouldn't require any servers, it runs in your browser. Or at least that's what I was told.
"NIP-05 is weird... It's supposed to be a mapping to a DNS identifier, so it sounds logical to use DNS for that - but no, you have to use HTTP/S and a well-known file. I guess I understand that it's more universal through well-known, but it still seems weird to me Or am I missing something?"
In browser, using DoH (DNS over HTTPS) is pretty common nowadays. Yes its gateway, but at least you do not need to reveal your IP with direct requests to every domain
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
This is the way nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
nostr:nevent1qqszu7h8rzzdw6ss0drlnhmyd2qmu4m2eaqcsu67vd9xk7v6dr0np6gpramhxue69uh5ummnw3ezuetfde6kuer6wasku7nfvuh8xurpvdjsdtgl6u
"NIP-05 is weird... It's supposed to be a mapping to a DNS identifier, so it sounds logical to use DNS for that - but no, you have to use HTTP/S and a well-known file. I guess I understand that it's more universal through well-known, but it still seems weird to me Or am I missing something?"
Is there a way to validate DNS txt records from the browser? On the other hand, its much lower barrier of entry if you have your own domain to upload a file instead of mocking with the dns entry.
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
I have posted notes directly from the CLI and it feels like a superpower.
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
These are not just clients, they are tools like a metrics dashboard, search engine, and remote signer. But yes, there needs to be a way to access these tools that doesn’t depend on DNS and hosting providers.
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
Primal?
"Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68"
Well said
Real Nostr clients don't require any servers, they can work completely on the client side. The fact that we have apps that still work perfectly well but are now inaccessible because a domain name has expired (or whatever) is some bullshit we inherited from the "web" world that we should try to circumvent, not embrace. There are multiple ways to circumvent these flaws and build true Nostr clients that can't be controlled by anyone, not even by their original author. nostr:nevent1qvzqqqqqqypzpmnw5yatnljuff5w47d35d87q99xddqpzlzsac4xzn6vm22ekmn5qyghwumn8ghj7mn0wd68ytnvv9hxgtcqyrghpn2v42mf9h4e983s2dsczxeev5vngdvz30l7zzhw99r676dp2qdpa68
