About

There is an ecosystem of tools to enable git code collaboration over nostr using NIP-34 and GRASP. gitworkshop.dev, ngit and ngit-relay are tightly coupled examples maintained by DanConwayDev and there are others such as n34, budabit, gitplaza, and shakespeare.

The Need

git is a decentralized version control system, yet most freedom tech projects use centralized walled gardens on top of git as a social and collaboration layer for code changes

the most popular is Microsoft's GitHub, and like most big tech companies, it has a history of banning accounts (and repositories) without warning. this creates a real risk of disruption for important projects like bitcoin-core

The Opportunity

whilst alternatives do exist, nearly all of them involve moving to another walled garden, either controlled by a different centralized guardian, or self-hosted which is less suitable for an anarchic project

some projects use patches-over-email: an alternative and decentralized approach that pre-dates GitHub. despite its antiquated tooling, it has a very smooth and effective workflow for those that use it regularly and has proven to scale to very large projects like the linux kernel

ultimately, GitHub remains by far the most popular choice for freedom tech projects. the accessible UX, convenience, inter-connected tooling and network effect are just a few of the reasons

nostr is the ideal permissionless, decentralized, and censorship resistant social layer for the anarchic FOSS code collaboration use case

there is an opportunity to build modern tooling that competes from a UX perspective and has the additional benefit of integrating into a wider social ecosystem

The Philosophy

NIP-34's philosophy can be summed up as:

• let git be git - don't try and reinvent git
• let nostr be nostr - leverage the benefits of nostr
• let users choose their own workflow - support PRs, patches, gerrit-style reviews, or any other workflow. don't be prescriptive about flow or UX

The Solution

NIP-34: Git Collaboration over Nostr

NIP-34 defines how git collaboration can happen over nostr. it supports both patches (with diffs embedded in nostr events) and pull requests (with commits stored on git servers and referenced in nostr events)

for small changes, patches work well - the entire diff is contained in the nostr event. for larger changes, PRs are more efficient - commits are pushed to git servers (like GRASP servers) and nostr events reference those commits

ngit comes with a native git plugin that hides this complexity from users and creates a PR-like experience (see below). it presents patches and PRs as a unified interface, automatically choosing the most appropriate format based on the size of the change. from the user's perspective, they're just proposing changes to a repository

key features enabled by NIP-34:

• flexible workflows - the protocol contains primitives that can support any workflow
• multiple maintainers - repositories can have multiple maintainers with a smooth pathway for transitioning maintainership
• repository state in nostr - the authoritative state (branches, tags, HEAD) is stored in nostr events, reducing trust requirements for git servers
• distributed hosting - repository announcements can list multiple git server URLs, providing redundancy

GRASP: Decentralized Git Hosting with Nostr Authorization

git collaboration over nostr works with any git server - GitHub, GitLab, Gitea, or self-hosted. however, early attempts to integrate with existing git servers revealed a critical UX problem for maintainers: authorization was split between two systems. maintainers had to manage permissions on the git server separately from the nostr-based collaboration layer, creating friction and confusion

GRASP (Git Relays Authorized via Signed-Nostr Proofs) solves this by unifying git hosting and nostr authorization, making it easier for maintainers. like Blossom for media files, GRASP servers can be run anywhere and host repositories from anyone, with all permissions flowing through nostr

this enables a truly flexible git workflow. with GRASP, PRs work by pushing commits to multiple GRASP servers, then publishing a nostr event that references those commits. the maintainer set defined in nostr events controls who can push, eliminating the need for separate git server permissions

key features of GRASP:

• unified authorization - all permissions happen over nostr. no separate git server accounts or access control
• distributed hosting - push to multiple GRASP servers for redundancy and censorship resistance
• flexible hosting models - servers may offer free quotas, require pre-payment, use web-of-trust filtering, or other acceptance criteria
• proactive sync - GRASP servers automatically sync repository data and nostr events from other listed servers
• dual service - each GRASP server provides both a nostr relay and a git service. all git nostr repository data in one place

learn more at ngit.dev/grasp and see the reference implementation ngit-relay

Seamless Git Integration with ngit

a git plugin is integrated into ngit, enabling standard git commands to work directly with nostr-based repositories. this means you can:

• git clone nostr://npub.../repo - clone repositories from nostr
• git push - maintainers push changes branches and tags
• git pull - fetch updates from via GRASP servers
• git push -u origin pr/name-of-change - contributors create PRs with pr/ branch prefix

this integration provides a familiar git workflow while leveraging nostr's permissionless, decentralized infrastructure for authorization and repository discovery

Future Improvements

CI/CD Pipelines via Nostr DVMs

most projects require CI/CD, and while this is often bundled with git hosting solutions, it is currently not smoothly integrated into the nostr git ecosystem. Nostr Data Vending Machines (DVMs) could provide a marketplace of CI/CD task runners with Cashu for micro payments, enabling everything from simple tests to complex deployment workflows. AI agents with NIP60 Cashu wallets could automatically trigger jobs based on repository activity, creating a permissionless and decentralized CI/CD infrastructure. this could also provide a sustainable revenue model for GRASP server runners

read more about CI/CD vision

DVMs for CI/CD

Nostr Data Vending Machines (DVMs) can provide a marketplace of CI/CD task runners with Cashu for micro payments. there are various trust levels in CI/CD tasks:

• tasks with no secrets, e.g. tests
• tasks using updatable secrets, e.g. API keys
• unverifiable builds and steps that sign with Android, Nostr, or PGP keys

DVMs allow tasks to be kicked off with specific providers using a Cashu token as payment. it might be suitable for some high-compute and easily verifiable tasks to be run by the cheapest available providers. medium trust tasks could be run by providers with a good reputation, while high trust tasks could be run on self-hosted runners

job requests, status, and results all get published to Nostr for display in git-focused Nostr clients. jobs could be triggered manually, or self-hosted runners could be configured to watch a Nostr repository and kick off jobs using their own runners without payment

CI/CD Watcher Agents

AI agents empowered with a NIP60 Cashu wallet can run tasks based on activity, such as a push to master or a new PR, using the most suitable available DVM runner that meets the user's criteria. to keep them running, anyone could top up their NIP60 Cashu wallet; otherwise, the watcher turns off when the funds run out. it could be users, maintainers, or anyone interested in helping the project who could top up the Watcher Agent's balance

part of building a reputation as a CI/CD provider could provide a sustainable revenue model for GRASP server runners, creating incentives for many free-at-the-point-of-use hosting providers. this, in turn, would allow one-click Nostr repository creation workflows, instantly hosted by many different providers

Progress to Date

arjen has been working on a runner that uses GitHub Actions YAML syntax (using act) for the dvm-cicd-runner and takes Cashu payment. you can see example runs on gitworkshop. the project is currently dormant but demonstrated the viability of the approach

note: the actions tab on gitworkshop is currently available on all repositories if you turn on experimental mode (under settings in the user menu)

Easy Web App Deployment

for those disappointed not to find a 'Nostr' button to import a git repository to Vercel menu: take heart, they made it easy. there is a Vercel CLI that can be easily called in CI/CD jobs to kick off deployments. not all managed solutions for web app deployment (e.g. Netlify) make it that easy

Other Opportunities

got ideas? please share them and lets explore as a community