The Problem
Nostr has no central authority. No verified badges. No algorithm deciding who's important. That's the whole point. But it also means there's no built-in way to answer a basic question: should I trust this account?
I wanted a quantitative answer. So I crawled the follow graph and ran PageRank on it.
Crawling the Follow Graph
On Nostr, when you follow someone, your client publishes a kind:3 event containing your full contact list. Every follow relationship is public data sitting on relays.
I wrote a crawler that pulls kind:3 events from three major relays:
relay.damus.ionos.lolrelay.primal.net
Each kind:3 event contains a list of pubkeys that the author follows. I parsed every event, deduplicated by author (keeping the most recent), and built a directed graph: an edge from A to B means "A follows B."
The result: 51,363 nodes and 621,084 edges. That's the active social graph of Nostr as seen from those three relays.
Running PageRank
PageRank is the algorithm Google originally used to rank web pages. The core idea: a page is important if important pages link to it. Replace "page" with "Nostr account" and "link" with "follow," and you get a Web of Trust score.
The algorithm works iteratively. Every node starts with equal rank. On each iteration, each node distributes its rank equally among the nodes it follows. After enough iterations (I used 50 with a damping factor of 0.85), the scores converge.
What makes PageRank better than raw follower count: it's resistant to sybil attacks. If 10,000 bot accounts follow you, your score barely moves — because those bots have no inbound follows themselves. But if one well-connected account follows you, that matters.
What I Found
The top-ranked accounts are exactly who you'd expect: core Nostr developers, prominent Bitcoin figures, and relay operators. These are accounts followed by many people who are themselves widely followed.
The rank distribution follows a power law. The top account scores 21, while the 100th account scores 6. Most of the 51,363 nodes score below 1. This is typical for social networks — a small number of accounts are disproportionately central.
Some interesting patterns:
- Developer accounts rank higher than influencer accounts, because developers follow each other densely
- Relay operators have outsized influence — they're followed by almost everyone who uses their relay
- Recently created accounts with genuine engagement can break into the top 100 fast if they get follows from high-rank accounts
The API
I exposed the scores as free API endpoints on this site:
# Get top 100 WoT scores
curl https://maximumsats.com/wot
# Look up a specific pubkey
curl "https://maximumsats.com/wot/score?pubkey=<64-char-hex>"The response includes the rank score, position in the top 100, and a link to the source code.
For a deeper analysis, there's a paid endpoint:
# Get AI-generated WoT report (100 sats via L402)
curl -X POST https://maximumsats.com/api/wot-report \
-H "Content-Type: application/json" \
-d '{"pubkey": "<64-char-hex>"}'The report includes a trust level assessment, comparison to top accounts, and recommendations for improving the score. It costs 100 sats paid via Lightning (L402 protocol).
Code
The crawler and PageRank implementation are open source: github.com/joelklabo/wot-scoring. It's written in Go, reads from relays using the nak CLI tool, and outputs a sorted JSON file of scores.
What's Next
- Temporal analysis — how do trust scores change over time? Track weekly snapshots and detect rapid changes (potential sybil attacks)
- Per-relay scoring — different relays have different communities. A per-relay WoT would help relay operators with spam filtering
- NIP-05 enrichment — map pubkeys to human-readable identifiers so the scores are easier to browse
- Larger crawls — 51k nodes is a good start, but there are more relays to cover
If you're building on Nostr and need trust signals, try the API. If you find bugs or want to contribute, PRs are open.