Imagine that Facebook, Twitter, Instagram, Tumblr, TikTok, were all just different interfaces on the same feed. And that no corporation controlled what could go on the feed. And it was all done with proper encryption. That's pretty much what Nostr is about.
Nostr isn't a site. It's not a social network (per se). It's a protocol (a set of standards) that developers can use to build social media and messaging services. It is based on "relays" that are the servers that transmit and store the events in the feed. Existing social media companies could, theoretically, integrate with Nostr, but it's unlikely that they will.
Nostr is designed to be censorship free. Since there's no corporation setting the rules - you can literally post anything you want. That doesn't mean you'll want to post certain things, but you can. (More about that in a moment…)
The first thing to mention is that Nostr is really rough around the edges right now. It's bleeding edge tech with lots of gotchas. So one valid answer to "how does it work?" is "not as well as you might hope". But that will change - Nostr is just getting started.
The three components of Nostr are:
Click here for a longer explanation of clients, relays & media servers
The cool part about Nostr is that you're not tied to one website or app (which are called Nostr "clients"). Like the social media you use now - a client can be a website or an app. You can switch with zero effort, or even use more than one client at a time.
Typically clients don't save your data. Most clients just temporarily pull your feed and display it. Clients pull that data from "relays" - which are incredibly important and something you'll need to give a little bit of thought to (though not too much). There are big, free relays (with lots of spam), and then there are smaller paid relays. The big free relays will eventually delete what you post. The paid relays won't (unless you violate one of their rules). Given that Nostr is just starting out the paid relays are inexpensive and there may be ways to get the equivalent of a paid account for free.
Most of the paid relays allow you to read from them for free - they only charge to post. Which makes sense - posting means they have to save something in their database, and that wouldn't have much value if it weren't widely accessible.
You'll want to make sure that your posts are written to the major free relays (so lots of people see your posts), plus at least two quality relays. That way there isn's a single point of failure for your social media life.
The other complication is images and videos. Relays only store the text of your message - not the images or videos. Most of the Nostr clients have an upload button that stores your image/video on a media server. But like free relays - there's no guarantee they won't eventually delete your image/video. They also will want payment. AND posting sexually explicit content is probably against their terms of service - so what you post may be deleted and you may be banned from using them. What you can do is upload to a sex-friendly media server and then include the URL in your post. It's not quite as elegant, but it's a lot safer in the long run.
One thing that may seem confusing is that you don't login to Nostr with a user name and password. The guys who came up with Nostr (they all seem to be male) came from the world of Bitcoin. So when you sign up you'll be given a "public key" (aka "npub") and a "private key" (aka "nsec"). Given the magic of cryptography all you need to login is your private key. They can actually figure out your public key from your private key.
Your private key isn't exactly a password - currently you can't change it (though they're talking about making that possible). If a hacker gets your private key that's kinda the end of your account. Which means you have to be very careful about which clients you use - only use ones you trust. There is a way to generate temporary private keys - but I'm still figuring that process out - so more on that another time.
Your public key / "npub" is your unique name in the world of Nostr. But it's a horrid (literally cryptic) 63 character string. You'll never remember your npub, so there's a way to have a more user friendly name most often called a "NIP5 identifier". It can either be a domain name (if you have a vanity domain or are working for a brand), or it can look like an email address (but it's not an email address). While your npub won't ever change, you can change your NIP5 identifier.
While you'll probably mostly use Nostr to post public "notes" on your feed, you can also use Nostr to do messaging with someone else. The thing is, while your message is encrypted end-to-end - the metadata for the message that gets it from you to the recipient isn't encrypted. It's a bit like talking to someone in a noisy bar - people can see that you're talking, but can't hear what you're saying. If you need more privacy than that you should probably use an app like Signal.
One of the other features of Nostr is built in payments using the Bitcoin Lightning network - which you can sort of think of as "bitcoin light" since it's "off-chain". This is great for the crypto bros who started Nostr since they all have Bitcoin wallets, but it will take regular folks (called "normies" on Nostr) a while to get up to speed. But it's there when you decide to take the plunge.
Nostr was designed from the ground up to fix the major problems with the current social media options: