Replying to Avatar SimplifiedPrivacy.com

Who decides what to censor as spam?

Nostr and Lens solve the "spam and scam" problem by having the client decide. For example Amethyst for android will hide posts from accounts that others report as scams. These "others" are defined by people you follow, but this essentially puts it up to a community vote of large influencers to silence you.

On Lens, once you're labeled spam, you appear in the "show more" of comments. This is a huge turn-off to new users with no followers, who are treated like lower class citizens.

Farcaster solves it in a similar way, but by having the official team label it, and then since their client is so large and influential, their list is often distributed to other clients. This is absolutely horrible and way too centralized. While it's true that posts to your followers would still show up, they are effectively silencing your comments.

Session has zero censorship for mass DMs in the way I use it, even under outright sanctions. The nodes don't even know I am the sender, and I'm assigned new receivers if they drop me. That's why I like it. But the market likes simpleX more because it rotates encryption keys, so it's tough to get new followers. Can't fight the market.

Bastyon solves the problem by a community vote for outright illegal content, to get it off the nodes, such as child porn and narcotics sales. The voters are picked based on their total upvotes, called "reputation". I disagree with this approach, as if we're going to vote, it should be the nodes hosting it (like Arweave does)...

Files on Arweave have an unofficial vote, where the nodes can opt out of storing it. And if all the miners chosen in a block opt out, then there's no financial penalty for dropping the content. But if they have the content and others don't, then they have a financial advantage to mine that block over competitors. This approach is good for websites, but for a social network with permissionless replies, it's way too passive.

Therefore:

I disagree with all these solutions.

In my view, the best way to handle spam (in a permissionless system) is to allow the original poster to decide which replies are spam. Then the end user can decide to toggle on or off "criticism and spam" for the replies. After all, if you're following someone, you trust their judgment on the subject they are speaking about. And this decentralizes the decision to each individual poster.

Now I do the ironic thing, and turn it over to my replies. Do you think this approach is right?
Avatar
Katja Lutz 1y ago

Another interesting option if the spam problem on nostr increases, would be a proof of work based captcha like https://mcaptcha.org/. Basically the nodes could ask the clients to solve such a proof of work captcha, no human involvement.

Reply to this note

Please Login to reply.

Discussion

Avatar
SimplifiedPrivacy.com 1y ago

for desktop, proof of work is great.

for mobile phones, most people won't want to do it

Avatar
mister_monster 1y ago

To both of you, you might be interested to know about NIP-13 which allows relays and clients to require proof of work before doing anything with a note. So no capcha or anything like that required, if relays began requiring this or clients began requiring it it would work just like hashcash for spam mitigation, I would like to see more nostr software implementing this.

https://github.com/nostr-protocol/nips/blob/master/13.md

Avatar
SimplifiedPrivacy.com 1y ago

how they dealing with the phone issue?

Gossip has PoW already

Avatar
mister_monster 1y ago

Well it's up to clients to generate the proof of work required by either relays or other clients fetching notes, and to implement filtering for follows based on a proof of work if the user desires.

It's a difficult problem, because you can't have user defined PoW thresholds that their follows don't know about, it's really best filtered by relays. Say I have a PoW requirement that the note id must start with 3 0s, but a follow produces them starting with 2, I won't get his notes. If I trust a relay though to require it and if there's some way for a relay to tell a client what it's PoW requirement is, then it's not a problem. PoW doesn't really affect your curated feed positively, it affects spam to relays, and if youre viewing a global feed, it can be used client side to hide spam at the cost of hiding basically everything from relays that don't require it.

As far as phones doing the PoW, that's not really that big of a deal. Some relays might require a high threshold to reduce spam, and if a user is incapable of producing it in a timely manner he can just publish to other relays, and if I'm big on following him I'll fetch his posts there. That relay might have a spammy global feed but as long as you're only fetching your follows from it it doesn't affect you.

Avatar
SimplifiedPrivacy.com 1y ago

I hear you, and I personally think if the relays filter at a low threshold it should be fine, but if they up that, then you'd likely want a majority of the client devs (including mobile) to be on-board in education of whats going on