There is a currently an active spam attack on Nostr that’s using kind 6 and 7s and generating around 80k spam events an hour.
Seems to mostly be targeting the Damus relay. It’s harder to filter these as rolling pubkeys with Profile meta and nip-05 - and no event content to check spam.
Really throttling and rate limiting is a good start, however we may need better methods.
Are you tracking attacks on relays regularly?
These spam attacks are going to be frequent, you and #[2] have posted about it, we saw it increase when Damus hit the AppStore and every real adoption wave will bring another attack wave.
All the talk of Bitcoin’s security budget, but haven’t seen any of Nostr’s security budget..
I don't see any option for nostr besides 100% paid relays. Either users pay or advertisers pay, but you can do either cost-free or spam-free, can't do both.
Then nostr is doomed, 99.999,% of people won't pay for any social media
Twitter operates on 100% paid servers, I don't see why nostr can't succeed there?
No, it is free to use and post
Not for advertisers.
Yeah but you pay with your data on twitter.
What is the problem to spent 1000 Sats for an active spam-filter. That’s < 50c
And so without commercials or bots
I'm happy if people want to use the ad-supported relays. I will happily pay 1k or 10k sats for a spam filter and ad-free relay. That's the beauty of nostr, we can do both.
But the "100% free" relays will be over in a few months, IMO. That's just not sustainable. In future, I think "free" will be understood to mean "ad supported".
Yeah you may be right.
At this point my relay is at 1000sats lifetime. That may be +-0 for server-costs.
Im ok with that. But if there is maybe a subscription plan in future you can maybe pay 25 Sats a month if adoption is coming in and more and more users use the relays.
Because the costs didn’t raise this much with growing users
We will see what way is Nostr going. But I think it WILL be there in future. This synergy with lightning and bitcoin is too good
I would just use a client that filters ads. You can't force ads without proprietary software
Yes you can, at the relay layer.
What if clients filter them out?
1 in 100 posts from a random keypair with branding. Any pow by clients just adds to the fee charged by the relay.
Very difficult to filter ads at the client layer. It’s whackamole at best and that’s only feasible with money to hire people - you can’t automate against all the methods to advertise.
This is just wrong. When the barriers to entry are right, and paying protects them from the State, people will 100% pay for social media.
This will happen on different timelines in different places but it’s coming everywhere.
Nostr is the opposite of doomed, it’s where the resistance will be born.
Paying doesn't protect anybody from the state. It actually makes it much easier to go after relays.
I think paying a small amount for storage which is cheap may be part of a workable approach. Pay $2/month for 2GB relay storage. Pay a few relays for distribution and redundancy.
But added friction to posting is still not ideal. The trade off is anyone can post including machines and machine cost to post is near zero. Twitter and others still failed and they literally had KYC.
99.999% of people are not paying no matter how you imagine it
That's because they're not people. They're bots.
Always assume that an actor on the internet is a bot, unless they've taken action to prove they are human.
Action like, spending bitcoin to verify their account. There isn't an organization on the planet that can bot-spam for long if each bot costs 5000 sats to exist.
Also, I have no respect for people on nostr that won't zap.
💯 And the bot funders can’t print Bitcoin.
The more they try to control nostr, the higher bitcoin goes, the more difficult it becomes.
How about taking 1sat from zaps and distribute it to servers client is using?
Or just send 1sat/note or reply to relay?
It could be an option. It doesn’t work for lower quantity or targeted spam.
0.000231 Satoshi/USD *1850000 spam events from this recent attack = $427.35.
Question kind of becomes the marketplace one - can someone make more than $427USD with 1.85MM events paid 1 sat/event for?
However, if they pay 1 sat/event and it still can then be filtered as spam, that would really lower the effectiveness. But again, you would need to pay 1 sat per relay you publish to.
Gotta disagree. Friction to posting, if handled right, is EXACTLY ideal. If all public relays only allowed writes that were either from someone with NIP5 verification, or included a zap, then the spam dies from a lack of funding.
Not documenting, but tracking in that spam attacks are both more visible when aggregating relay data, but also potentially more bursty and annoying too.
I’ve got content based spam down to effectively 0 using ML. Just like email spam, some will slip through, but it’s pretty decent and can improve as we scale. I open sourced the training data and code - but I have an update yet to release. Obviously it has limits tho.
This attack is kind of new. It’s more just boating DBs and clogging any relay processing. And events without content, are harder to evaluate without touching the DB to query for state - I have stateless validation works at present.
Could you make your content-based spam reduction ML open source?
We’ve got good diversity in relays at the moment. If we separate relay security and make that global we can retain the optionality for implementations to keep the network strong.
Something like how pihole lists work, relays could access security modules from different people doing different things.
Yep. It’s already open sourced - but I do have another ~7k spam training examples since last push. I also have a bayes Training example in a local commit which works awesome.
I’ll try push my latest commit to GitHub this weekend. Repo below.
Nice, thank you for sharing 🤙
Cc #[2] , is there any similar attack in nostr.mom and nos.lol ?
Thanks for the notice!
Not seeing anything bad on them. Mom would evade this thanks to being IP based. Lol could have been hit but nothing bad as of now.
TIL there is kind 6 😉
Ah nice to hear that, i think more sophisticated spam like this will occur more often, especially if the goal is to disrupt relay performance. More vicious than simple annoying ads spam.
Btw, do you happen found this #[5] and #[6] currently publish event in nostr.mom or nos.lol ? I found them got auto blocked by amethyst
Got some of those spams now in nos.lol
He uses this as content of kind 7: ⚠️
It’s around 1.85MM events so far since 6 days ago. Not constant creation, but mostly continuous.
And it’s a bit of a pain too, because it uses a pubkey for 100 events of kind 6 and 100 of 7, then rolls the pubkey.
100 reactions in an hour is a lot for a human, but not unthinkable. 100 reposts is likely a stretch.
we need pow to send a event....
Is there no NIP for relays that implements PoW?
Lets say the user has to :
sha256(1'000'000 x pubkey of user + user chosen random 64bit number)
if the resulting hash has at least the first 7 bits as 0's the message is accepted by relays.
1 million times the pubkey of the user limits it to max gpu acceleration, as most cheap fpga's do not have enough space for it.
normal users can do the calculation in the background and cache it for future use, so they dont have to wait too long to post something.
There is a remote signed NIP (I think , or just something that’s possible anyway) that allows a user to ask a server perhaps to calculate the event id before it’s signed.
You can’t generate an events id before you know the exact content, as it’s part of the hash.
Potentially instead of pay to relay (either 1/sat, have a relay subscription), perhaps min POW is the other option.
At least one relay required a min POW. The issue is you lose a lot of data for things like the event reactions which may not be by clients who use POW.
Paying 1/sat to a relay instead of burning CPU for POW seems like the more desirable approach.. but PoW as a fallback is nice for anonymity.
POW would be trivial for clients to implement in various places in the nostr protocol. Python-nostr and the bija client have live implementations of event ID POW. I agree that pay to play (sats instead of POW) seems cleaner, but there is something to be said for the accessibility of POW. Setting some static level of POW would effectively remove most mobile clients unless the work was delegated elsewhere.
The nice thing is that event-based POW is more easily delegated than public key POW since the private key isn’t needed for the hashing
Yep. I agree.
I’ve been playing with POW for months now..
Obviously a remote POW service/API and a client that can call it. I’m interested in perhaps building this if anyone is interested.
Something that’s missing today is a clearer POW to $ calculation cost. If we can estimate that better, we know what to charge.
#[2]
