Replying to Avatar utxo the webmaster 🧑‍💻

Maybe proof of work/vanity npubs could be a better solution to spam than PoW notes

PoW notes can really degrade performance/UX if we want it to be sufficiently high to compete with spammers

But a pow npub is just a one time delay, which is reasonable for a legit user

Then we expand WoT to trust follows and proof of work?
Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

this is what i've been saying for the last 6 months, based on my experience with proof of work shitcoins and building PoW consensus algorithms (since 2018)

vanity addresses are a fairly robust proof because currently anything from about 8 characters of required npub (and it could just as easily be hex, there is a rough 1:1 between them just that hex is 4 bits and npubs are 5 bits per character), takes weeks to generate

there currently isn't any significant tech to accelerate derivation of public keys, so the bitcoin secp256k1 BIP-340 X-only key derivation function is the current baseline for each bruteforce attempt to find such a key

but i think it's inevitable that soon there will be at least AVX/AVX2/AVX512 parallel derivation libraries, i remember a couple of years ago seeing some early work and a paper about this

it's a big calculation using modNscalar functions but this is something that can definitely be parallelized, and i'd expect modern processors could see the ~10 minutes for 5 (25 bits) npub vanity key mine pushed down to 1-2 minutes (my key has 5 vanity characters currently, took me 4 days with btcd/decred schnorr pubkey derivation library, but now with bitcoin core secp256k1 library only 10 minutes)

unlike the signatures, which is one of the things that we benefit from in relay and client implementations from the simpler Schnorr algorithm (it eliminates a division operation, which is the slowest) the pubkey derivation is identical between ecdsa and schnorr and the only actual difference is you leave out the first (left hand side MSB) out, be it 2 or 3 normally, it is not needed for either the signatures or for the ECDH shared secret computation

so, yeah, what i'm gonna say is that it is going to kick the can down the road another few years maybe, but ultimately there will be parallel key miners using AVX and if it really becomes valuable, someone will make FPGAs to increase the parallelism

you will see, once you understand all of that, why i'm saying that it's a dead end and eventually will be forgotten

to me you all look like proof of work shitcoiners talking about this stuff, circa 5 years ago, before it became obvious that the game theory causes consolidation of proof of work mining power and why we have the zero to one principle of money (and ultimately languages, in the internet era)

Reply to this note

Please Login to reply.

Discussion

Avatar
Low Information Voter 1y ago

All true, but I think you overestimate how many Nostr-spammers have that skillset.

People with that skillset have much more profitable things to do with their time.

Threat modelling needs to be step 1.

41
Deleted Account 1y ago

While I do agree with you about people having much more profitable things to do with their skill set…

It only takes one obsessed, very powerful person and one black hat on their payroll (which they have, in abundance)

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

the replyguy kinda ends the discussion as far as i'm concerned

causing trouble is cheap on nostr right now, that is a threat that needs to be considered seriously since there is not so much risk of a profitable scam attack at this point

we have to raise the price above thet most determined seeker of lulz

Avatar
Cameri🐦‍🔥 1y ago

Thats why I think there should be a minimum of PoW on every single note, some energy required to post whatever, doesn’t matter if you are a legitimate user or spammer.

Avatar
Girino Vey! 1y ago

just pressure clients to implement NIP-13.

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

i wish i didn't hear this so often from people

if it's worth money, it won't be within reach of regular users

if it's not worth money, nobody is going to spam

Avatar
Cameri🐦‍🔥 1y ago

Is reply guy is making money? The cost is so cheap today that even the amount of money lost is peanuts to the average spammer.

I’m advocating for raising the cost floor, not keep it free/cheap as it is today. Not advocating for eliminating spam forever.

I think all here can spend a couple days or weeks (slowly) mining a profile event with some PoW. Whether spammers can do it faster does not matter, they will have to pay the cost for every pubkey which raises their cost floor. They will need to spend in expensive equipment and spend energy to do it every single time they need a new pubkey.

What we have today is zero or near-zero cost.

Also if you don’t want to hear other people’s opinions try getting off the internet ffs and cut the 💩

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

artificial measures won't make any difference, and i'm sure as hell not wasting CPU time hashing stupid json notes for no effect

i'd rather just directly spend on resources that actually cost money anyway, that would be abused by spammers and scammers if they were free

in the end, you have to pay for PoW, same as with bitcoin, the whole point is that it's profitable, or nobody will do it

we have bitcoin, it uses PoW, that means nothing about any other application of it, and it solves the money problem so we can just cut to the chase and set a price floor for scammers right there in the app

if nobody cares, it's not needing protection, if it's interesting, then you need to charge for it

doesn't mean you can't give other ways to get new users on without first onboarding them to LN wallets, that can come later, referrals, attestations, all kinds of things could fix the onboarding problem

none of this has anything involved that needs PoW

please, just stahp with the PoW

you sound like shitcoiners 5 years ago before nicehash destroyed the PoW mining market and caused it to consolidate and eventually most of them are now gone, except for a very small few like chia, monero, litecoin, there just is no way to have more than a few of them in the world and only one will be really valuable

and if it already exists, you are just setting yourself up to watch it fall down just like all the shitcoins did

i can't believe you have this fascination about PoW and yet you have clearly done zero research on its history and the very few use cases it has actually long term worked for

Avatar
Cameri🐦‍🔥 1y ago

enjoy your spam