I like the idea of collective PoW: every now and then my client sends out another PoW for people that I follow. But you can't expect individuals to PoW themselves because things are so asymmetric. A laptop does nip13 100 times faster than most phones. Some GPU optimized version might go orders of magnitude faster than that. The people that you want to exclude have vastly more resources than the people you want to keep in. Same thing for bitchat
Discussion
Nice repo. Did you look at rana? Or other client PoW code? Or just start fresh?
While computing power spans a wide range, as you say, even a little bit of PoW makes creating a new account ONE MILLION times harder. That takes less than a second though. There is no ideal amount of PoW that keeps out spammers, but if you can slow them down one-million fold with a trick that costs very little, it still seems worth it.
I just vibe coded something to make a point... It's based on hashcat.
The problem is the asymmetry. Either you make spam easy, or you shut out normal people. The problem is more equitable if you expect people to pay others to mine for them, but now there's an entrance fee
I just had the thought that the gating factor is the network connection to drop off the spam on the server. It doesn't matter if keypair generation is super fast without PoW, any slowdown by requiring PoW that doesn't exceed the gating factor of the network connection makes no difference, until it exceeds that. So "one million times slower" is of no practical effect.
It's ... hard. But consider my idea of people randomly PoWing the people they follow. Even mobile-only people would occasionally get some server PoW. Over time pubkeys would accumulate a lot of it, and new accounts would have just a little. It's not perfect, but at least no one would wonder which nostr:npub1sg6plzptd64u62a878hep2kev88swjh3tw00gjsfl8f237lmu63q0uf63m is the real one, and maybe some new variant will work even better
It's similar to follower count, except you can easily make new followers. Also similar to zaps, but you can game zaps.
Can't game PoW, but it favors server hardware so you need to use it a certain way
I'm not quite following. Would you elaborate? Seems to me, a bottleneck on keypair generation would reduce the number of accounts that can be generated for spam, so it would significantly reduce spam as spammer have to continuously generate new keys as they're blocked or filtered by relays.
This of course doesnt take into account message level PoW, where one must be in the hash of the messages themselves, which clients and relays could implement.
And none of it addresses how PoW requirements are communicated between parties, both users and relays, to ensure that everything doesnt just become some standard, which is sure to be a difficulty of 0 in that case. I should he able to set a PoW as a user for DMs from users not in my follows list, for example, or something like that. Seems to me it would be better than WoT because it wouldnt shut new keypairs out of the network effects.