Nostr Web Client

https://m.primal.net/HPlD.mp4Getting bombarded with what looks like a SPAM attack of fake followers. Anyone else seeing this? What's the best way to limit something like this?

Curious if (because the protocol is completely open) a small POW (aka hashcash) be a viable deterrent for brand new accounts and maybe the first 10 posts or something. This could make it easier to allow all new accounts without prejudice, and very little friction for the user, while preventing someone from just coming in and mass creating 1,000s of accounts and posting mountains of spam. (could even make them bitcoin block hashes that are handed to the primary relay, maybe one day after years of this some relay wins a totally random block reward 🤣)

For any accounts that make it past the initial "POW zone" and still end up spamming relentlessly, could just be managed on a per occurrence basis. I suspect a simple barrier like this would likely prevent the overwhelming majority of the problem. 🤔🤔

Reply to this note

Please Login to reply.

Discussion

hodlbod 2y ago

Coracle uses WoT to hide sybils. PoW could help in the short term but it'll never be more than a partial solution without on-demand ASIC access

Rock 2y ago

This sounds relevant to my question nostr:note1xy2y8f80xvk025c9em7f3cs0ysusw3r0eua2pm6d0dheapcfcemq60pz3s

Hodl, what do you mean by only a partial solution?

SMS 2y ago

That’s low time preference for ya.

Funny how they complain as soon as the content doesn’t favor random killings and fake social engineering.

hodlbod 2y ago

There will always be an incentive for Sybil attacks, spam is just the lowest rung on the ladder. More sophisticated attacks, for example by bootstrapping a sybil in-group via social engineering in order to effectively hijack identity or phish people will be worth the cost of PoW since they might be able to manipulate public information or gain access to trusted information.

MapleTreeFarmstead 2y ago

Definitely seeing it. I'm not posting much but have jumped from ~180 to ~300 followers. Definitely not all real.

RAnger 2y ago

Great idea… nostr:npub15dqlghlewk84wz3pkqqvzl2w2w36f97g89ljds8x6c094nlu02vqjllm5m talked about this idea a few years ago. Putting up an amount of Sats to interact. Which could move back and forth in a good relationship or be withheld by an egregious one.

Although I’m not famous like you 😆 so I’m not getting the same spam attacks.

Nunya Bidness 2y ago

I’m not seeing this happening to me.

Pepe NOSTRos 2y ago

Yah I have some jacks and such appearing. Small account though so only a few

Cyber Seagull 2y ago

same. No way 160+ ppl are following me.

Cyber Seagull 2y ago

Pay to follow ?

Cyber Seagull 2y ago

By the way, Amethyst display follower count, but if you switch to the actual follower list, it somehow filters them. i think it does this based on Block reports ? nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z ?

Rob 2y ago

I guess in principle:

- Clients should be able to ask a relay if its POW enabled, posting the npub at the same time, and it gets back a positive or zero difficulty target

- The relay decides how to treat unknown/new or abusive npubs, raising the necessary difficulty target if needed. Relay owners discretion if it gets raised based on events per minute, content, or whatever

- There would need to be some kind of nonce/POW field in each posted event JSON

- The client must then use the POW field as a scratchpad for adding a value that allows the whole events hash to meet the target difficulty, or be continually rejected