Nostr Web Client

This is a long post that hopefully bridges some gaps between technical people (devs) and non-technical users and how they look at spam prevention in Bitcoin. I hope that it clarifies why I think that there is such a huge misunderstanding between both camps.

I'll preface this post with first disqualifying any malicious attempts to misrepresent the motives of either camp. Everybody wants to improve Bitcoin as money. Money is Bitcoin's use case. It's not a data storage system. If you think otherwise, there are countless shitcoins to play with.

Alright, let's get into it.

I have worked on anonymous systems for over a decade. I have read tons of research on spam detection, rate-limiting, and I've implemented spam prevention techniques in the real world.

I am very confident to say that there is not a single known method to prevent spam in decentralized anonymous open networks other than proof of work.

This is what Satoshi realized when he designed Bitcoin and it's why only transaction fees can reliably fight spam without sacrificing any of Bitcoin's properties.

Let me explain.

Spam prevention is a cat and mouse game. As a system's architect, your goal is to make the life of a spammer harder (increase the friction). This is why, on the web, you see captchas, sign-ups, or anything that can artificially slow you down. Slowing down is key. This is why Satoshi turned to proof of work.

Let's contrast this to other methods for spam prevention. This is not an exhaustive list but it illustrates the design space of this problem, other methods are often derivatives of these:

CAPTCHAS are a centralized form of proof of work for humans: Google's servers give you a hard-to-solve task (select all bicycles) that will slow you down so that you can't bombard a website with millions of requests. It requires centralization: you need to prove Google that you're human so that you can use another website. If you could host your own CAPTCHA service, why would anyone believe you're not cheating?

LOGINS with email and passwords are most popular way to slow down users. Before you can sign up, you need to get an email address, and to get an email address, you often need a phone number today. The purpose of this is, again, to slow you down (and to track you to be honest). It only works well when emails are hard to get, i.e. in a centralized web where Google controls how hard it is to get an email account. If you could easily use your own email server, why would anyone believe you're not a bot?

The next one is the most relevant to Bitcoin:

AD BLOCK FILTERS are another form of spam prevention but this time the roles are reversed: you as a user fight against the spam from websites and advertising companies trying to invade your brain. Ad blocking works only under certain conditions: First you need to be able to "spell out" what the spam looks like, i.e. what the filter should filter out. Second, you need to update your filters every time someone circumvents them. Have you ever installed a youtube ad blocker and then noticed that it stops working after a few weeks? That's because you're playing cat-and-mouse with youtube. You block, they circumvent, you update your filters, repeat.

The fact that you need to update your filters is critical and that's where it ties back to Bitcoin: Suppose you have a mempool filter for transactions with a locktime of 21 because some stupid NFT project uses that. You maybe slow them down for a few weeks, but then they notice it and change their locktime to 22. You're back at zero, the spam filter doesn't work anymore. What do you do?

You update your filter! But where do you get your new filter from? You need a governing body, or some centralized entity that keeps updating these filters and you need to download their new rules every single day. That's what ad blockers in your web browser do. They trust a centralized authority to know what's best for you, and blindly accept their new filters. Every single day.

I hope you see the issue here. Nobody should even consider this idea of constantly updating filter rules in Bitcoin. This would give the filter providers a concerning level of power and trust. It would turn Bitcoin into a centrally planned system, the opposite of what makes Bitcoin special.

This is why filters do not work for decentralized anonymous systems. They require a central authority. Until now, these rules were determined by Bitcoin Core, but they have realized that these rules do not work anymore. Transactions bypass the filters easily and at some point, carrying them around became a burden to the node runners themselves. Imagine you're using an outdated ad blocker but instead of filtering out ads, it now also filters out legitimate content you might be interested in. That's what mempool filters do, and that's why Bitcoin Core is slowly relaxing these filters. This has been discussed for over two years, it's not a sudden decision.

The goal of this change is not to help transactions to slip through more easily. The goal is to improve your node's prediction of what is going to be in the next block. Most people misrepresent this part. They say "it's to turn Bitcoin into a shitcoin" but that is just a false statement at best, or a manipulation tactic at worst.

Let's tie it back to proof of work and why fees are the actual filter that keeps Bitcoin secure and prevents spam reasonably well: Satoshi realized that there is no technique that could slow down block production and prevent denial of service attacks in a decentralized system other than proof of work. Fees prevent you from filling blocks with an infinite number of transactions. All the other options would introduce some form of trust or open the door for censorship – nothing works other than proof of work.

He was smart enough to design a system where the proof of work that goes into block production is "minted" into the monetary unit of the system itself: You spend energy, you get sats (mining). This slows down block production. How do you slow down transactions within those blocks? You spend the sats themselves, original earned form block production, as fees for the transactions within the block!

This idea is truly genius and it's the only reason why Bitcoin can exist. All other attempts of creating decentralized money have failed to solve this step. Think about it: without knowing who you are, whether you're one person pretending to be a thousand, or a thousand people pretending to be one. Bitcoin defends itself (and anyone who runs nodes in the Bitcoin system) from spam by making you pay for your activity.

People sometimes counter this by saying: the economic demand for decentralized data storage is higher than the monetary use case. First of all, I think that's just wrong. There are way cheaper ways to store data (there are shitcoins for this), and the value of having decentralized neutral internet money is beyond comparison.

However, there's a much deeper concern here. If you truly believe this, I ask you: what is Bitcoin worth to you? If you think Bitcoin can't succeed as money (i.e. be competitive), why do you even care? If you're not willing to pay fees for the use case that we all believe Bitcoin is designed for (money), and you believe that no one is willing to pay for it, how can it even persist into the future?

You can't have it all. If Bitcoin is money (which I believe it is), then we need to pay the price to keep it alive. There is no free lunch.

Either we centralize, or we pay the price of decentralization. I know where I stand.

Peace.

TheKayman 3mo ago 💬 2

The fees are the filter argument does not address the mempool issue that this change to op_return brings.

Because core 30 nodes will accept and relay 100kb files by default, this allows for files to be sent across the p2p network without having to get this transaction mined.

Criminals / bad actors can exploit this by relaying illegal data to their buddy on the other side of the world, anonymously and for free because this is all happening at the mempool level.

Yes, eventually after a period of time of this transaction not being mined it will be dropped from the node’s mempool, but by this point that illegal file has already been relayed to other bad actors.

In short: the removal of op_return filters in core 30 software creates infrastructure for an extremely effective, anonymous and free data relay / sharing service that will be exploited by criminals with illegal files.

This is not me being a purist saying “this is immoral”. This is me saying “this introduces a legitimate attack vector that governments and the powers at be who want to see bitcoin fail WILL use”.

Reply to this note

Please Login to reply.

Discussion

Zio Mc 3mo ago

This is the first time I heard this mempool transaction use. And I'm agree with you, it could be a big problem.

Ahi 3mo ago 💬 2

You can do that now placing the data in SegWit/Taproot witness and it will be relayed.

TheKayman 3mo ago

That’s true, but there’s a difference between people using an exploit that is not natively supported vs using op_return which is a feature with the purpose to allow arbitrary data.

By increasing the op_return limit you are now signalling that relaying large blobs of continuous data is a feature supported by the network. In contrast, shoving split up chunks of data into the witness section where it is not designed to be is not an intended use of the network.

The argument is that: now relaying large continuous chunks of data is natively supported, any legal/regulatory plausible deniability is gone.

From a technical standpoint this change also makes it easier for bad actors / criminals as they don’t have to split their files into multiple chunks.

Ahi 3mo ago 💬 3

Is there some rule I don't get? (Likely) You can put in 100k vbytes now and you don't need to split them?

https://bitcoin.stackexchange.com/questions/117277/what-is-the-maximum-size-transaction-that-will-be-relayed-by-bitcoin-nodes-using?utm_source=chatgpt.com

TheKayman 3mo ago

The 100k vbytes refers to the total size of the transaction including witness data, headers, the inputs and outputs, etc. For inscriptions spammers use the witness data aspect of the transaction.

From my understanding, each input has its own witness field, which can carry only a limited amount of data. To include larger files, the data must be split across multiple inputs and/or multiple transactions. The total transaction size cannot exceed100k vbytes.

Ahi 3mo ago 💬 1

How much bigger percent wise can one input in the mempool be after this? Is this a concern?

calle 3mo ago

max block size is 4mb since 2017.

TheKayman 3mo ago

There is no size increase for the total transaction (still 100k vbytes), and so there is no size increase to the inputs. The change is changing how much data in the op_return part of the transaction nodes will relay. The change means your op_return data can take up the entire 100k vbytes and core 30 nodes will still relay it by default. Prior to core 30 nodes would only relay transactions with a max of 80 bytes op_return data by default.

The change basically means the bitcoin p2p network supports transactions that are completely arbitrary data or spam.

The concern comes from whether you think nodes relaying 100kb files, uploaded anonymously for free could be an attack vector for bad actors.