Nostr Web Client

This is a long post that hopefully bridges some gaps between technical people (devs) and non-technical users and how they look at spam prevention in Bitcoin. I hope that it clarifies why I think that there is such a huge misunderstanding between both camps.

I'll preface this post with first disqualifying any malicious attempts to misrepresent the motives of either camp. Everybody wants to improve Bitcoin as money. Money is Bitcoin's use case. It's not a data storage system. If you think otherwise, there are countless shitcoins to play with.

Alright, let's get into it.

I have worked on anonymous systems for over a decade. I have read tons of research on spam detection, rate-limiting, and I've implemented spam prevention techniques in the real world.

I am very confident to say that there is not a single known method to prevent spam in decentralized anonymous open networks other than proof of work.

This is what Satoshi realized when he designed Bitcoin and it's why only transaction fees can reliably fight spam without sacrificing any of Bitcoin's properties.

Let me explain.

Spam prevention is a cat and mouse game. As a system's architect, your goal is to make the life of a spammer harder (increase the friction). This is why, on the web, you see captchas, sign-ups, or anything that can artificially slow you down. Slowing down is key. This is why Satoshi turned to proof of work.

Let's contrast this to other methods for spam prevention. This is not an exhaustive list but it illustrates the design space of this problem, other methods are often derivatives of these:

CAPTCHAS are a centralized form of proof of work for humans: Google's servers give you a hard-to-solve task (select all bicycles) that will slow you down so that you can't bombard a website with millions of requests. It requires centralization: you need to prove Google that you're human so that you can use another website. If you could host your own CAPTCHA service, why would anyone believe you're not cheating?

LOGINS with email and passwords are most popular way to slow down users. Before you can sign up, you need to get an email address, and to get an email address, you often need a phone number today. The purpose of this is, again, to slow you down (and to track you to be honest). It only works well when emails are hard to get, i.e. in a centralized web where Google controls how hard it is to get an email account. If you could easily use your own email server, why would anyone believe you're not a bot?

The next one is the most relevant to Bitcoin:

AD BLOCK FILTERS are another form of spam prevention but this time the roles are reversed: you as a user fight against the spam from websites and advertising companies trying to invade your brain. Ad blocking works only under certain conditions: First you need to be able to "spell out" what the spam looks like, i.e. what the filter should filter out. Second, you need to update your filters every time someone circumvents them. Have you ever installed a youtube ad blocker and then noticed that it stops working after a few weeks? That's because you're playing cat-and-mouse with youtube. You block, they circumvent, you update your filters, repeat.

The fact that you need to update your filters is critical and that's where it ties back to Bitcoin: Suppose you have a mempool filter for transactions with a locktime of 21 because some stupid NFT project uses that. You maybe slow them down for a few weeks, but then they notice it and change their locktime to 22. You're back at zero, the spam filter doesn't work anymore. What do you do?

You update your filter! But where do you get your new filter from? You need a governing body, or some centralized entity that keeps updating these filters and you need to download their new rules every single day. That's what ad blockers in your web browser do. They trust a centralized authority to know what's best for you, and blindly accept their new filters. Every single day.

I hope you see the issue here. Nobody should even consider this idea of constantly updating filter rules in Bitcoin. This would give the filter providers a concerning level of power and trust. It would turn Bitcoin into a centrally planned system, the opposite of what makes Bitcoin special.

This is why filters do not work for decentralized anonymous systems. They require a central authority. Until now, these rules were determined by Bitcoin Core, but they have realized that these rules do not work anymore. Transactions bypass the filters easily and at some point, carrying them around became a burden to the node runners themselves. Imagine you're using an outdated ad blocker but instead of filtering out ads, it now also filters out legitimate content you might be interested in. That's what mempool filters do, and that's why Bitcoin Core is slowly relaxing these filters. This has been discussed for over two years, it's not a sudden decision.

The goal of this change is not to help transactions to slip through more easily. The goal is to improve your node's prediction of what is going to be in the next block. Most people misrepresent this part. They say "it's to turn Bitcoin into a shitcoin" but that is just a false statement at best, or a manipulation tactic at worst.

Let's tie it back to proof of work and why fees are the actual filter that keeps Bitcoin secure and prevents spam reasonably well: Satoshi realized that there is no technique that could slow down block production and prevent denial of service attacks in a decentralized system other than proof of work. Fees prevent you from filling blocks with an infinite number of transactions. All the other options would introduce some form of trust or open the door for censorship – nothing works other than proof of work.

He was smart enough to design a system where the proof of work that goes into block production is "minted" into the monetary unit of the system itself: You spend energy, you get sats (mining). This slows down block production. How do you slow down transactions within those blocks? You spend the sats themselves, original earned form block production, as fees for the transactions within the block!

This idea is truly genius and it's the only reason why Bitcoin can exist. All other attempts of creating decentralized money have failed to solve this step. Think about it: without knowing who you are, whether you're one person pretending to be a thousand, or a thousand people pretending to be one. Bitcoin defends itself (and anyone who runs nodes in the Bitcoin system) from spam by making you pay for your activity.

People sometimes counter this by saying: the economic demand for decentralized data storage is higher than the monetary use case. First of all, I think that's just wrong. There are way cheaper ways to store data (there are shitcoins for this), and the value of having decentralized neutral internet money is beyond comparison.

However, there's a much deeper concern here. If you truly believe this, I ask you: what is Bitcoin worth to you? If you think Bitcoin can't succeed as money (i.e. be competitive), why do you even care? If you're not willing to pay fees for the use case that we all believe Bitcoin is designed for (money), and you believe that no one is willing to pay for it, how can it even persist into the future?

You can't have it all. If Bitcoin is money (which I believe it is), then we need to pay the price to keep it alive. There is no free lunch.

Either we centralize, or we pay the price of decentralization. I know where I stand.

Peace.

Tavon 3mo ago

Hey nostr:nprofile1qqs9pk20ctv9srrg9vr354p03v0rrgsqkpggh2u45va77zz4mu5p6ccpzemhxue69uhks6tnwshxummnw3ezumrpdejz7qgwwaehxw309ahx7uewd3hkctc0c969u, I appreciate the work you do developing on top of bitcoin, but I’m confused on your explanation. Can you expand on these points you made:

1. How is op_return filtering out legitimate content? What is legitimate content in your opinion?

2. Why is helping my node predict what’s in the next block important? Is it more important than bloating the chain with images and video? Doesn’t keeping the level of entry to run a node keep bitcoin decentralized?

Reply to this note

Please Login to reply.

Discussion

calle 3mo ago

I'll try my best.

1. op_return was invented as a way to prevent even more destructive ways to store data. if you dig through bitcoin's history, you'll notice that in the coloerd coins / rare pepe era, people started putting data into multisig, which created unspendable UTXOs. that's just as a background. today, we're building L2s to make Bitcoin more useful as money. these need to anchor data on the blockchain and op_return is *one* way of doing that, and it's the best way of doing in in terms of minimizing damage. these L2s store legitimate data (they do not store data just for the lulz or to spam the network), but to improve bitcoin's scalability. NOTE: that this discussion is widely blown out of proportion because OP_RETURN is only economic until a pretty small payload size, but you probably know this already. nobody in their right mind would store 1 MB in an op_return if they can it in the witness, certainly not a spammer.

2. there are two important points that answer this question: fee estimation and compact block relays. fee estimation: if you don't know what the next block will look like (because you filter out transactions from your mempool), then your fee estimations will be off. if you're using an L2 that requires good fee estimation like Lightning, this even increases your risk of losing money. second, compact block filters: they minimize network data when a block is found. instead of downloading each new block from your peers, what nodes try to do is to get a summary of the block and fill in the blanks using their mempool data. in the best case, they already know all transactions and only need to download the block header etc. this reduces p2p traffic and increases block propagation speed, which in turns makes mining more competitive, and therefore more decentralized.

hope it addresses some of your quesitons.

𝕞𝕪𝕡𝕒𝕥𝕙𝕥𝕠𝕗𝕚𝕣𝕖 3mo ago

Thanks for being honest and coming clean that you are blowing open op return for L2s you are building.

calle 3mo ago

It's a pleasure. I'm not building them btw. I just follow the discussion closely.

ESE 3mo ago

Cashu isn’t an L2; it’s a Chaumian ecash system with centralized mints. That’s fine if you trust the mint, but calling everything else ‘centralization’ while defending Cashu is a bit rich

Branca 3mo ago

My master, the bald degen weirdo want my to come clean on his behalf.

𝕞𝕪𝕡𝕒𝕥𝕙𝕥𝕠𝕗𝕚𝕣𝕖 3mo ago

Hes a cyberpynk lok

Tavon 3mo ago

Thank you for responding nostr:npub12rv5lskctqxxs2c8rf2zlzc7xx3qpvzs3w4etgemauy9thegr43sf485vg. It did help me understand your perspective more, but it also brought more questions:

1. So I appreciate your coverage of L2s. I do want L2s, bitcoin global scalability, and anonymity to succeed. And I do want bitcoin to be used as a medium of exchange at some point. But is scalability currently an issue? How much data does an L2 need currently to store data? Are L2s being hindered by op_return default cap rn? Do you think increasing the op_return cap slowly instead of removing it all together, would be the more responsible thing to do?

I might be totally wrong here, but my understanding is that op_return was working at filtering spam (there was no cat and mouse game with spam) and then taproot unintentionally gave spammers an alternative route. Shouldn’t that be addressed by devs instead? Doesn’t this also show us that making changes to the protocol can introduce unforeseen consequences? So again doesn’t going slowly seem more logical?

2. This is starting to get past my current knowledge regarding bitcoin mechanisms so I appreciate you trying to break it down for me. You said when L2 fee estimations are off there is a risk of losing money; does this mean fees could be a few sats more, or can a whole transaction get voided? Neither is acceptable but trying to understand severity there.

I guess I don’t want mining centralization or node software development centralization. Are you saying that when a large mining pool mines a block they get a head start on the next block because other nodes have to wait for that block header to get relayed? And the relay is slowed down when there isn’t node software/rule uniformity?

Anyway this is super interesting and I appreciate your insights. I do want to get things right as a node runner.

SatsAndSports 3mo ago

Knots nodes still pass images and large op_returns through the network, *when they have been mined into the chain*

Many nodes refuse transactions below 1sat/vB, and indeed some miners refuse to include them (e.g. ViaBTC), but there are hundreds of those transactions in most blocks. Big miners are making extra profit through their out-of-band systems, where they make extra money for including transactions.

Filtering them just means that the relay network is less good at predicting the next block.

And that's bad because it means small miners can't stay up to date, and they can't get their blocks quickly accepted by the rest of the network.

The filters don't work at blocking things, their only impact is to harm small miners.

There are subtleties in all the above. Certain kinds of relay filters can work, but it's all about the complex interactions between game theory and technology.

You mentioned "bloating the chain with images and video". I still haven't seen a credible plan - based on expert knowledge of all the issues - for how to keep these out of the chain.