Replying to Avatar brugeman

I've created a presentation about spam/abuse some time ago here spam.nostr.band, could you guys take a look and disagree, please? I have opinions around PoW etc but that link should give a more complete picture.
Avatar
s3x_jay 2y ago

I looked at spam.nostr.band… I see existing strategies (e.g. "follower networks") plus NIP-69 (user-specified moderators → feed filtering) as solving the spam issue for users - except perhaps in their "global feed".

Public relays have a big spam problem. You've devised some strategies for that, I'm sure others have as well - but that's beyond my personal area of interest or expertise. (Though I am curious to hear what works.)

Paid relays will have a problem with moderation report spam since it's a catch 22… If they make it so only paid members can file moderation reports, then they have a legal problem. If they make it so anyone can file a moderation report then they have a potential spam problem. They can start by ignoring reports about content that's not on their relay. But they can still be spammed. Which is why I'm so glad nostr:npub1ktw5qzt7f5ztrft0kwm9lsw34tef9xknplvy936ddzuepp6yf9dsjrmrvj mentioned PoW as a possible solution and want to understand that better.

Beyond that - I would look for unusual patterns of reports. First, take out the reports from people (and bots) you trust to one degree or another, then…

- Are there a high number of reports about the same piece of content?

- Are there a high number of reports from the same IP? (use /64 for IPv6)

- Are there a high number of reports from the same pubkey?

- Is the report from a new pubkey?

I monitor for (non-Nostr-related) attacks on my server now. Everything from SQL injection to blog comment spam. It's all IP-based. I look for "bad neighborhoods", so if there are too many IPs with infractions in the same subnet, I block the entire subnet. (More easily done with IPv4 than v6.)

I think pubkey age is a great metric. I see Primal has that data. You probably do as well. That's valuable data! I'd love an API that could be hit to query on the age of suspicious pubkeys. In exchange relay owners could probably give you hashes of IP addresses without compromising privacy laws - so you could answer the question of whether pubkeys are coming from the same IP (without knowing the IP).

Reply to this note

Please Login to reply.

Discussion

Avatar
brugeman 2y ago

User-specified mods would 'solve' spam for people if the mod is software and works very fast, so that client wouldn't have to show all those events to user only to drop them later after a human mod intervenes. Human mod is needed for a very high level stuff that's hard to categorize by a machine.

And if we have such fast mod software (let's call it what it is - a spam filter) then we can also apply them on the relay as well, so repetitive reports would pass through the same AI-powered filter as all the other stuff. Don't see why that wouldn't work for spam/abuse at relay level if it works at user level.

If someone's goal isn't spam (achieving a goal by pretending to be a legit thing), but is pure destruction (take down a relay), then it's not spam, it's DDoS, and PoW could help, although it's not a complete solution - LN paywall at the protocol level should work better, bcs a) it would sponsor the relay, not the PoW miner, and b) it would work for both reads and writes.

The second half of your post is about implementation details of a potential spam filter, those are all good points, but I'd say spam-protection professionals are needed here, and AI will be absolutely required to fight chatgpt-generated spam.

Avatar
s3x_jay 2y ago

Generally agree, definitely like the way you’re thinking. Two thoughts though…

Having an LN paywall on the relay recreates the problem I was trying to avoid… I’m not sure it’s legal to require payment to report content problems. e.g. a copyright holder shouldn’t have to pay someone who’s violating their copyright. But PoW isn’t payment, which is why that might work.

But then there the problem that PoW is really slow in browsers (see screenshot below). It can’t take a full minute for browser-based users but be instantaneous for bots on servers. That makes no sense.

Avatar
brugeman 2y ago

Agree that direct LN payment might be a legal issue. Maybe the fact that _any_ interaction with a service requires micropayment would make it a non-issue? Or maybe a spam filter could just whitelist common big copyright reporters, and keep enforcing LN on everyone?

PoW only seems different, but practically no app would use user's device for that, PoW mining services would offer mining for a small payment (Blake is working on one), and apps will integrate those if network requires PoW. There is no way a normal user could compete w/ spammers on PoW, unless they can just buy from a provider. And so small reporters would have to use micropayments for PoW anyway.

I think we might be overthinking it a little at this point. Too much is unclear about how nostr evolves.