We're aware of the spam attack hitting mastodon.social right now and our full moderation and DevOps teams are on the case mitigating any way we can (incl. switching to approval-mode registrations)
Discussion
nostr:npub1xzmt2d95f7watzyqktl982d7jfe5ptktusv4j20csz8nxxgmhq6q30eykm Almost seems like very large instances are not such a great idea 🤔 We should try something like decentralization...
đź‘€
A decentralized network can still be spammed. I think nostr is extremely delicate rn.
I think we need to have all relays require payments ASAP, or they could be brought down by a script kiddie.
I’m interested in #[6] thoughts on this. Can Nostr be DDoS:ed?
Creating a new private key and publishing to a relay is trivial. What is stopping someone from creating 1,000,000 or more private keys publishing to relays listed on Nostr.watch? Running these realize is already very expensive and many of them are free to use. They might begin rate limiting certain private keys… are, but I think it would severely affect everyone’s experience.
All of the spam accounts have been suspended, reports queue cleared, IPs and e-mail domains used in the spam wave banned. We're continuing to monitor the situation and analyzing the pattern.