I looked at spam.nostr.band… I see existing strategies (e.g. "follower networks") plus NIP-69 (user-specified moderators → feed filtering) as solving the spam issue for users - except perhaps in their "global feed".
Public relays have a big spam problem. You've devised some strategies for that, I'm sure others have as well - but that's beyond my personal area of interest or expertise. (Though I am curious to hear what works.)
Paid relays will have a problem with moderation report spam since it's a catch 22… If they make it so only paid members can file moderation reports, then they have a legal problem. If they make it so anyone can file a moderation report then they have a potential spam problem. They can start by ignoring reports about content that's not on their relay. But they can still be spammed. Which is why I'm so glad wakoinc (npub1ktw…mrvj) mentioned PoW as a possible solution and want to understand that better.
Beyond that - I would look for unusual patterns of reports. First, take out the reports from people (and bots) you trust to one degree or another, then…
- Are there a high number of reports about the same piece of content?
- Are there a high number of reports from the same IP? (use /64 for IPv6)
- Are there a high number of reports from the same pubkey?
- Is the report from a new pubkey?
I monitor for (non-Nostr-related) attacks on my server now. Everything from SQL injection to blog comment spam. It's all IP-based. I look for "bad neighborhoods", so if there are too many IPs with infractions in the same subnet, I block the entire subnet. (More easily done with IPv4 than v6.)
I think pubkey age is a great metric. I see Primal has that data. You probably do as well. That's valuable data! I'd love an API that could be hit to query on the age of suspicious pubkeys. In exchange relay owners could probably give you hashes of IP addresses without compromising privacy laws - so you could answer the question of whether pubkeys are coming from the same IP (without knowing the IP).
s3x_JAY / s3x_jay
npub1ve…738wt
2023-05-04 15:38:22
in reply to nevent1q…msdl
Author Public Key
npub1veeqt66jt2j209y9nv4a90w3dej074lavqygq5q0c57dharkgw0qk738wtPublished at
2023-05-04 15:38:22Event JSON
{
"id": "b55f4f97c7bb7dbf9fad33e955be5f4c6bdeddd1a31e5fb06b111a5c9275e541",
"pubkey": "667205eb525aa4a794859b2bd2bdd16e64ff57fd600880500fc53cdbf476439e",
"created_at": 1683207502,
"kind": 1,
"tags": [
[
"e",
"5fe5eb146cd32bf481428cfc669bed57804f8e5c29a375f4bb43399c863ac781",
"",
"root"
],
[
"e",
"fabcafc1c94a066a33a5091758c77aba39140599b50c4afdb70598799a7e0d6a",
"",
"reply"
],
[
"p",
"b2dd40097e4d04b1a56fb3b65fc1d1aaf2929ad30fd842c74d68b9908744495b"
],
[
"p",
"bf943b7165fca616a483c6dc701646a29689ab671110fcddba12a3a5894cda15"
],
[
"p",
"76c71aae3a491f1d9eec47cba17e229cda4113a0bbb6e6ae1776d7643e29cafa"
],
[
"p",
"460c25e682fda7832b52d1f22d3d22b3176d972f60dcdc3212ed8c92ef85065c"
],
[
"p",
"d0a1ffb8761b974cec4a3be8cbcb2e96a7090dcf465ffeac839aa4ca20c9a59e"
],
[
"p",
"667205eb525aa4a794859b2bd2bdd16e64ff57fd600880500fc53cdbf476439e"
],
[
"p",
"3356de61b39647931ce8b2140b2bab837e0810c0ef515bbe92de0248040b8bdd"
]
],
"content": "I looked at spam.nostr.band… I see existing strategies (e.g. \"follower networks\") plus NIP-69 (user-specified moderators → feed filtering) as solving the spam issue for users - except perhaps in their \"global feed\". \n\nPublic relays have a big spam problem. You've devised some strategies for that, I'm sure others have as well - but that's beyond my personal area of interest or expertise. (Though I am curious to hear what works.)\n\nPaid relays will have a problem with moderation report spam since it's a catch 22… If they make it so only paid members can file moderation reports, then they have a legal problem. If they make it so anyone can file a moderation report then they have a potential spam problem. They can start by ignoring reports about content that's not on their relay. But they can still be spammed. Which is why I'm so glad nostr:npub1ktw5qzt7f5ztrft0kwm9lsw34tef9xknplvy936ddzuepp6yf9dsjrmrvj mentioned PoW as a possible solution and want to understand that better.\n\nBeyond that - I would look for unusual patterns of reports. First, take out the reports from people (and bots) you trust to one degree or another, then… \n\n- Are there a high number of reports about the same piece of content?\n- Are there a high number of reports from the same IP? (use /64 for IPv6)\n- Are there a high number of reports from the same pubkey? \n- Is the report from a new pubkey? \n\nI monitor for (non-Nostr-related) attacks on my server now. Everything from SQL injection to blog comment spam. It's all IP-based. I look for \"bad neighborhoods\", so if there are too many IPs with infractions in the same subnet, I block the entire subnet. (More easily done with IPv4 than v6.)\n\nI think pubkey age is a great metric. I see Primal has that data. You probably do as well. That's valuable data! I'd love an API that could be hit to query on the age of suspicious pubkeys. In exchange relay owners could probably give you hashes of IP addresses without compromising privacy laws - so you could answer the question of whether pubkeys are coming from the same IP (without knowing the IP). ",
"sig": "4e2d41d97351abdc7056efce06f43f8c3000430420f397eb457ac53e799c621a704abfb2e682bd8069b62acca19e6d1422295d324a0ef8500fcfa53afe19776d"
}