Oddbean new post about | logout
techfeudalist | 2 months ago (raw) | export | reply | flag +2 
 Pattern matching is a game of wack a mole. The spammers are already evolving. Eventually this will be AI spam on a freshly minted npub. It will look like any new user. Nostr apps will either be forced to block new users or implement something radical. 

Solutions are:

1) trust graph (accounts followed by people i follow and they people they follow, all the way up)

2) some significant cost for new users (which could be proof of bitcoin paid or owned, or proof of work in creating an account or for posting a message) nostr:note1zfhwgmkwtx48jtmzyrs9jaq82tm58grp45slxcvlc2n5atq8u07s80cdwx
cuban | 2 months ago (raw) | root | parent | reply | flag 
 makes sense, neither one would be frictionless for new users which is tough this early in the game for nostr

probably fine later on though

I like the Bitcoin paid up front solutions the best, WoT still seems gameable
techfeudalist | 2 months ago (raw) | root | parent | reply | flag 
 I’m personally bullish on the trust graph because I don’t follow just anyone and I assume the people they follow are similarly high signal. If a spammer did get through you could just mute them.  It would be difficult for a spammer to rejoin the graph unless they had a collaborator among the people in my graph (and I should be able to see who it was who let them in so I could unfollow them).
Dikaios1517 | 2 months ago (raw) | root | parent | reply | flag 
 While this is true, if widely implemented it would mean that legitimate new users will NEVER break into anyone's web of trust, unless they already know someone on Nostr who immediately follows them. Every new user would need an existing user as a kind of "sponsor" to get started. That may be feasible when Nostr is more well-known and virtually everyone knows SOMEONE who's already on it, but that's going to be a while.

For now, I think we need to find another method of combating spam than full web of trust lock-down, especially since it doesn't address the issue of the spam still taking up space on the relays.
techfeudalist | 2 months ago (raw) | root | parent | reply | flag 
 You’re right. There will need to be a way for new users to earn trust. 

I can think of a bunch of options:
1) pay influencers to sponsor them
2) pay relays to post
3) proof of work to generate a npub or to post to relays. 

I’m sure there are other options but these are just the ones that come to mind quickly. 

Bottom line is that there must be a real cost to prevent spam.
Dikaios1517 | 2 months ago (raw) | root | parent | reply | flag 
 It's a hard call, for sure. We don't want to make onboarding new legitimate users any more difficult than it already is, but we also need to have ways to mitigate spam like this.

We can do some of it via web of trust, but that will heavily impact new users if we make it automatically filter out anyone who doesn't yet have any followers from within our web of trust. 

Someone else had an idea about being able to flag your post as requiring a small payment in order to reply. I think this would be interesting. Anyone could try and reply, but you just wouldn't see it if they hadn't paid.

This also needs to be fought primarily at the relay level, since this spam is going to be taking up space on the relays, even if clients give users tools for not seeing it.

Requiring a small payment to post any note to a relay is something entirely possible with Lightning and eCash + Nostr Wallet Connect, and it would help make relays more sustainable, too. The downside, of course, is it may cause legitimate users to post and reply less often, since there is a cost, however small.

@Little Mikey D seems to have been able to keep the spam off of his relay, but I think the way he did so would probably have an impact on new users being able to post to his relay, so it would not be a solution we would want all relays to implement.

nostr:nevent1qqsw788j7fe664hq4geqlner4zgnm3zsffyxyfe8tlu4s8w67htjvwcpp4mhxue69uhkummn9ekx7mqprpmhxue69uhhyetvv9ujumn0wdmksetjv5hxxmmdqyf8wumn8ghj7mmxve3ksctfdch8qatzqy28wumn8ghj7un9d3shjtnyv9kh2uewd9hsyg8wzxjalaqvrxj4taqlus453uqwvxxfzgjky2hr0dkzhdnmwmzwfyc54a2r

So, it seems to me that the "postage required" method is likely going to be the most effective with the least impact on new users, even though it WILL require them to have some sats ready to go before they start posting.
chadlupkes | 2 months ago (raw) | root | parent | reply | flag +1 
 Fun.  So I see that this note has 49 replies, but I can only see the one from hodlcuban. Which means the other 48 are likely the spam bots, which I cannot see.  I guess I was able to block them, not sure how.