Oddbean

Zaps are receipts of lightning payment. If they are paying me money to improve their spam score then fine, but if they start spamming with that key I can just mute them and then they have lost money

The attacker sends one zap per nsec to an account they want to spam with, many times. They lose basically no money because they own the wallet receiving all the zaps. The Lightning Network is designed to be private. Given a bunch of different lightning payment receipts, can you really tell whether or not they all came from the same person?

At the end of the day, my nostrPubkey on my lnurl endpoint says to only trust zaps from my lightning node. I can use this to trust that the zaps I receive are legit. Zaps are tied to sender pubkeys. If i see a zap from someone, then I know that person initiated the zap and most likely paid the zap. I can use this to improve that pubkeys spam score. If they are a spammer and send me 10000 sats to pass my filter and start spamming me, then I can just mute that key and they have to send me another 10000 sats to try again.

I am describing a scenario where the spammer spams everyone they possibly can, en masse. Any algorithm that tries to filter out the spammer’s notes based on checking if the spammer has been zapped enough time by “peers” would be fooled, because the spammer would have been zapped many times over (and it would look like other people zapped him).

Ok, i suggested an algo that works, your suggesting an algorithm that is broken and doesn’t. Don’t use that algo? In my scenario, it would block a mass spammer because they would have to zap every single person they are spamming which would be very costly.

Isn’t your proposed algorithm susceptible to the exact same shortcoming of WoT then? ie. Nobody would be able to see new users. And even if these new users zapped you specifically, they’d still remain invisible to everybody else using the same algorithm.