exmp's avatar
exmp 6 months ago
PoW is effective in the context of DDoS attacks, where an attacker generates millions of connections in a short time. In such cases, even a small computational cost per request, when multiplied by millions, becomes significant for the attacker, but remains manageable for legitimate users. Spam, however, is a different problem. A spammer publishing just 1,000 notes per hour could still inflict substantial damage on Nostr relays, overwhelming storage and flooding the relay global feed. In this case, the computational cost of PoW (especially at < difficulty levels) is negligible for the attacker and not a meaningful deterrent. The situation is much closer to the email spam problem, where PoW was also explored and ultimately abandoned due to its ineffectiveness. In fact, Nostr's case is arguably simpler from the spammer’s perspective: notes are public, require no targeting, and have virtually no delivery constraints. So my initial point remains: NIP-13 is unlikely to be effective as a spam prevention mechanism, just as PoW proved ineffective against spam emails.
↑ Parent

Replies (2)

🇵🇸 whoever loves Digit's avatar
🇵🇸 whoever loves Digit 6 months ago
You're definitely wrong If it didn't work with a simple threshold for what difficulty level is needed to join the web of trust, it would just need a simple formula accounting for things like whether there are any links, as I said before
1 replies ↓
exmp's avatar
exmp 6 months ago
Yes, restricting PoW to users outside the WoT is a thing, and makes somewhat sense. But still I don't understand why not captchas or similar in this scenario. These are more effective than PoW, as they burn human mental resources, not just cheap CPU cycles, and are hard to automate.
1 replies ↓