Michael J Burgess's avatar
Michael J Burgess beitmenotyou@nostr.beitmenotyou.online 2 months ago
This is a long post that hopefully bridges some gaps between technical people (devs) and non-technical users and how they look at spam prevention in Bitcoin. I hope that it clarifies why I think that there is such a huge misunderstanding between both camps. I'll preface this post with first disqualifying any malicious attempts to misrepresent the motives of either camp. Everybody wants to improve Bitcoin as money. Money is Bitcoin's use case. It's not a data storage system. If you think otherwise, there are countless shitcoins to play with. Alright, let's get into it. I have worked on anonymous systems for over a decade. I have read tons of research on spam detection, rate-limiting, and I've implemented spam prevention techniques in the real world. I am very confident to say that there is not a single known method to prevent spam in decentralized anonymous open networks other than proof of work. This is what Satoshi realized when he designed Bitcoin and it's why only transaction fees can reliably fight spam without sacrificing any of Bitcoin's properties. Let me explain. Spam prevention is a cat and mouse game. As a system's architect, your goal is to make the life of a spammer harder (increase the friction). This is why, on the web, you see captchas, sign-ups, or anything that can artificially slow you down. Slowing down is key. This is why Satoshi turned to proof of work. Let's contrast this to other methods for spam prevention. This is not an exhaustive list but it illustrates the design space of this problem, other methods are often derivatives of these: CAPTCHAS are a centralized form of proof of work for humans: Google's servers give you a hard-to-solve task (select all bicycles) that will slow you down so that you can't bombard a website with millions of requests. It requires centralization: you need to prove Google that you're human so that you can use another website. If you could host your own CAPTCHA service, why would anyone believe you're not cheating? LOGINS with email and passwords are most popular way to slow down users. Before you can sign up, you need to get an email address, and to get an email address, you often need a phone number today. The purpose of this is, again, to slow you down (and to track you to be honest). It only works well when emails are hard to get, i.e. in a centralized web where Google controls how hard it is to get an email account. If you could easily use your own email server, why would anyone believe you're not a bot? The next one is the most relevant to Bitcoin: AD BLOCK FILTERS are another form of spam prevention but this time the roles are reversed: you as a user fight against the spam from websites and advertising companies trying to invade your brain. Ad blocking works only under certain conditions: First you need to be able to "spell out" what the spam looks like, i.e. what the filter should filter out. Second, you need to update your filters every time someone circumvents them. Have you ever installed a youtube ad blocker and then noticed that it stops working after a few weeks? That's because you're playing cat-and-mouse with youtube. You block, they circumvent, you update your filters, repeat. The fact that you need to update your filters is critical and that's where it ties back to Bitcoin: Suppose you have a mempool filter for transactions with a locktime of 21 because some stupid NFT project uses that. You maybe slow them down for a few weeks, but then they notice it and change their locktime to 22. You're back at zero, the spam filter doesn't work anymore. What do you do? You update your filter! But where do you get your new filter from? You need a governing body, or some centralized entity that keeps updating these filters and you need to download their new rules every single day. That's what ad blockers in your web browser do. They trust a centralized authority to know what's best for you, and blindly accept their new filters. Every single day. I hope you see the issue here. Nobody should even consider this idea of constantly updating filter rules in Bitcoin. This would give the filter providers a concerning level of power and trust. It would turn Bitcoin into a centrally planned system, the opposite of what makes Bitcoin special. This is why filters do not work for decentralized anonymous systems. They require a central authority. Until now, these rules were determined by Bitcoin Core, but they have realized that these rules do not work anymore. Transactions bypass the filters easily and at some point, carrying them around became a burden to the node runners themselves. Imagine you're using an outdated ad blocker but instead of filtering out ads, it now also filters out legitimate content you might be interested in. That's what mempool filters do, and that's why Bitcoin Core is slowly relaxing these filters. This has been discussed for over two years, it's not a sudden decision. The goal of this change is not to help transactions to slip through more easily. The goal is to improve your node's prediction of what is going to be in the next block. Most people misrepresent this part. They say "it's to turn Bitcoin into a shitcoin" but that is just a false statement at best, or a manipulation tactic at worst. Let's tie it back to proof of work and why fees are the actual filter that keeps Bitcoin secure and prevents spam reasonably well: Satoshi realized that there is no technique that could slow down block production and prevent denial of service attacks in a decentralized system other than proof of work. Fees prevent you from filling blocks with an infinite number of transactions. All the other options would introduce some form of trust or open the door for censorship – nothing works other than proof of work. He was smart enough to design a system where the proof of work that goes into block production is "minted" into the monetary unit of the system itself: You spend energy, you get sats (mining). This slows down block production. How do you slow down transactions within those blocks? You spend the sats themselves, original earned form block production, as fees for the transactions within the block! This idea is truly genius and it's the only reason why Bitcoin can exist. All other attempts of creating decentralized money have failed to solve this step. Think about it: without knowing who you are, whether you're one person pretending to be a thousand, or a thousand people pretending to be one. Bitcoin defends itself (and anyone who runs nodes in the Bitcoin system) from spam by making you pay for your activity. People sometimes counter this by saying: the economic demand for decentralized data storage is higher than the monetary use case. First of all, I think that's just wrong. There are way cheaper ways to store data (there are shitcoins for this), and the value of having decentralized neutral internet money is beyond comparison. However, there's a much deeper concern here. If you truly believe this, I ask you: what is Bitcoin worth to you? If you think Bitcoin can't succeed as money (i.e. be competitive), why do you even care? If you're not willing to pay fees for the use case that we all believe Bitcoin is designed for (money), and you believe that no one is willing to pay for it, how can it even persist into the future? You can't have it all. If Bitcoin is money (which I believe it is), then we need to pay the price to keep it alive. There is no free lunch. Either we centralize, or we pay the price of decentralization. I know where I stand. Peace.
↑ Parent

Replies (4)

Jerome Powell 21iQ 40TPW's avatar
Jerome Powell 21iQ 40TPW 2 months ago
If you would allow anyone to anonymously and permanently store and retrieve forever any number of 100KB contiguous data blocks on 39K redundant nodes all around the globe including in space for a one time fee of roughly $111/100KB of worthless fiat, you haven't really thought this through. There's no other anonymous immutable distributed file sharing service like it in the world. To certain people, that's priceless. To others, fiat currency is unlimited. Think about it. Satoshi said it would be unwise. He's still right. Nick Szabo just reawakened to echo Satoshi on this. This is why we should leave OP_RETURN alone AND fix the inscriptions hack like Knots already does. Thank you for your attention to this matter! #Enshitcoinification Running #Knots #MBDA
Default avatar
cheesypleb 2 months ago
I would describe myself as a technical user and I understand the technical arguments core is attempting to make but I think you are still wrong here. Yes perfect spam filters don't exist, but saying that decentralised spam filters can never work is not true otherwise email would be unusable. Yes I know email is more centralised now than originally intended so maybe not the perfect example but I can still run an email server and filter 90%+ of spam myself. What's important is making bitcoin hostile to spam, yes it's a cat and mouse, wack-a-mole game that will never be 'won', but total victory is not needed. The alternative, to accommodate spammers by giving them a 'nice' way to spam only encourages them, both to spam more and to demand more and more 'accommodations' via essentially blackmail - give us what we want or we harm the chain with more UTXOs etc. Making bitcoin hostile to spammers has worked pretty well for years (apart from the inscriptions fiasco caused by core not fixing a bug - again an example of what happens if you accommodate spammers). There is a reason most scams/spam has occured on other chains rather than bitcoin up till now.
Mountain Man's avatar
Mountain Man 2 months ago
Well said. For me it starts with must-have changes only. It should be painfully obvious the system isn't functioning as intended. If you have to convince me that a change is needed, it's not needed. I would tell those people to find a problem that needs solving, don't invent one.
1 replies ↓
epsql's avatar
epsql epsql@nsec.app 2 months ago
The problem is that not all issues can be solved by making changes to software, but that's exactly the only thing developers, and in this case Bitcoin Core developers, can do. Mining decentralization would benefit much more from there being pools using StratumV2 with independent job declarations than by any other efforts IMO, yet this is not something that can be achieved by changing lines of code.