hoytech / strfry

a nostr relay
GNU General Public License v3.0
505 stars 99 forks source link

Help combating spam #123

Open gustavonmartins opened 2 months ago

gustavonmartins commented 2 months ago

Given the recent spam attacks that were bad enough, but which will probably get stronger in the future, I would like to propose that the admin of the relay can receive help from other people in the following tasks: A) Deleting spam which already is stored on the relay B) Preventing more spam to enter

To that, the admin could rely on external users reporting to the relay that a note was found which was spammy/objectionable, so that the relay admin has the tools to investigate and decide to either block the sender (prevent more spam on the future), or/also to delete accumulated spam.

To reduce the chance of ill-intentioned reporters "gaming" the reporting, the admin could optionally choose to accept only reports from clients registered/authenticated.

How the admin will take the decision is another topic.

For reaching the goal state in this issue (reporting), NIP 56 can be very useful. Is it possible to implement it and generate some simple report that helps the relay admin in analysing reports and taking action to block profiles and/or delete accumulated spam?

For reference, the nip says:

NIP-56 Reporting

optional

A report is a kind 1984 event that signals to users and relays that some referenced content is objectionable. The definition of objectionable is obviously subjective and all agents on the network (users, apps, relays, etc.) may consume and take action on them as they see fit.

The content MAY contain additional information submitted by the entity reporting the content.

hoytech commented 2 months ago

Hi! Yes, these are good suggestions. I don't think it makes sense to code these policies directly into strfry. However, I believe this can all be implemented externally, using a combination of strfry write policy plugins and strfry delete command. Sorry I don't have time to work on this right now, but I can assist if you (or anyone else) wants to tackle it! If you need help, please jump in our telegram channel.

gustavonmartins commented 2 months ago

Hi, I dont use C++ since a long time, so I cannot do this right now.

But lets discuss so if someone likes the idea and wants to implement it, the idea is mature enough.

About policy, the user would have to define his own, based on what strfry reports.

For those interested on policies, the library CASBIN allows anyone to write a policy in a human readable format, which can then be understand by many, many programming languages, as it has libs for most of them.

Here is a CASBIN playground for those who are curious: https://casbin.org/editor/