Comments (22)
Maybe spam detection process/thread/app can be a different app and speaking to the main relayer to ease the load..
from strfry.
I have a list of possible spam mitigations like IP and/or pubkey-based rate limits. I'm not sure what would be the most effective. Looking at the number of followers of a possible spammer is an interesting idea! You'd probably want some kind of web-of-trust approach to avoid the spammer creating a bunch of fake followers.
You're right, the GM bot could be filtered out with simple content rules. I think ultimately we'll have to take cues from email like bayesian content filtering, IP-based blacklists, whitelisting indicators (SPF/DKIM), etc.
I think the relay will need some kind of built-in rate limits to prevent high-rate spam from ever getting recorded/rebroadcast. I do like your idea of a dedicated "filtering" relay process. You could put it in front of any nostr relay and it would enforce whatever kinds of policies you want.
from strfry.
I guess NIP-13 needs to be improved for client-relay negotiation about the required PoW.
Yes that web-of-trust can be like a Python machine learning process to detect spams. It coordinates with the relay on a different mechanism. I was thinking like a background process, looking at past events and coming up with rules for relay to follow..
from strfry.
I tried to add to NIP-20. fiatjaf said just use the existing return mechanism.
nostr-protocol/nips#178
from strfry.
IPv4 based rate limiting would work for a while. Maybe 20 events/min if a user is liking all the posts in a thread? Queries can be a lot higher / minute. Like 240 / min? Just throwing numbers. Have no idea what the actuality is.
from strfry.
note1k0c0yssl4h0x6vyrfcmuw83mgjl53qv2ja8ajvd68wgw9xsy8ulqumju2v @jb55 talks about how clients submit 'reports' and how other clients can use it.
I guess relays can use that data too.
from strfry.
https://github.com/nostr-protocol/nips/blob/reporting/56.md
This is not master branch though.
from strfry.
I'm behind cloudflare, where's the best place to pull the CF-Connecting-IP header and use that for the source IP for logs and ip blocking?
from strfry.
spammers are slowly filling up my harddrive space, any way to rate limit them?
from strfry.
or even a way to drop lots of data at once? how do you even query this database. it was pretty easy with sqlite but now I'm lost here :P
from strfry.
You are using the version from the master branch right? This version has a known issue that the harddrive usage will grow excessively over time. I'm almost ready to release an official "0.1" branch, but for now I think the beta
branch is pretty stable. @etemiz has been running it on wss://nos.lol
for a few days now. Unfortunately, you'll have to rebuild the DB (strfry export > dump.jsonl
and then mv strfry-db/data.mdb data.mdb.old
and then strfry import < dump.jsonl
).
For dropping data, the beta branch also has a new command strfry delete
. You can pass it a nostr filter and it will delete all events that matched, as well as an optional --age
param. For example, here's how you could delete all events older than 1 day (86400 seconds) that have kind=1: strfry delete --age 86400 --filter '{"kinds":[1]}'
The lack of a custom query language is one of the downsides of using a key-value store like LMDB. What kind of queries would be most helpful? For basic things there's a strfry scan
that will print out all events (in jsonl format) that match a particular nostr filter, for example, all events by pubkeys starting with 00
: strfry scan '{"authors":["00"]}'
from strfry.
Regarding rate limiting, there is a plugin architecture in beta
branch that we're working on, described here: https://github.com/hoytech/strfry/blob/beta/docs/plugins.md
The trick is being able to programmatically determine what is spam and what isn't!
from strfry.
My Python plugins are effective to a degree. Thinking of using 1984 reports soon after I can find the most discerning and uncorruptible users that will never make mistakes (I need to meditate a lot for this hehe)
from strfry.
Sent you an email @jb55
from strfry.
will try the master branch. I'll just grep out the spam on reimport
from strfry.
@jb55 - The master
branch is still the older "stable" one. The beta
branch has most of the bug fixes and improvements. Let me know if you encounter any issues on reimport!
from strfry.
@hoytech can't seem to build beta:
golpe/external/rasgueadb/rasgueadb-generate golpe.yaml build
duplicate tableId: in CompressionDictionary at golpe/external/rasgueadb/rasgueadb-generate line 39.
make: *** [golpe/rules.mk:49: build/defaultDb.h] Error 255
from strfry.
Ahh sorry, I should write better docs for this. I think you need to update submodules:
git submodule update
make setup-golpe
You'll also need to install a new package: apt install -y libzstd-dev
from strfry.
I've done all those things but still get that error =/
from strfry.
even after cleaning
from strfry.
I believe that error is being thrown because the sub-sub-module inside golpe/external/rasgueadb/
is out of date. I would've expected the make setup-golpe
to update that.
Can you try cloning a fresh copy of the repo and building from there?
git clone https://github.com/hoytech/strfry.git
cd strfry
git checkout beta
git submodule update --init
make setup-golpe
make -j4
There must be some reason it's failing to update that submodule, but I'm not sure what it would be.
from strfry.
weird ya fresh checkout worked
from strfry.
Related Issues (20)
- Compilation fails on alpine 3.19.1
- Add support for icon URL in NIP-11 document
- access reports HOT 1
- What happened to the Docker images? HOT 1
- SIGTERM
- Search by tag and tag substring returns no results
- A question regarding the sync command HOT 2
- Up-to-date docker image in dockerhub HOT 1
- Cron deletes events that are not expired HOT 1
- Importing events from another relay using .jsonl import HOT 4
- Feature: retention period HOT 5
- Feature request: NIP-45 Event Count HOT 6
- Build Error HOT 6
- Favicon for relay HOT 1
- Cryptic error messages returned in OK messages HOT 1
- logging controls not documented/working
- docker-compose not working HOT 4
- REQ limit is too low HOT 1
- strify crashes on start HOT 2
- OSX build error
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from strfry.