Problem
Currently, the Waku (v2) network does not implement anti-spam solutions. Work is currently in progress with RLN logos-messaging/logos-delivery#394 https://rfc.vac.dev/spec/17/.
In the following Community type:
- restricted with auto-approval
- restricted with manual approval
- Token gated with auto-approval
- Token gated with manual approval
Community Owner's nodes have to process and, for manual approval community types, request the Community owner to take action for incoming join requests.
With the current design, the Community Owner and their node can be subject of flooding attacks:
- In the case of a restricted community, an attacker could create new keys for each message
- In the case of a token gated community, if the token requirement is low (e.g 1 token to participate, token cost a few cents), the user could setup several accounts and flood using them
Proposed solution
- Investigate the use of centralized service hCaptcha (not preferred)
- Design a decentralized captcha system
Problem
Currently, the Waku (v2) network does not implement anti-spam solutions. Work is currently in progress with RLN logos-messaging/logos-delivery#394 https://rfc.vac.dev/spec/17/.
In the following Community type:
Community Owner's nodes have to process and, for manual approval community types, request the Community owner to take action for incoming join requests.
With the current design, the Community Owner and their node can be subject of flooding attacks:
Proposed solution