Add flood limiter to chats #2970
Comments
|
We already have a prevention mechanism in place for this, which is the proof of work factor applied every time a message is sent. I have made a PR to increase the cost for public chat messages. |
|
Interesting to know 👌🏻 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It was probably just a matter of time, and now that I think about it, strange it didn't happen sooner.
I noticed a moderation report in my instance about "spam", and then I went checking, there were 308 unread messages in Discussions or Assistance, can't remember which one anymore, as, after ascertaining the reported user was the one behind the garbage being posted, I immediately banned him and deleted everything.
He still managed to flood the chat with 300+ messages. Other than being a UX nightmare, this could be used as a means for DDoS one day, so I think there should be a measure to have the local client limit the total number of outgoing messages per time unit (10 per minute and 20 per 5 minutes? to be defined), and also remote clients refuse to relay new messages coming from the same profile, that overcome that limit (in case someone modifies his local code), just like lightning nodes will not relay gossip when it's been broadcasted at a rate higher than a certain value.
The text was updated successfully, but these errors were encountered: