Now that I'm kind of awake and more human now (haven't been sleeping for shit lately) here is an update on scramble bots and how freelay is dealing with them.
So based on my logs, this is how the scramble bot is behaving. It was getting past my "fast reply filter" that was set to stop replies that happened in under a second or two. (most humans take at least a small handful of seconds to reply from seeing the note, typing and hitting send. So I guessed most humans can't reply in 2 to 3 seconds) They were spoofing their time stamps. So I made that more robust, I switched from using event timestamps to actual receipt timestamps.
Even after that, they still got past the initial block and I found that after the first event got rejected they would resubmit the same event over and over again with 300ms gaps in-between until it got allowed in. So I had to add a map store for events that would look for double submissions before writing directly to the database.
Blocking them by IP was not useful as I saw a few IPs in my logs, but they all use the same Cloudflare URL for a nip-05, so arguably you could blacklist a URL like that, but it's too easy to change.
Anyway. These bots just make nostr better and makes me better at managing spam. They are annoying as fuck but in the long they just make us better.
Enki
npub1gn…merrq
2025-06-06 18:38:01
Author Public Key
npub1gnwpctdec0aa00hfy4lvadftu08ccs9677mr73h9ddv2zvw8fu9smmerrqPublished at
2025-06-06 18:38:01Event JSON
{
"id": "2a0f253dc32d4f4bd61512736958ba63fb49dbc278459c0e0fcdec2a9398e3bf",
"pubkey": "44dc1c2db9c3fbd7bee9257eceb52be3cf8c40baf7b63f46e56b58a131c74f0b",
"created_at": 1749235081,
"kind": 1,
"tags": [],
"content": "Now that I'm kind of awake and more human now (haven't been sleeping for shit lately) here is an update on scramble bots and how freelay is dealing with them. \n\nSo based on my logs, this is how the scramble bot is behaving. It was getting past my \"fast reply filter\" that was set to stop replies that happened in under a second or two. (most humans take at least a small handful of seconds to reply from seeing the note, typing and hitting send. So I guessed most humans can't reply in 2 to 3 seconds) They were spoofing their time stamps. So I made that more robust, I switched from using event timestamps to actual receipt timestamps. \n\nEven after that, they still got past the initial block and I found that after the first event got rejected they would resubmit the same event over and over again with 300ms gaps in-between until it got allowed in. So I had to add a map store for events that would look for double submissions before writing directly to the database. \n\nBlocking them by IP was not useful as I saw a few IPs in my logs, but they all use the same Cloudflare URL for a nip-05, so arguably you could blacklist a URL like that, but it's too easy to change.\n\nAnyway. These bots just make nostr better and makes me better at managing spam. They are annoying as fuck but in the long they just make us better. ",
"sig": "70b0c5f884ac99a45a9b196d72f01d99879a90bf0825eb5a01a7ce6060f71cfe973df811650235f41d345622ad539a9167dda0cd566140ede1e6bae82bb8b770"
}