moja.blue / mezzanine
ATProto-native Lexicon definitions for Mezzanine, an information networking system using opaque cashtag connectors on Bluesky.
fork atom

Spam resilience through credential-scoped visibility #3

open opened by moja.blue

The problem#

ATProto's openness is also its spam surface. Anyone can spin up a PDS, mass-produce accounts, and push content into the relay. The current countermeasure is domain-level banning at the relay — whack-a-mole by definition.

A recent case study makes this concrete. Spam operators were using HuggingFace Spaces to host disposable PDSs, with all secrets (PLC signing key, repo signing key, JWT, admin password) exposed in public Dockerfiles. A developer reversed the attack by seizing those keys and auto-taking-down new accounts. Bluesky then banned *.hf.space from the relay.

Two things are true simultaneously: the key-based takedown proved ATProto's cryptographic model works, and the domain ban proved the current spam response doesn't scale.

Reference: https://mat.leaflet.pub/3mha4nn7ae222

Where Composable Trust fits#

The structural answer is not better filtering at the relay. It is making spam invisible at the community layer.

A Roster issues credentials. A Venue scopes its feed to those credentials. A spam account without credentials never enters the Venue's feed — not because it was detected and removed, but because it was never eligible to appear.

This is prevention, not cure. The spam exists on the network. It simply does not exist in the community's field of vision.

The shared principle with Mezzanine#

Mezzanine's cashtags already operate on this logic. Hashtags are discoverable by meaning — spammers can parasitize them. Cashtags are opaque connectors — you must already know the tag to find the channel. The barrier is not a wall but undiscoverability.

Composable Trust extends this from topic discovery to identity. A Roster credential is to community membership what a cashtag is to content routing: you must be issued it to participate. The spam account cannot guess its way in.

Three layers of undiscoverability, bottom to top:

  1. Cashtag opacity — content routing invisible to outsiders
  2. Credential scoping — feed visibility gated by Roster membership
  3. Bucket encryption — permissioned data unreadable without keys

Each layer is independent. Mezzanine works without credentials (current state). Credentials work without buckets (public but vetted communities). All three together create spaces where spam has no attack surface.

What this does NOT solve#

  • Spam on the open network remains. This is a community-layer defense, not a protocol-layer filter
  • A compromised Roster (issuing credentials to spam accounts) breaks the model. Roster governance is the trust bottleneck
  • Relay-level countermeasures (domain bans, rate limiting) are still necessary for the public firehose. Composable Trust protects communities, not the commons
sign up or login to add to the discussion
Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:plc:aajyn6qzw67cnmwf7zxzbjdy/sh.tangled.repo.issue/3mhdgelcptl22