An artificial delay should discourage flood attacks. Either that or do some sort of thing where you figure out how many posts per day the average user does and then not let people post above that limit.
Well, you have to limit the number of accounts they can possibly have by whatever method possible, either by charging per account or some sort of proof of work or phone number verification or something that limits the amount of accounts that they can have. Once you have done that, what you need to do is cost them something such as how proof of work costs computing resources. If it takes 10 seconds to post a tweet, then sending out 1 million tweets takes 1 million times 10 seconds or 10 million seconds, or 166,666 minutes or 2777 hours or 115.7 days And that’s all from a 10 second Proof of work requirement. For a regular user, that’s not a problem. For a spammer, that’s a huge problem.
what would an artificial delay do? Litteraly nothing. Also they can scan posts after they have been uploaded. And a scan shouldnt take even a second.
An artificial delay should discourage flood attacks. Either that or do some sort of thing where you figure out how many posts per day the average user does and then not let people post above that limit.
You didn’t explain how. It doesn’t matter to wait a little bit. It’s not like they’re using only one connection and one account.
It’s also not clear to me how waiting longer suddenly charged how easy it is to detect bots.
Well, you have to limit the number of accounts they can possibly have by whatever method possible, either by charging per account or some sort of proof of work or phone number verification or something that limits the amount of accounts that they can have. Once you have done that, what you need to do is cost them something such as how proof of work costs computing resources. If it takes 10 seconds to post a tweet, then sending out 1 million tweets takes 1 million times 10 seconds or 10 million seconds, or 166,666 minutes or 2777 hours or 115.7 days And that’s all from a 10 second Proof of work requirement. For a regular user, that’s not a problem. For a spammer, that’s a huge problem.