Beeen working on these features for the past few days, so let's start again with an index.. it seems like a good idea. =]
INDEX:
1. DETECTION OF SUSPICIOUSLY LATE UPVOTES
2. AUTOMATED DOWNVOTES ON ALL FARMERS'S COMMENTS,
AUTOMATED DOWNVOTES AGAINST FARMERS' LAST MINUTE UPVOTES
3. MY OWN VOTE TRAIL CUSTOM SOLUTION
(without depending on external services - eg. hive.vote that sometimes is down)
4. AUTOMATED MUTE LIST FOR PHISHED ACCOUNTS
5. "GIMME SOME CODE"
6. OTHER DEVELOPMENT UPDATES
7. FUTURE DEVELOPMENT PLANS
Anti-Farming Defense
1. DETECTION OF SUSPICIOUSLY LATE UPVOTES
I have been working on a monitoring solution and from now on a notification will be sent into my Discord server for any account that upvotes close to the voting window end..
( Manual reply from my new alt-account @hive-defender: =] )
FILTERING CRITERIA for late upvotes:
Since filtering all votes broadcasted into the blockchain wasn't a lightweight task, I applied some filters in order to reduce the load on the APIs (that were starting to return some errors - likely as a protection mechanism for DDOS attacks).
( ..intentionally left vague in order to prevent abuse.. )
These are the filtering rules applied to classify a late upvote as suspicious:
Ignored: upvotes with weight below a certain threshold.
1/10th of upvotes above such threshold get checked though. If a farmer spams and upvotes tens of comments, they will still be caught by this check and their name will be known and added to the ban list for all their posts/comments to be downvoted.Ignored: posts with more than X votes, comments with more than Y votes. If a post/comment is popular and voted by legit people, it's unlikely to be a farming attempt.
Ignored: upvotes on comments/posts with pending payout below 0.02
Ignored: some whiltelisted accounts (eg. dustbunny?) - eg. https://peakd.com/@slobberchops/re-bozz-qqqh67
Ignored: posts/comments upvoted last minute if they have an upvote from trusted users (eg. reporters in my whitelist, top-40 witnesses, popular community leaders)
Others:
A list of abuse-fighting accounts that already downvoted on the last-minute upvoted post/comment is also present in the discord notification.
If a high voting-power account already downvoted the comment/post, my downvote trail won't be triggered (because the issue is already been dealt with).
2.
- AUTOMATED DOWNVOTES ON KNOWN FARMERS' COMMENTS shortly after they get posted
- AUTOMATED DOWNVOTES AGAINST UPVOTES GIVEN BY KNOWN FARMERS NEAR TO THE VOTING WINDOW END
I'm using a list of known farmers and not just downvoting blindly any upvote given to a post/comment close to the voting window expiration. This is in place to avoid downvoting legit posts upvoted late.
The known farmers are currently added manually but eventually they will get automatically added by the community using a "!farmer" command (same as the !phishing, !hacked and !scam commands already active).
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
If you are willing to put your Voting Power at disposal for the cause, checkout my post on (my main account) @gaottantacinque. There you'll find a very simple script that anyone can run in their browser to help fighting abuse.
Other 2 ways to help:
- Follow @keys-defender downvotes on posts using hive.vote: https://hive.vote/dash.php?i=15&id=3&user=keys-defender&type=2
- Follow @hive-defender downvotes on comments using rewarding.app -> see @shmoogleosukami's post for some detailed instructions on how to set it up.
3. MY OWN <custom> VOTE TRAIL
I implemented my own vote trails so that I can have a list of accounts follow all votes of one or more target accounts.
It's also possible for me to easily configure an account to only follow positive or negative votes and also to always use a fixed vote weight or use the same exact weight as the target ("lead") account.
If you want to follow @keys-defender or @hive-defender votes and you trust me to the moon and back, I could add your account to my own vote trail. But it's probably better for you to use one of the 2 tools above because my solution would require me to manually add the vote follower private posting key... 😬
Example of my UPVOTE trail:
@hive-defender UPvote followed by 3 accounts of mine:
~ transaction with @hive-defender initial vote: Outcome: Example of my DOWNVOTE trail:
~ transaction with the following votes of 3 accounts of mine:
AND LAST BUT NOT LEAST..
4. Automated mute list of hacked accounts
You can now see that I created a @key-defender.shh account that is only responsible for maintaining mute lists in a fully automated way.
Hacked/phished accounts get automatically added to that mute list as soon as they are reported.
( It's not the best name, I know. But it wasn't easy to come up with something decent with all the rules on Hive names - my best pick would have been "keys-defender.mutelist" but it was too long )
List of compromised accounts added so far:
(not all of them yet - see RC issue at the end of the post):
https://hive.blog/@key-defender.shh/lists/muted
( Logs for nerds: )
How does it work?
Every (max) 5 minutes:
New hacked accounts added in any external ban list (eg. @spaminator's and @guiltyparties's) get automatically added to @key-defender.shh mute list.
Recovered accounts removed from such lists get automatically removed from my mute list too.
Every time an account is marked as phishing using the dedicated command !HACKED that top40 witnesses and whitelisted users can use, the account is not only added to @keys-defender's hacked accounts ban list as usual, but it's now also immediately added to @key-defender.shh mute list.
In this way, Community leaders that configured their Community to follow my mute list, will immediately hide all the newly reported compromised account's comments.
If the hacked account is not reported through my "!hacked" command and only added to @spaminator's api or @guiltyparties API, my code will still pick up those changes and automatically mute that user withing 5 minutes.
My usual auto-replies will still go out, since not all phishing comments are spammed in communities.
Note for @hivewatchers @spaminator @guiltyparties: when you remove a user from your own ban list feel free to remove it from mine too (I will make a "!RECOVERED" command available soon - see "future development plans" at the end of the post).
TESTING:
I am asking @louis88 to help test this new feature using his testing community.
I tried with my own testing community but being short on time to try things out and find the right features in the UI, I abandoned it early and decided to just ask the community for help =]
In @louis88's post he suggested 2 solutions:
- Solution 1: done, I granted @key-defender.shh posting autority to my testing Community and Louis did the same for his.
Now, how does the community follow @key-defender.shh mute list? 🤔
I cant find that setting ( sleep deprivation does not help either.. =] ). Maybe @blocktrades could chime in too to shed a light? :)
- Solution 2: I do not see the option to follow a specific account mute list.. 🤔
In order to move things forward with our tests I added @b0t5-testing to @key-defender.shh mute list:
And here is its comment that should appear as hidden in @louis88 testing community:
https://peakd.com/hive-166109/@b0t5-t3sting/qr4jk5
UPDATE: I discussed this approach with Louis, Blocktrades, Argarth and Quochuy and it looks like I need to write a bit more of code to be notified of any new community that made @key-defender.shh moderator and automatically add any old and all new phished accounts to their own mute lists - doable.
UPDATE2: This is now done but cannot be tested until a bug in Hivemind is fixed. The comments of muted users in any community at the moment are currently NOT hidden.. Blocktrades should be looking into this soon.
GIMME SOME CODE
Adding a user to a mute list is this simple! 👇
( Thank you @mahdiyari for pointing me in the right direction! )
// operation prep
const customJson = JSON.stringify(
['follow', {
follower: 'key-defender.shh',
following: [hackedUser],
what: ['ignore'], // <<<<<<<<<< THIS IS HOW YOU ADD IT TO YOUR MUTE LIST
// LEAVE THIS ARRAY EMPTY INSTEAD TO REMOVE THE USER
}]
);
// broadcast
hive.broadcast.customJson(
privatePostingKey,
[],
['key-defender.shh'],
'follow',
customJson,
(err, result) => {
if (err) console.error('Unable to mute user', hackedUser, err);
else console.log('User muted correctly', hackedUser, result);
}
);
OTHER DEVELOPMENT UPDATES
Changelog:
- Added to @keys-defender the ability to re-scan a specific range of blocks of the Hive blockchain in order to timely handle newly reported phishing domains in older comments/posts
- Bug fixes
- Performance improvements
FUTURE DEVELOPMENT:
My priorities remain pretty much unchanged. I may have less time in the next few weeeks though. Hang in there!
- @kd to follow hive-defender up-down/votes + notify discord of late votes ✔️
- Mute lists and tests in testing community using @key-defender.shh ✔️
- Formula to counteract exact votes (plus UI?) -- ** deferred **
----- Next: - Universal script to use new banlists. + other improvements + PR for condenser
- Allow community to remove entries from ban lists
- pwnd emails check (quick feature)
- Abuse reports (rewarded) and separate abuse lists (plagiarism, farming, etc)
- Tech-only proposal to cover expenses ??
- Old (huge) backlog. Eg. bug fixes ( boring.. =] ).
😎
DELEGATIONS NEEDED
- @key-defender.shh needs to add to its mute list thousands of known compromised accounts and does not have enough RC to do so.
- @keys-defender is already using most of its resources to counteract farming, please consider delegating to @keys-defender / @hive-defender / @key-defender.shh.
Thx! =]
Take care,
@keys-defender (@gaottantacinque)
There is currently no mechanism by which a community can follow someone else's mute list (for the purpose of muting posts in that community). I think it would be possible to implement this in hivemind, if there is sufficient interest in having hivemind work this way.
Oh, I see. So the solutions in @louis88 post were actually proposals and not concrete solutions that can be used right now.
Thoughts about this @jarvie @asgarth (Peakd) @quochuy (Hive.blog) @khaleelkazi
(LeoFinance) @good-karma (Ecency), @chrisrice (Dbuzz), @theycallmedan, @starkerz (3Speak) @themarkymark (STEM geeks) ?
The proposed solution described in that post can be good and maybe also easy to implement. Most of the code required should already be there as it is based on the decentralized blacklists.
When changes at Hivemind level are more effective, there still can be things that could be done purely on the frontend side. We could maybe add a custom parameter to the community account so that it can follow someone else’s mute list. When a post from a community is loaded, the frontend can load the external mute list and hide if needed. It would be faster if it was on Hivemind but still acceptable when done on the frontend. To be tested.
Yep, makes sense can be done on the frontend too. I think that one of the disadvantages though is that all frontends would have to implement that separately.
@shmoogleosukami thank you for the new delegations! 💪
Nice - Good Job!
In my Test Area im just added the .shhh account to the following segments:
maybe check out what will be the best solutions and easiest way to add the muted list :)
thanks for the awesome work <3
Cool stuff. Some of the abuse has been getting worse lately, so we need these tools. Accounts are pumping out duplicated posts to farm rewards. Hope we can deprive them.
!LUV
Command accepted!
Great and usefull work
@tipu curate
Upvoted 👌 (Mana: 98/112) Liquid rewards.
Hi @keys-defender, you were just shared some LUV. :) Having at least 5 LUV in your wallet enables you to give up to 3 LUV per day, for free. See the LUV tokens in your wallet at https://hive-engine.com or learn about LUV at https://peakd.com/@luvshares https://ipfs.io/ipfs/QmZosc5B9VvqHJs1xVbLoxxGGc6BfmwJukG1dAr3J6PBLX
This post was shared and voted inside the discord by the curators team of discovery-it
Join our community! hive-193212
Discovery-it is also a Witness, vote for us here
Delegate to us for passive income. Check our 80% fee-back Program
!discovery 30
Hi there. Today I got a slurry of downvotes on my most recent post on my account. And I don't understand why and started to investigate. It seems I was targeted by your bot. I went to the discord but it's not very helpful. How does one appeal or get whitelisted? It seems once upon a time (on Steemit) my account used Upvotebot (@pfunk told me about this) and that was okay and legal to do over there. I recently found my keys and have been getting to learn hive and try to learn to use PEAKED and post content here testing things. I REMOVED upvotebank auth and also @guiltyparties said I was removed from the blacklist. All of the promotional tools I used are legitimate and PAID for with steem, including directly promoting and not too much. My posts are
I formerly was curated by Curie, wrote posts on Steemit about security AND about being in support of original quality content - I really don't get it.
I think you commented on 10 posts of mine about this accidental 20c downvote and since I usually reference my articles in other posts and comments, that's a bit annoying.. =]
(Explanation: https://peakd.com/hive-139531/@keys-defender/why-am-i-being-downvoted-anti-farming-feature-abused-by-ctime)
Future plans reference:
😎
Update:
Thread: 398612955270217728/398612955270217730/1051230433670594630