Using a Hashcash to Slow Twitter Spam

October 13, 2009 at 09:23 AM | Uncategorized | View Comments

The problem? Twitter is full of spam. Don't believe me? Just mention 'hosting' and you'll get anonymous messages suggesting "a comparison of the top ten hosting services".

A possible solution? Hashcash.

For example, assume @spammer wants to follow @wolever. When @spammer sends the HTTP POST to Twitter saying, for example, "add_follower": "wolever", they must also submit a string, s, such that the first 8 bytes of sha1('spammer wolever' + s) are 0. For example, "add_follower": "wolever", "hashcash": "blahblah", if sha1('spammer wolever' + 'blahblah')[:8] == "00000000".

Of course, this is just a rough example: in reality, the "cost" of the hashcash (ie, how many leading zeros are required) should be based on something like the spammer's blocked/following ratio (that is, the number of people who have blocked them over the number of people they are following), or something more elaborate… But, hopefully, the idea makes sense.