Will implementing a CAPTCHA-like system require modifying multichaind source?

+1 vote

Firstly, thank you for developing this amazing software. I'm going to be releasing an early alpha build of an application I'm working in a few weeks, and multichain is the biggest engine humming away inside it.

I need to implement a CAPTCHA-like system to prevent users from spamming the blockchain with garbage. I've been thinking about this problem a lot, and I suspect I will need to modify multichaind to accomplish this. I'll explain why my thinking has led to this conclusion, please let me know if there is another way I could tackle this problem.

Essentially, by main concern is that a user could receive asset issuing permissions on a blockchain (through my application), and then take their private key, connect to the blockchain with multichaind directly, and proceed to flood the blockchain with bad/useless data.

So far, the one solution I've come up with is integrating a CAPTCHA-like system directly into multichaind, perhaps requiring CAPTCHA entry only to users of a certain permissions group (e.g. an admin could continue to publish to the blockchain without entering CAPTCHA responses).

Does this seem like a reasonable solution, and can you think of any ways to incorporate this without modifying multichaind? Open to any solution that could help me prevent spamming/abuse of publishing rights to a blockchain.

Thank you!
asked Dec 1, 2016 by fortress_

1 Answer

0 votes
I don't think you can really implement a CAPTCHA on a blockchain, because there is no central party who can present the challenge and then confirm the response.

In general the solution to concern about spam is to use a blockchain's native currency to ration the generation of transactions. Either the chain creator, or every block validator, receives units of the native currency, and can then send those to other users as appropriate. Then you can define minimum quantities per transaction output, or as a free for relaying transactions.

See the 'Native blockchain currency' section of the blockchain parameters:

answered Dec 2, 2016 by MultiChain
Thanks for the reply! By the way, is there an official IRC channel or similar?

I appreciate the information about native currency, I will fully explore that option.

I was banging my head trying to come up with a way to implement a CAPTCHA on a blockchain. What about something like the following?

- multichaind at node A receives asset publish request from node B (to publish to blockchain C)
- multichaind at node A spins up a new blockchain (blockchain D)
- multichaind at node A generates a captcha image and publishes it to blockchain D, and stores the captcha response in memory
- multichaind at node A sends link to blockchain D to node B
- multichaind at node B connects to blockchain D and presents captcha image to user (through my application)
- multichaind at node B sends CAPTCHA response to node A
- if correct, multichaind at node A then publishes the asset to blockchain C
- multichaind at node A and B both disconnect from blockchain D, and delete it from disk

This way, if someone were to try to spam blockchain C, instead of garbage being written to blockchain C, the only thing that would happen is a bunch of CAPTCHA images would accumulate in blockchain D.

Just brainstorming, what do you think?

I would possibly even settle for multichaind requesting CAPTCHA image links from, and verifying responses from, a central server of some kind. Though that isn't nearly as cool.