In clr.fund round 4, we hit the message cap for the first time, which meant that no new messages could be broadcast and a handful of contributors were unable to vote. There was nothing to suggest anything about this was malicious, it was just signs of early success.
However, in Gitcoin Grants round 9, there has been some contribution behaviour that is clearly spam.
Bot accounts making hundreds of tiny contributions to every project in the round, presumably to farm future airdrops that use contributing to Gitcoin as recipient validation.
Along with potential airdrop farming, in clr.fund’s case, there is additional incentive for spam transactions. As an attacker, you can gain disproportionate influence over a round if you can be certain that no new messages can be sent.
How can we solve for this issue?
I haven’t put any significant amount of thought into it yet, but wanted to kick off a discussion nonetheless.
A naive solution might be a flat message fee that is either burned or contributed to the next matching round. This would hurt the UX, make it more complex to do things like using a relayer for messages, and essentially create a fixed cost for denying service to the round. So long as owning the round was more valuable than the cost of all of the messages, it would still be a viable attack.
Another might be a dynamic message fee that is a function of the on the rate/demand for publishing messages (sounds kind of like Ethereum’s gas market). Assuming the round was not being attacked, then this fee would probably be insignificant, but the cost would grow significantly for any user trying to spam messages. In this case, owning the round is probably cost prohibitive, but an attacker could make it cost prohibitive for other users to contribute (a least for short periods of time).
What other mechanisms could we use to combat this?