I’m 99% sure reddit does a lot of backflips to detect and prevent that. One casual bad actor can only burn up so many IP addresses or API keys in a short period, and I think there’s some undisclosed/“secret” logic to it. It’s like burglary - you can’t stop it but you can cost the burglar sufficient time or money to deter them.
I haven’t dug into Lemmy’s code yet but I am curious what countermeasures against abuse are apart of federation. Signed, time-boxed tokens and IP addresses could be part of the protocol to mitigate abuse via federation.
I’m 99% sure reddit does a lot of backflips to detect and prevent that. One casual bad actor can only burn up so many IP addresses or API keys in a short period, and I think there’s some undisclosed/“secret” logic to it. It’s like burglary - you can’t stop it but you can cost the burglar sufficient time or money to deter them.
I haven’t dug into Lemmy’s code yet but I am curious what countermeasures against abuse are apart of federation. Signed, time-boxed tokens and IP addresses could be part of the protocol to mitigate abuse via federation.