Like other emerging technologies, NFTs are attracting bad actors exploiting their novel features. NFT spam is now a major problem for wallets, minting platforms, and other NFT-enabled businesses. SimpleHash helps combat spam by including spam scores in its responses, allowing consumers of the API to filter out unwanted collections.
In this post, we’re going to talk about the challenge of NFT spam, and the signals SimpleHash uses to derive its scores.
NFT spam comes in many variants, but the most common form is when someone creates large numbers of NFTs with little to no value or utility, and then sends them out en-masse. (Usually in the form of an airdrop). This makes it difficult for end users to navigate and find the NFTs that they're actually interested in, or actually wanted in the first place. It can also cause congestion on the underlying blockchain network.
This problem is especially noticable on high throughput networks like Polygon and Solana, where the speed and low cost of transactions make it easy for spammers to create and distribute large numbers of NFTs quickly. As a result, users of these networks are more likely to encounter NFTs that they don't recognize, and which may be malicious or part of a scam.
All of this adds up to a poor experience for users who are trying to use NFTs for legitimate purposes. It's hard enough to navigate the rapidly evolving landscape of NFTs and find the ones that are valuable or interesting - having to wade through pages of spam only makes it worse.
Some NFT spam is relatively innocuous - airdropping tokens en-masse serves as a promotional approach, similar to mailbox flyers or generic marketing outreach. Creators of NFT projects may do this to try and bring attention to their project, DAO or some other cause that they’re promoting.
However Spam NFTs aren’t always just annoying, they can also be dangerous. Similar to email spam, NFT spam is often intended to phish end-users for their funds. Most commonly, they may include malicious links in their metadata that serve as attack vectors when users follow them. These sorts of links could prompt for signatures, or take a user to websites that are clones of a legitimate project (and then tricking the user into initiating a transaction that drains their wallet). Some may even include dangerous code within the SVG images of their media. This makes NFT spam a security, as well as a user experience risk.
Weeding out NFT spam is a tough challenge, as it requires a combination of technical and social solutions. That's where SimpleHash comes in. SimpleHash has developed a spam scoring system to help identify spam and scam NFT collections on major blockchains. The system uses multiple input signals to rate each NFT collection with a score from 0-100, with 0 indicating not spam, and 100 indicating likely spam.
SimpleHash serves many of the leading wallets in crypto – many of whom have millions of active users. Our spam scores become stronger thanks to the activity of the users on these wallets, many of whom share spam reports (or flag false positives) to help improve our model, and thus the scoring system over time.
By analyzing multiple input signals, including user-derived data, SimpleHash is able to provide a more nuanced and accurate assessment of each NFT collection's spam risk.
Based on our experience, developing a useful spam score metric requires ongoing fine-tuning and testing, and utilizing multiple different input signals. We’re constantly refining and altering the weights of each signal, but some of those include:
We’re constantly reevaluating how we assess each of these signals, and others to add as factors. Not all are created equally either – we place different weights on each of these signals, and this can vary between different chains, based on what we observe.
SimpleHash generates spam scores at the collection level, and the spam score of a collection may vary over time. We generate an initial score when we first detect a collection and its metadata, and this may change as different input signals (e.g., its presence or not on a marketplace, its listings, or otherwise) change. We may also reassess the spam score as we utilize newer models, or change the weightings in our system.
Overall, NFT spam is a problem that's not going away anytime soon. However, with tools like SimpleHash's spam scoring system, we can work to mitigate the impact of spam on NFT users and help ensure a more positive user experience for everyone involved.
If you’re building an app that could benefit from spam filtering, or interested in learning more, please reach out at hello@simplehash.com. We’d also especially like to hear from you if you think you have interesting signals with regards to NFT spam, or would like to contribute to our dataset.
Learn how Interface uses SimpleHash’s NFT API for seamless multi-chain coverage and efficient media processing, all while conserving significant development resources.