A few weeks ago we announced enhanced image and video understanding in our recommendation engine and spam detection. Since then, we’ve been focused on pushing spam detection even further. Today, we’re sharing how our upgraded system works — and why it matters for decentralized social.
Spam: the never-ending problem
Spam is everywhere online.
In private: we get it in emails, SMS, and DMs.
In public: it floods feeds with fake accounts, impersonations, comments, and mentions.
In commerce: it clogs marketplaces with fake reviews and listings.
Spam is an arms race. Attackers constantly change tactics to get around defenses, while defenders raise the bar to block them. And it’s a balancing act: too strict and you block real users, too loose and spam takes over.
It gets even harder with new users (the cold-start problem), with multimodal content (text, images, videos), and with coordinated scams that attack at scale.
Spam in decentralized networks isn’t just annoying. Left unchecked, it makes feeds unusable and drives real users away.
Why decentralized makes it harder
In Web2, platforms can ban accounts and delete posts from their servers. In decentralized networks, none of that applies. Data is permanent, public, and anyone can post to open protocols.
That means spam filtering has to happen only at the app layer — and small teams don’t have the resources of a Facebook or YouTube moderation army (we’ve been researching how to solve this issue quite a bit ourselves, more in an upcoming blog). On top of that, the social graph and spam defense systems are public, so spammers can study defenses and adapt faster. Finally in crypto networks, the economic upside for attackers is much higher — every airdrop, token, or coin creates motivation to spam.
The Batch Analysis Bottleneck
Some legacy systems like the public spam labels made available by the Farcaster team run as batches on a two-week refresh. That creates two big problems:
Cold start: new accounts are flagged as “spam by default” until the next refresh. Legit users can’t get visibility for days.
Slow to react: spam attacks can run wild for a week or more before filters catch up.
This happens because graph-only methods do not overcome the cold start problem by themselves. The result is a system that either punishes new users or lets spammers slip through in waves.
The scale of the problem
In an analysis of 600K users who were active in the last year on Farcaster, we find that 75% might be considered spammers. In practice, when looking at the daily active users in the last few months, this ratio goes down, and hovers around 20%-30% depending on the bot network's activity (correlated with airdrop, reward, and tipping campaigns).
Because of this high level of spam, the batch analysis is problematic as it considers “new users guilty until proven innocent”, until the analysis runs again.
❜embed’s triple layer real-time spam detection
We built a system that scores content the moment it’s created. It combines three layers that work together:
1. Content understanding
We run an AI model that evaluates text, images, and videos in real time. These models have been trained on large corpus of spam, from SMS to social media – but adapted for Web3 context. For example, SMS based spam datasets include a lot of numbers so if a post on Farcaster contains what looks like a smart contract address, it might get flagged as spam (while it could be the next 100x content coin!).
2. User behavior understanding
Beyond “static” analysis— using names, bios, avatars and sign-up patterns — to catch non-text spam like bots or impersonators, we use an adaptive method to calculate user spam scores. When a user creates a new post, or interacts with one, their overall spam score updates smoothly, so one post can’t unfairly tip the balance. We weight spam scores by action type, giving us a more granular view of user behaviour. For example, a user might have normal posting behaviour but have a running script to flood the network with spammy comments, or with likes of other spammy authors.
The main benefit of this approach is we can catch when a well-behaving user turns spammy, as well as the inverse, all in real time.
3. Trust propagation understanding
As a last line of defense, user spam scores from the last step are updated after a belief propagation algorithm runs on the whole network graph. This propagates the trust graph signals across the network: trust flows from low-risk users to their connections, while suspicion spreads from spammy nodes. This makes the system resilient to follow farms, brigading, and silent lurkers. We invested months of R&D to make this step run in minutes instead of weeks (more deep dives on this in new blog posts!).
Together, these layers make spam detection immediate, fair to new users, and robust against coordinated attacks.
How do we stay neutral and opinionated in design
While many teams decide to use spam detection to completely no-index users’ content in order to save costs, we decided to make spam a “feature”. This means we attach the spam scores and update in real time to every post and author in our recommendation candidates pool.
This way, every feed builder can decide on the experience they want to build:
Take action on spammy content: judging the content itself, not the authors.
Take action at the user level: don’t show a post based on the past history of a user.
A combination of both by mixing two feeds with a different strategy, for example:
A feed from people you follow but moderated at the content level.
A feed from people you don’t follow but moderated at the user level.
And since spam moderation at the user level is such a nuanced topic, we even build more granular controls to apply different thresholds based on different user histories. Head to the console here to see how it works.
Why this matters
For users, it means feeds that feel authentic. The biggest problem in decentralized social isn’t UI design — it’s spam that makes feeds untrustworthy.
For builders, it means clean feeds by default, without having to spin up their own moderation stack. They can focus on building experiences, not spam filters.
For moderators, it means control. They can set thresholds that are stricter or looser depending on the community, and access spam scores directly through our API.
Our edge
What makes ❜embed’s system different?
Instant detection: decisions in seconds, not weeks.
Adaptive scoring: stricter for brand-new accounts, looser for trusted ones.
Holistic coverage: not just posts, but profiles and networks too.
Built for decentralization: designed to filter at the app layer, where spam has to be stopped in open networks.
The bigger picture
Spam isn’t going away. It evolves as fast as defenses do. But with real-time, multi-layer detection, we’re making decentralized networks usable and trustworthy at scale.
And this is only the start. By continuously analyzing public data streams and propagating trust signals across networks, we’re building the foundation for community-auditable-trust infrastructure — a safer social layer that any app can plug into, without sacrificing openness.
Try it today
Spam scores are already live in our feeds and APIs. Developers can customize thresholds, monitor scores, and build moderation flows that fit their communities on the ❜embed Console.
If you’re building in decentralized social and want feeds that are clean by default, we’d love to talk.