Veridonia Logo

Whitepaper

Making Bot Attacks Costly

Making Bot Attacks Costly

There is a simple reason bot attacks are so common on social media: they are cheap and they work.

Think about how the systems we are all used to — call them like/upvote-based systems, or LUBS — are built. Anyone can vote on anything, as often as they want, with zero consequences. Your vote counts the same whether you read the post or not, whether your account is three years old or three minutes old, whether you are a person or a Python script running on a rented server. There is no cost to voting and no penalty for getting it systematically wrong. No skin in the game at all.

So of course people game it. You want your product on the front page? Hire a click farm. You want to push a political narrative? Run a bot network. The tooling is mature, the services are openly for sale, and the results are immediate. LUBS are not structurally designed to resist this. They are designed to measure engagement, and bots engage just fine.

It also matters that LUBS are not real democratic voting. There is no defined electorate, no clear question being asked, no binding outcome. A good track record of thoughtful participation usually counts for nothing. A fresh account votes with the same weight as a veteran contributor. When the system cannot tell genuine participation from manufactured noise, manufacturing noise is the rational move.

Why we think Veridonia is harder to game

One of Veridonia's stated design goals is "resistant to capture, not dependent on trust." Not as a feature — as a structural property. The question is what makes manipulation expensive here when it is so cheap on LUBS. The mechanisms below are part of our voting system, described in more detail there.

Start with the cost of voting. On LUBS, a vote is free: cast as many as you like, in any direction, with no consequence. On Veridonia, every vote runs through a prediction-based rating system (PBRS): an Elo-style mechanism where your rating rises when your votes match the community outcome and falls when they don't. Every vote is a bet that the community will agree with you. Bots voting without understanding the community tend to end up on the losing side and lose rating over time. Coordinated actors pushing content the community does not actually want lose rating too. And falling rating means tighter posting limits, exclusion from higher-impact decisions, shrinking influence across the board. Ratings are also local to each community, so influence built in one place does not transfer to another. On LUBS, manipulation is free. Under PBRS, it compounds against you.

Next, consider who gets to vote. On LUBS, anyone who sees a post can vote on it, which means an attacker just needs to direct enough accounts at the right target. On Veridonia, you do not choose which posts to vote on. You are randomly selected, like jury duty. You cannot target your effort when you do not control who is in the room. On LUBS, the relationship between bot accounts and influence is direct: more accounts, more votes, more impact. Under sortition, that relationship is sublinear: adding accounts increases your odds of being drawn into a panel, but you cannot guarantee presence in any specific decision, and the advantage grows weaker as the community gets larger.

Then there is multi-stage voting (MSV). In larger communities, posts pass through two stages. Stage 1 draws a random sample from the broader community for quick noise filtering. Posts that survive advance to Stage 2, where a smaller panel of high-rated reviewers makes the final call. MSV matters for bot resistance specifically because it creates a bottleneck that is very hard to reach. To control Stage 2 outcomes, you need a majority of bots not just present on the platform but highly rated, meaning they would have had to vote in alignment with real community outcomes, across many decisions, over an extended period, without getting caught. Is that theoretically possible? Sure. But compare it to LUBS, where you hire some people, run a script, and the result is instant and guaranteed. Here, you need a sustained network of coordinated accounts behaving authentically long enough to build the ratings required before they can even touch the decisions that control visibility. The cost difference is not incremental — it is structural.

And even if something does slip through, an editor can remove it. If the editor is the problem, their decision can be appealed, triggering a new review by a different, independently selected panel. Another roll of the dice, another barrier.

On top of all this, we do the ordinary stuff too. PBRS-based throttling limits how often low-rated users can post. New accounts inherit the lowest rating from their IP address, so spinning up fresh accounts from the same source gets progressively worse. Guest accounts face tighter restrictions. None of these are unique, but layered on top of PBRS, sortition, and MSV, they close off the cheap paths that LUBS leave wide open.

Making Bot Attacks Costly · Veridonia