Content Moderation

Overview

Arweave is a network designed for permanent storage of data. It is a practical impossibility for data to be wholly removed from the network once it has been uploaded.

The AR.IO Network has adopted Arweave's voluntary content moderation model, whereby every participant of the network has the autonomy to decide which content they want to (or can legally) store, serve, and see. Each gateway operating on the network has the right and ability to blocklist any content, ArNS name, or address that is deemed in violation of its content policies or is non-compliant with local regulations.

NOTE

Overly restrictive content policies may impact a gateway's likelihood of receiving protocol rewards.

Gateway operators may set content to be blocked by their gateway by submitting a Put request to their gateway defining the content to be blocked. This requires that the ADMIN_API_KEY environmental variable to be set in order to authenticate the moderation request.

The simplest method for submitting moderation requests to a gateway is to use curl in a terminal.

Authentication

Moderation requests must contain the gateway's ADMIN_API_KEY in the request Header, as Authorization: Bearer.

For example, if a gateway's ADMIN_API_KEY is set to secret, any request must contain Authorization: Bearer secret in the Header.

Block Data

Specific data items can be blocked by a gateway operator by submitting a Put request containing a json object with three keys:

  • id: The Arweave transaction Id of the data item to be blocked.
  • notes: Any note the gateway operator wants to leave him/herself as to the reason the content is blocked.
  • source: A note as to where the content was identified as requiring moderation. i.e. a public block list.

Requests to block data must be submitted to the gateway's /ar-io/admin/block-data endpoint.

Block Data

curl -X 'PUT' \
  'http://localhost:3000/ar-io/admin/block-data' \
  -H 'accept: */*' \
  -H 'Authorization: Bearer secret' \
  -H 'Content-Type: application/json' \
  -d '{
  "id": "3lyxgbgEvqNSvJrTX2J7CfRychUD5KClFhhVLyTPNCQ",
  "notes": "This content is offensive",
  "source": "Public Block list"
}'

Unblock Data

At this time, blocked data items can only be unblocked by manually deleting the corresponding row from the data/sqlite/moderation.db database. The Arweave transaction Id of the blocked data item is stored in the database as raw bytes, which sqlite3 accepts as a BLOB (Binary Large OBject), and so cannot be accessed easily using the original transaction Id, which is a base64url. Sqlite3 is able to interact with a hexadecimal representation of the BLOB, by using a BLOB literal. To do so, wrap a hexadecimal representation of the Arweave transaction Id in single quotes, and prepend an X i.e. X'de5cb181b804bea352bc9ad35f627b09f472721503e4a0a51618552f24cf3424'.

Where possible, consider using the notes or source values to identify rows for deletion rather than the id.

Unblock Data

sqlite3 data/sqlite/moderation.db "DELETE FROM blocked_ids WHERE id=X'de5cb181b804bea352bc9ad35f627b09f472721503e4a0a51618552f24cf3424';"
# Note that the id in this command is a BLOB literal using the hexadecimal representation of the Arweave transaction Id, not the transaction Id in its normal base64url format

Block ArNS Name

ArNS names can be blocked so that a gateway will refuse to serve their associated content even if the name holder updates the Arweave transaction Id that the name points at.

This is done via an authenticated PUT request to the endpoint /ar-io/admin/block-name containing a json object with three keys:

  • name: The ArNS name to be blocked.
  • notes: Any note the gateway operator wants to leave him/herself as to the reason the content is blocked.
  • source: A note as to where the content was identified as requiring moderation. i.e. a public block list.

Block ArNS Name

curl -X 'PUT' \
  'http://localhost:3000/ar-io/admin/block-name' \
  -H 'accept: */*' \
  -H 'Authorization: Bearer secret' \
  -H 'Content-Type: application/json' \
  -d '{
  "name": "i-bought-a-potato",
  "notes": "Potatoes are offensive",
  "source": "Public Block list"
}'
Undernames
For moderation purposes, each undername of an ArNS name is treated as a separate name and must be moderated separately.

Unblock ArNS Name

Gateway operators can unblock ArNS names that were previously blocked.

This is done via an authenticated PUT request to the endpoint /ar-io/admin/unblock-name containing a json object with a single key:

  • name: The ArNS name to be unblocked

Unblock ArNS Name

curl -X 'PUT' \
  'http://localhost:3000/ar-io/admin/unblock-name' \
  -H 'accept: */*' \
  -H 'Authorization: Bearer secret' \
  -H 'Content-Type: application/json' \
  -d '{
  "name": "i-bought-a-potato",
}'