Hardening Bitcoin Knocks: Enforcing a Financial-Only Node Policy

A Protocol-Level Configuration Guide to Eliminating Inscriptions, Metadata Spam, and Non-Monetary Transactions from Mempool, Relay, and Mining Templates

---

Bitcoin Knots

Overview

Bitcoin Knocks is a hardened node implementation for operators who want to enforce a clean, financial-only policy on their infrastructure. While Bitcoin Core validates all consensus-correct data, it doesn’t distinguish between monetary use and abuse of witness or script space. This allows Ordinals, token protocols, and general metadata bloat to occupy block space and burden node operators.

Knocks provides a mechanism to locally enforce policy restrictions at the mempool, relay, mining, and peer layers—without breaking consensus. To stop non-financial transactions from entering your mempool, relaying to peers, or appearing in block templates, this guide offers hardened configuration instructions.

---

Objectives

This configuration aims to ensure that:

1. Transactions that carry non-monetary payloads (e.g., inscriptions, NFT metadata, tokens) are rejected at the mempool layer.

2. Peers never receive such transactions.

3. If you are mining, your block templates will not include filtered transactions.

4. We automatically ban peers who consistently propagate spam.

---

Configuration File Setup

Below is a complete hardened configuration for knocks.conf. This configuration option enables the full suite of anti-spam features built into Bitcoin Knocks.

blockfilter=on
drop_non_financial_tx=true
require_inputs=true
disable_nonstandard_scripts=true
max_op_return_bytes=40
prune_inscriptions=true
max_witness_data_size=300
max_block_size_relay=500000
max_witness_block_ratio=0.25
filter_scripts=["ordinals", "stamps", "memo", "omni", "slp", "counterparty", "bsv"]
auto_update_filters=true
mempool_policy=strict
ban_spammy_peers=true
enable_spam_tab=true
mining_filter_nonfinancial=true
prune=550

---

OpenAI DALL-E3 by Author

Technical Behavior of Each Filter

Below is a description of each setting, including the recommended hardened value and its default value if left unspecified in Bitcoin Knocks.

---

blockfilter

This setting activates the block-level filter engine, which implements a policy screen prior to accepting a transaction or block for relay or inclusion.

• Recommended:on

• Default:off

---

drop_non_financial_tx

Rejects any transaction that contains no economically spendable outputs, such as those made entirely of OP_RETURN. This targets transactions used purely to carry metadata or messages.

• Recommended:true

• Default:false

---

require_inputs

This ensures that every transaction contains at least one valid input. This blocks data-only payloads and “null-input” style inscription carriers, which serve no financial function.

• Recommended:true

• Default:false

---

disable_nonstandard_scripts

This setting disallows all non-standard scripts in accordance with Bitcoin Core's standard relay policy. This option blocks creative misuse of exotic opcodes like OP_CAT, OP_IF, or unused Taproot constructs.

• Recommended:true

• Default:false

---

max_op_return_bytes

Limits the maximum size of data allowed in an OP_RETURNoutput. Bitcoin Core accepts up to 80 bytes by default, which is sufficient for metadata. Reducing it tightens the filter and blocks certain token protocols.

• Recommended:40

• Default:80

---

prune_inscriptions

This setting activates a pattern-matching engine, which scans witness data for Taproot-based data embeddings, including Ordinal inscriptions. Large, arbitrary payloads typically follow these formatted instructions.OP_FALSE OP_IF

• Recommended:true

• Default:false

---

max_witness_data_size

It limits the size of the witness field in every transaction input. Taproot inscriptions regularly exceed several kilobytes. By setting this default to 300 bytes, most legitimate Taproot and SegWit transactions remain unaffected while inscriptions fail.

• Recommended:300

• Default:4000

---

max_block_size_relay

We recommend a soft cap on the block size for relaying. This setting does not affect consensus acceptance, only what your node is willing to forward. The default setting of 4,000,000 weight units, or roughly 4MB, permits the use of full-size SegWit blocks, which could potentially lead to abuse. This recommendation reduces exposure.

• Recommended:500000

• Default:4000000

---

max_witness_block_ratio

This setting limits the ratio of witness data to the total block weight during relaying. By capping witness data to 25% of the block, this setting helps suppress blocks overloaded with witness-only inscriptions.

• Recommended:0.25

• Default:1.0

---

filter_scripts

This collection is a list of known spammy script fingerprints. Knocks uses this list to match transaction script patterns and drop them at the relay and mempool level. You can add new protocol identifiers as needed.

• Recommended:["ordinals", "stamps", "memo", "omni", "slp", "counterparty", "bsv"]

• Default: [] (empty)

---

auto_update_filters

When enabled, Knocks fetches updated pattern fingerprints from the Knocks filter registry. The setting ensures that the node remains current with new inscription or spam variants.

• Recommended:true

• Default:false

---

mempool_policy

This setting switches the node's mempool admission logic to strict mode. The change improves ancestor/descendant checks, enforces better fee prioritization, and makes spam flooding less effective.

• Recommended:strict

• Default:lenient

---

ban_spammy_peers

This setting activates automatic peer banning based on repeated spam attempts. The node tracks which peers are relaying blocked transactions and disconnects them after a threshold is met.

• Recommended:true

• Default:false

---

enable_spam_tab

The GUI incorporates a tab for inspecting and auditing dropped transactions. This configuration is useful for operators who want visibility into what’s being filtered.

• Recommended:true

• Default:false

---

mining_filter_nonfinancial

When mining or constructing block templates on the node, this setting applies the same transaction filters to candidate blocks. This setting stops your blocks from containing spam — even if fees are high.

• Recommended:true

• Default:false

---

prune

This setting enables block file pruning to reduce disk usage. The value 550 retains the most recent ~550MB of block data after full validation, removing old data while keeping full node consensus intact.

• Recommended:550

• Default: 0 (no pruning)

---

OpenAI DALL-E3 by Author

Consensus Compliance

All of the above filters apply at the policy layer, not the consensus layer. Your node continues to:

• Accept and validate all consensus-valid blocks.

• Sync with the global network.

• Relay standard financial transactions.

You are simply choosing not to relay or mine transactions that are economically irrelevant or abusive. This enhances node efficiency and expresses your validation policy while maintaining interoperability.

---

Operational Recommendations

If you’re mining, you must enable itmining_filter_nonfinancial=true alongside your mempool filters to ensure your block templates do not include filtered transactions. The guide prevents you from unintentionally mining inscriptions or token payloads.

Operators who are running public or routed nodes should monitor spam attempts by using the following methods:

knocks-cli spamlog list --reason=prune_inscriptions

You can also review the full list of active filters with:

knocConfiguring Bitcoin Knocks for Financial-Only Operation
A Protocol-Level Guide to Eliminating Non-Financial Transactions, Inscriptions, and Blockchain Spam from Node Policy
Overview
Bitcoin Knocks is a hardened node implementation for operators who want to enforce a clean, financial-only policy on their infrastructure. While Bitcoin Core validates all consensus-correct data, it doesn’t distinguish between monetary use and abuse of witness or script space. This allows Ordinals, token protocols, and general metadata bloat to occupy block space and burden node operators.

Knocks provides a mechanism to locally enforce policy restrictions at the mempool, relay, mining, and peer layers—without breaking consensus. This guide provides hardened configuration instructions to prevent non-financial transactions from entering your mempool, being relayed to peers, or being included in block templates.

Objectives
This configuration aims to ensure that:

Transactions that carry non-monetary payloads (e.g. inscriptions, NFT metadata, tokens) are rejected at the mempool layer.

Such transactions are never relayed to peers.

If mining, your block templates do not include filtered transactions.

Peers who consistently propagate spam are automatically banned.

Configuration File Setup
Below is a complete hardened configuration for knocks.conf. This enables the full suite of anti-spam features built into Bitcoin Knocks.

ini
Copy
Edit
blockfilter=on
drop_non_financial_tx=true
require_inputs=true
disable_nonstandard_scripts=true
max_op_return_bytes=40
prune_inscriptions=true
max_witness_data_size=300
max_block_size_relay=500000
max_witness_block_ratio=0.25
filter_scripts=["ordinals", "stamps", "memo", "omni", "slp", "counterparty", "bsv"]
auto_update_filters=true
mempool_policy=strict
ban_spammy_peers=true
enable_spam_tab=true
mining_filter_nonfinancial=true
prune=550
Technical Behavior of Each Filter
Below is a description of each setting, including the recommended hardened value and its default value if left unspecified in Bitcoin Knocks.

blockfilter

This setting enables the block-level filter engine, which applies a policy screen before a transaction or block is accepted for relay or inclusion.

Recommended: on

Default: off

drop_non_financial_tx

Rejects any transaction that contains no economically spendable outputs, such as those made entirely of OP_RETURN. This targets transactions used purely to carry metadata or messages.

Recommended: true

Default: false

require_inputs

Enforces the presence of at least one valid input in every transaction. This blocks data-only payloads and "null-input" style inscription carriers, which serve no financial function.

Recommended: true

Default: false

disable_nonstandard_scripts

Disallows all non-standard scripts according to Bitcoin Core’s standard relay policy. This blocks creative misuse of exotic opcodes like OP_CAT, OP_IF, or unused Taproot constructs.

Recommended: true

Default: false

max_op_return_bytes

Limits the maximum size of data allowed in an OP_RETURN output. Bitcoin Core accepts up to 80 bytes by default, which is sufficient for metadata. Reducing it tightens the filter and blocks certain token protocols.

Recommended: 40

Default: 80

prune_inscriptions

Activates a pattern-matching engine that scans witness data for Taproot-based data embeddings, including Ordinal inscriptions. These are typically formatted with OP_FALSE OP_IF followed by large, arbitrary payloads.

Recommended: true

Default: false

max_witness_data_size

Restricts the size of the witness field in each transaction input. Taproot inscriptions regularly exceed several kilobytes. By setting this to 300 bytes, most legitimate Taproot and SegWit transactions remain unaffected while inscriptions fail.

Recommended: 300

Default: 4000

max_block_size_relay

Soft cap on block size for relaying. This setting does not affect consensus acceptance, only what your node is willing to forward. The default (4,000,000 weight units or roughly 4MB) allows full-size SegWit blocks, which may be abused. This recommendation reduces exposure.

Recommended: 500000

Default: 4000000

max_witness_block_ratio

Limits the ratio of witness data to total block weight when relaying. By capping witness data to 25% of the block, this setting helps suppress blocks overloaded with witness-only inscriptions.

Recommended: 0.25

Default: 1.0

filter_scripts

This is a list of known spammy script fingerprints. Knocks uses this list to match transaction script patterns and drop them at the relay and mempool level. You can add new protocol identifiers as needed.

Recommended: ["ordinals", "stamps", "memo", "omni", "slp", "counterparty", "bsv"]

Default: [] (empty)

auto_update_filters

When enabled, Knocks fetches updated pattern fingerprints from the Knocks filter registry. This ensures that the node remains current with new inscription or spam variants.

Recommended: true

Default: false

mempool_policy

Switches the node’s mempool admission logic to strict mode. This improves ancestor/descendant checks, enforces better fee prioritization, and makes spam flooding less effective.

Recommended: strict

Default: lenient

ban_spammy_peers

Activates automatic peer banning based on repeated spam attempts. The node tracks which peers are relaying blocked transactions and disconnects them after a threshold is met.

Recommended: true

Default: false

enable_spam_tab

Adds a tab in the GUI to inspect and audit dropped transactions. This is useful for operators who want visibility into what’s being filtered.

Recommended: true

Default: false

mining_filter_nonfinancial

If the node is used for mining or constructing block templates, this setting ensures the same transaction filters are applied to candidate blocks. This stops your own blocks from containing spam—even if fees are high.

Recommended: true

Default: false

prune

This setting enables block file pruning to reduce disk usage. The value 550 retains the most recent ~550MB of block data after full validation, removing old data while keeping full node consensus intact.

Recommended: 550

Default: 0 (no pruning)

Consensus Compliance
All of the above filters apply at the policy layer, not the consensus layer. Your node continues to:

Accept and validate all consensus-valid blocks.

Sync with the global network.

Relay standard, financial transactions.

You are simply choosing not to relay or mine transactions that are economically irrelevant or abusive. This enhances node efficiency and expresses your own validation policy while maintaining interoperability.

Operational Recommendations
If you’re mining, you must enable mining_filter_nonfinancial=true alongside your mempool filters to ensure your block templates do not include filtered transactions. This prevents you from unintentionally mining inscriptions or token payloads.

Operators running public or routed nodes should monitor spam attempts using:

lua
Copy
Edit
knocks-cli spamlog list --reason=prune_inscriptions
You can also review the full list of active filters with:

Copy
Edit
knocks-cli spamfilter getrules
For advanced setups, configure alerting or export logs to external monitoring pipelines.

Conclusion
Bitcoin Knocks offers node operators full control over the data they choose to store, relay, and mine. These settings provide strong defenses against the rising tide of non-financial blockchain abuse. With these filters in place, your node validates only what matters—Bitcoin as money.ks-cli spamfilter getrules

For advanced setups, configure alerting or export logs to external monitoring pipelines.

---

OpenAI DALL-E3 by Author

Conclusion

Bitcoin Knocks offers node operators full control over the data they choose to store, relay, and mine. These settings offer robust protection against the increasing prevalence of non-financial blockchain misuse. With these filters in place, your node validates only what matters — Bitcoin as money.

You can sign up to receive emails each time I publish.

Link to the original Bitcoin White Paper: White Paper:

Dollar-Cost-Average Bitcoin ($10 Free Bitcoin): DCA-SWAN

Access to our high-net-worth Bitcoin investor technical services is available now: cccCloud

“This content is intended solely for informational use. It is not a substitute for professional financial or legal counsel. We cannot guarantee the accuracy of the information, so we recommend consulting a qualified financial advisor before making any substantial financial commitments.