BotPrints

Behavioral forensics for Reddit mods. BotPrints silently fingerprints posting patterns — not content — to surface bots and coordinated rings before they cause damage. Zero user friction.

Comment

Inspiration

I moderate a few communities and kept running into the same dead end: by the time a bot account was obvious enough to ban, it had already farmed karma, upvoted other bots, and moved on. Every tool I found either required user friction (CAPTCHAs), relied on crowdsourced blocklists that miss new bots entirely, or analysed post content — which introduces language and ideological bias.

I wanted something that worked the way actual forensic analysis works: silently, passively, and based on how someone behaves rather than what they say.

What BotPrints Does

BotPrints fingerprints every user's behavioral metadata across 6 signals — temporal regularity, circadian entropy, engagement ratio, edit absence, burst-silence patterns, and vote correlation — and surfaces suspicious accounts on a mod-only dashboard. No content is ever read or stored.

The key insight that separates BotPrints from a simple anomaly detector: a single unusual signal doesn't mean much. A nurse working night shifts will have unusual circadian patterns. A developer who batch-comments on lunch breaks will have burst-silence spikes. BotPrints only escalates when multiple signals fire simultaneously — which is the actual signature of automated behavior.

Beyond individual scoring, BotPrints detects coordinated inauthentic behavior by cross-correlating posting windows across flagged accounts. Bot farms using the same scheduler are identified automatically, even if each individual account looks borderline on its own.

How I Built It

Built entirely on Devvit 0.12 using TypeScript and Redis. Every post and comment triggers a silent profile update — under 100ms, max 2 Redis operations. The daily scheduler runs the full 6-signal scoring engine, behavioral shift detection, coordinated ring detection, and ban evasion fingerprint matching across all tracked users.

The dashboard is a Devvit custom post (webview) locked to moderators only. It renders radar charts per user, supports 5 moderation actions across 4 escalation tiers, includes a full appeal workflow with configurable timeout and auto-escalation, and tracks an audit log of every automated and manual action.

Challenges

False positives were the hardest problem. After auditing the academic literature on bot detection — particularly Rauchfleisch & Kaiser (2020) on Botometer's limitations — it became clear that additive single-signal scoring produces more false positives than true detections at most thresholds. The co-occurrence gate was the solution: scores above certain thresholds are only reachable when 3+ signals are simultaneously elevated.

Real moderator feedback reshaped the entire action system. Early feedback revealed that the original "Restrict (Mute)" action called Reddit's muteUser API — which only blocks modmail, doing nothing to stop a bot posting in the community. This was a fundamental misunderstanding of how bots actually operate: they target community posts for karma, not modmail. The entire enforcement system was rebuilt around this insight into a proper 4-tier escalation with modqueue filtering, remove + appeal workflow, and ban + spam report.

Devvit's system account behavior required careful handling. Reddit's AutoModerator and deleted accounts trigger post/comment events with userId t2_0 or t2_deleted, which cannot be resolved to usernames. Without guards, this caused silent Redis corruption and gRPC errors on every AutoMod action. The fix required per-trigger guards plus a cleanup pass in the daily scheduler.

What I Learned

Ship to real moderators early. The feedback from actual mods — including the developer of Bot Bouncer, one of Reddit's most established bot-detection tools — was more valuable than any amount of internal testing. Every major architectural decision in the final version came from someone actually using the tool in a live subreddit.

Built With

  • automoderator-wiki-api)
  • cosine-similarity
  • custom-post-webview
  • devvit-0.12
  • devvit-scheduler
  • devvit-triggers-(onpostcreate
  • jaccard
  • modmail
  • oncommentcreate
  • onpostupdate)
  • reddit-api-(banuser
  • redis-(devvit-kv-store)
  • reportcontent
  • shannon-entropy
  • typescript
Share this project:

Updates