diff --git a/packages/discovery-provider/plugins/pedalboard/apps/relay/src/middleware/antiAbuse.ts b/packages/discovery-provider/plugins/pedalboard/apps/relay/src/middleware/antiAbuse.ts
index 0a3af4ae4d6..d450b3e3baa 100644
--- a/packages/discovery-provider/plugins/pedalboard/apps/relay/src/middleware/antiAbuse.ts
+++ b/packages/discovery-provider/plugins/pedalboard/apps/relay/src/middleware/antiAbuse.ts
@@ -5,6 +5,7 @@ import { logger } from '../logger'
 import { NextFunction, Request, Response } from 'express'
 import { config } from '..'
 import { antiAbuseError, internalError } from '../error'
+import { decodeAbi } from '../abi'
 
 type AbuseRule = {
   rule: number
@@ -20,24 +21,28 @@ type AbuseStatus = {
 }
 
 export const antiAbuseMiddleware = async (
-  request: Request,
+  _: Request,
   response: Response,
   next: NextFunction
 ) => {
   const aaoConfig = config.aao
   const { ip, recoveredSigner: user } = response.locals.ctx
-  await detectAbuse(aaoConfig, user, ip, false, next)
+  const decodedAbi = decodeAbi(response.locals.ctx.validatedRelayRequest.encodedABI)
+  const isUserCreate = (decodedAbi.action === "Create" && decodedAbi.entityType === "User")
+  await detectAbuse(aaoConfig, user, ip, isUserCreate, false, next)
 }
 
 export const detectAbuse = async (
   aaoConfig: AntiAbuseConfig,
   user: Users,
   reqIp: string,
+  isUserCreate: boolean,
   abbreviated: boolean,
   next: NextFunction
 ) => {
   // if aao turned off, never detect abuse
-  if (!aaoConfig.useAao || !user.handle) {
+  // on user create a user will not be in AAO yet
+  if (!aaoConfig.useAao || !user.handle || isUserCreate) {
     next()
     return
   }