Overview
In a Sybil attack, a single malicious actor subverts a reputation or voting system by creating a large number of pseudonymous identities (Sybils). This is a major challenge for decentralized systems that aim for 'one person, one vote' or 'one node, one vote.'
Impact
- Governance: An attacker can manipulate the outcome of a vote by appearing to be many different people.
- Network Security: In some P2P networks, an attacker can surround a victim node with Sybil nodes to control its information flow (Eclipse Attack).
- Airdrops: 'Sybil farmers' create thousands of wallets to claim free tokens intended for unique users.
Defenses
- Proof of Work/Stake: Making it expensive to create a new 'identity' or node.
- Identity Verification: Using DIDs or 'Proof of Personhood' (like Worldcoin or Gitcoin Passport).
- Quadratic Voting: Reducing the impact of multiple low-value identities.