Sybil attacks 🧐

There are communities that create many accounts in testnet, for example, in SUI frenemies. What methods will be used to deal with sybil attacks? :face_with_monocle:


I think developer has prepared a method to deal with the sybil attack problem. dev will consider on chain activities and social media activities. i think KYC is the best way to that problem.

1 Like

At the end of each round all wanted to get into the top 2000 :sweat_smile:

It’s good if they do. Aptos was distributed to everyone without passing KYC. And there were those who sent a request to install a node with 500 emails, they received 500K$


It appears that the developer has developed a solution to address the issue of sybil attacks. The proposed method involves considering both on-chain activities and social media activities. It seems that the developer believes that implementing KYC (Know Your Customer) measures would be the most effective approach to combat this problem.

Yes KYC will weed out many

I believe the team is aware of this
A python bot could be built base on solid criteria to identify Sybil attack from community

How can prevent KYC from eliminating normal users? For example, CoinBase’s kyc blocks certain regions

Blocking an entire region is not an option. There may be more than just sibyls in this region.

method known so far

  1. Multiple wallet addresses using the same IP
  2. Wallet creation date and number of transactions
  3. Connect with social accounts such as Discord and Twitter.
  4. KYC
1 Like

This method is top. Wallets are created in bundles at one moment. Them can also add a request for coins in the tap. There, too, bots are requesting at one moment.

The methods you mentioned are no longer useful for large hunters: 1. KYC can be purchased in Southeast Asian markets, India, Africa and the cost is not high. However, KYC may harm some real community members who cannot participate due to legal issues. 2. Social media accounts - currently there are methods that specialize in creating a large number of accounts on major social media platforms such as Twitter and Discord which is no longer a secret. 3. Robots or IP queries - IP queries are the least reliable because many people need proxies to access websites or GITHUB in certain areas; robots are more reliable since it’s easy to identify the number of accounts generated within three seconds and their subsequent batch interactions.

In summary, witch attacks are inevitable either by causing damage to real community members with great force or by focusing on finding robots while moderately expanding the scope.


There are multiple ways one can achieve sybil resistance. I believe one of the best ways is through IRL activations. I know of a DAO that has chapters or groups in cities throughout the globe (In every continent). The only way to join this DAO is by physically meeting with someone IRL who is part of the DAO, fulfilling an IRL requirement, then one is given an NFT that gives the user rights within the DAO. I don’t think is the be all end all solution but it can help with at least rewarding members who were able to meet and validate. I believe the SUI foundation is well funded and could achieve this with very small budget. Start Meetup groups in Major cities across the world. Hire community managers in these cities, and create the validation process. Feel free to reach out or piggyback off of this idea.