Sybil attacks 🧐

Doc · March 1, 2023, 11:27am

There are communities that create many accounts in testnet, for example, in SUI frenemies. What methods will be used to deal with sybil attacks?

putry · March 1, 2023, 5:35pm

I think developer has prepared a method to deal with the sybil attack problem. dev will consider on chain activities and social media activities. i think KYC is the best way to that problem.

Andrei1983 · March 1, 2023, 6:20pm

At the end of each round all wanted to get into the top 2000

slezisatoshiDAO · March 2, 2023, 5:46am

It’s good if they do. Aptos was distributed to everyone without passing KYC. And there were those who sent a request to install a node with 500 emails, they received 500K$

Egich · March 7, 2023, 9:42am

It appears that the developer has developed a solution to address the issue of sybil attacks. The proposed method involves considering both on-chain activities and social media activities. It seems that the developer believes that implementing KYC (Know Your Customer) measures would be the most effective approach to combat this problem.

Doc · March 7, 2023, 11:16am

Yes KYC will weed out many

Lonewolf · March 7, 2023, 12:15pm

I believe the team is aware of this
A python bot could be built base on solid criteria to identify Sybil attack from community

e274426380 · March 14, 2023, 9:08am

How can prevent KYC from eliminating normal users? For example, CoinBase’s kyc blocks certain regions

Doc · March 14, 2023, 11:09am

Blocking an entire region is not an option. There may be more than just sibyls in this region.

Suiyum · March 15, 2023, 4:10am

method known so far

Multiple wallet addresses using the same IP
Wallet creation date and number of transactions
Connect with social accounts such as Discord and Twitter.
KYC

Doc · March 15, 2023, 6:47am

This method is top. Wallets are created in bundles at one moment. Them can also add a request for coins in the tap. There, too, bots are requesting at one moment.

long · March 31, 2023, 12:59pm

The methods you mentioned are no longer useful for large hunters: 1. KYC can be purchased in Southeast Asian markets, India, Africa and the cost is not high. However, KYC may harm some real community members who cannot participate due to legal issues. 2. Social media accounts - currently there are methods that specialize in creating a large number of accounts on major social media platforms such as Twitter and Discord which is no longer a secret. 3. Robots or IP queries - IP queries are the least reliable because many people need proxies to access websites or GITHUB in certain areas; robots are more reliable since it’s easy to identify the number of accounts generated within three seconds and their subsequent batch interactions.

In summary, witch attacks are inevitable either by causing damage to real community members with great force or by focusing on finding robots while moderately expanding the scope.

stalesamy · April 2, 2023, 2:06am

There are multiple ways one can achieve sybil resistance. I believe one of the best ways is through IRL activations. I know of a DAO that has chapters or groups in cities throughout the globe (In every continent). The only way to join this DAO is by physically meeting with someone IRL who is part of the DAO, fulfilling an IRL requirement, then one is given an NFT that gives the user rights within the DAO. I don’t think is the be all end all solution but it can help with at least rewarding members who were able to meet and validate. I believe the SUI foundation is well funded and could achieve this with very small budget. Start Meetup groups in Major cities across the world. Hire community managers in these cities, and create the validation process. Feel free to reach out or piggyback off of this idea.