One of the issues facing all financial safety nets is fraud.
Group Income is able to address fraud in a privacy-preserving way, without needing to scan your eyeballs.
You may have heard of “voter fraud”, “social security fraud”, and “charity fraud”. All of these types of fraud have something in common: an inability to accurately identify individuals. Also known as a “Sybil attack”, fraudsters create fake identities and use those to abuse the system.
Let’s dive in.
- What is a Sybil Attack?
- Why Are Sybil Attacks Effective?
- Examples of Sybil Attacks
- How Existing Systems Protect Against Sybil Attacks
- How Group Income Protects Against Sybil Attacks
What is a Sybil Attack?
In a Sybil attack, an attacker creates fake identities and uses them to influence a system. The name “Sybil” alludes to Flora Rheta Schreiber’s chronicles of the pseudonymous Sybil, who struggled with dissociative identity disorder. In 2002, it was used for the first time to describe a type of cyberattack.
Why Are Sybil Attacks Effective?
Sybil attacks take advantage of weaknesses in identity systems and the fact that you can’t know everyone. In large communities or systems, an attacker can slowly grow their network of fake identities under the radar. As their network of fakes grows, the attacker can use these fake identities to vouch for other fake users.
Examples of Sybil Attacks
These attacks are not merely theoretical; there have been numerous instances of successful Sybil attacks in recent years:
- Tor: In 2014, a black hat hacking group named “Lizard Squad” launched a Sybil attack on the Tor network by registering a large number of new relays, presumably hoping to become a significant portion of the network. The attack was detected and defeated before the group acquired any meaningful presence.
- Twitter: A 2017 study estimates that between 9% and 15% of Twitter’s active monthly users are bots (nearly 48 million). This is likely an underestimate, as researchers repeatedly point to countless fake accounts being used for malicious purposes.
- Keybase: In 2019, Stellar Development Foundation (SDF) announced that Keybase users would receive monthly XLM airdrops (around 2 billion XLM over the period of 20 months). Scammers began creating fake profiles at a rate far beyond Keybase’s capacity to filter them. Eventually, Keybase ended the giveaway.
- Covid relief funds: Since the beginning of the pandemic, the U.S. spent trillions in Covid relief funds. Recent news reports that nearly $100 billion was stolen by fraudsters. Investigators found that hackers easily dumped money into digital platforms by setting up accounts with stolen identities.
- Student financial aid: In 2021, the California Student Aid Commission recorded one of the state’s biggest financial aid scam attempts in recent history. The suspected fake applications surpassed 65,000, and officials struggled to distinguish real students from bots.
- Worldcoin: In 2023, WorldCoin announced the official release of their Worldcoin Project, which released the Worldcoin token (WLD) to anyone participating in their World ID program. Less than a week later, Trusta Labs detected Sybil attacks on the WorldCoin network. It is trivial for someone to pay others to scan their eyeballs and thereby collect multiple streams of worldcoin tokens.
How Existing Systems Protect Against Sybil Attacks
Existing systems employ various mechanisms to attempt to protect against Sybil attacks:
- Proof of Legal Identity: ID Systems
- Proof of Work
- Proof of Stake
- Proof of Burn
- Proof of Humanity
- Proof of Eyeball
How Group Income Protects Against Sybil Attacks
Group Income addresses the Sybil attack in a decentralized and fully privacy-preserving way by working with the constraints of human social structures. We limit the size of groups to Dunbar’s Number, the average number of meaningful relationships an individual can maintain, estimated to be about 150 people. At this size, group members can personally know each other and readily identify fake accounts.
More importantly, the platform encourages genuine personal connections and regular communication between members, all within the safe confines of a fully end-to-end encrypted experience so that your group activity and communications stay private.
In short, Group Income protects against Sybil attacks by fostering real, meaningful relationships among its users.
Want to support our work?
- Become a sponsor on GitHub!
- Make a tax-deductible donation to the okTurtles Foundation!
- Join our community (see links below) and contribute to the project!