Sybil? Who the Heck is Sybil?
Blockchain promised to solve the security threats inherent in our current centralized internet architecture, yet it’s not immune to attack. In fact, one of the greatest threats facing blockchain networks are the result of their decentralization.
Blockchain networks are peer-to-peer networks. This means they’re safe because they don’t store all their information in a single place that could be attacked by hackers, right?
Well, not exactly. While the decentralized architecture protects from one set of problems, it creates other ones instead. In the absence of a central, authoritative point of information storage, blockchain networks use what’s called “consensus algorithms” to how can the network determine which information is true and which is false. These algorithms come in many different flavours, but basically all models accept information as true if it’s accepted by the majority of computers on the network.
Are you beginning to sniff the problem? Exactly! That’s where sybil comes in.
Sybil is a specific type of cyber attack, in which one person creates multiple fake identities, in order to flood the networks with nodes in their control and get to decide which information is accepted. Because blockchain networks are decentralized and rely on majority consensus for verifying new information and reaching decisions, they’re especially vulnerable to this type of attack.
Protecting Against Sybil
2key is building a blockchain-based peer-to-peer network that automatically rewards people for collaborating in online search tasks by passing-on links and information to other participants. To protect against a possible sybil attack, 2key network developers have had to balance within a single system two essentially contradictory features.
First, 2key network has to create an incentive model that optimally motivates participation on the network. Good incentive models must reward participants for their efforts and increase the value of the rewards in line with each participant’s actual contribution to achieving the result.
At the same time, the network has to ensure that no one would be able to increase their profits by joining the network as multiple characters.
The great challenge was to create a model that achieves both of these goals at the same time, because part of what the network rewards for is the passing-on of links to other people.
A Counter-Sybil Pincer Attack
To reconcile the two opposing demands, the 2key model combined 3 different sets of strategies.
The first set of strategies focused on the incentive model. The model ensures an upper limit to the reward that any participant on the network can achieve by adding more participants to the search task. The total amount of reward always remains constant and as more people join into the referral chains, it’s distributed among them, reducing the reward amount at the source as more people join in.
The second set of strategies is focused on participants’ “reputation scores.” Each participant on the 2key network constantly gains and loses reputation points, in line with their successes and failures. When links on the network reach the target they’ve been searching for, the rewards are not distributed among all the participants who collaborated in the search task equally. Instead, each participant receives a different percentage of the reward based on a number of factors and most importantly — their reputation score.
The reputation score is calculated according to a groundbreaking model based on game-theory and AI, which calculates the reputation score for each of the participants on the network according to hundreds of variants. Each successful sharing rewards participants not only with tokens, but also with reputation points that increase their reputation score and greater reputation score entitles participants to a greater percentage of future rewards. This makes joining the network as a multiple participants entirely worthless, counter-productive and unprofitable.
The last set of strategies concerns identity protection on the network and is designed to prevent reputation-pumping attacks by people who want to abuse the system by artificially inflating their reputation so that they’ll be able to grab more greater percentages of the reward. To protect against this attack, 2key will require a sign-up through identity providers, thereby reducing the risk of fake identities. As part of this set of strategies, 2key will employ fraud detection measures through ongoing analysis of the influence graph of each participant, where collisions could be identified as isolated graph clusters.
Ensuring Your Safety
By combining these three sets of strategies, the 2key network ensures a network that is entirely decentralized, allowing free sharing of information among participants without the intervention of a centralized platform, and at the same time, safe from sybil attacks, which are the achilles heel of such networks.