Sybil Resistant Airdrops

“There is no free lunch, unless maybe you are a Sybil. [sic]” — M.F. As long as free money is on the table, there will always be sophisticated actors that attempt to game the system; on par with the expected value they can receive, balanced against the cost they incur to achieve it. From government stimulus, to crypto token airdrops, defeating Sybil attacks can be a Sisyphean task. Recent airdrops challenge prior assumptions that attackers only engage in transactions of small amounts or avoid high transaction fees. In reality, some crypto Sybil attackers manage significant funds, incur substantial gas fees, and even maintain fake NFT portfolios, ENS domains, and social media presences, thereby debunking many myths about their operations. 👉

The Expected Utility Function of Crypto: Airdrops

“Airdrops” are events in crypto when a project distributes its tokens to users that meet specific criteria, often for “free”. Understandably, “free” tokens in a highly speculative market has made “Airdrops” a significant buzzword, especially following Uniswap’s 2020 airdrop. This event, while not the first of its kind, was notable for its unprecedented value at the time, setting a new standard for acquiring users in protocols and DApps. The phenomenon has even spawned a niche of Twitter influencers and strategists who specialize in airdrop hunting, sharing tips and insights on how to secure these rewards.

Airdrops serve as a crucial mechanism for protocols to boost adoption, enhance customer retention, test products, reward early users, and facilitate “progressive decentralization.” Tokens are distributed to wallets that have interacted with the protocol based on specific on-chain criteria. These distributions are not arbitrary; they are meticulously crafted by protocols to incentivize users who contribute to the growth of the protocol, whether through labor, capital, or both.

At its core, an airdrop in the Web3 space is similar to customer acquisition strategies prevalent in fintech companies, but with the added dimension of token utilities. In the Web2 world, customer acquisition and retention have traditionally relied on incentives like: free Uber rides, cashback, or PayPal’s $10 offer. However, in crypto, airdrops have taken this concept to a new level, with rewards ranging in 5 figures, significantly impacting the adoption and onboarding of new users into the crypto ecosystem. In other words: airdrops aim not only at customer retention, but also at creating a diverse group of stakeholders for governance and ensuring efficient tokenomics after the distribution.

The High Cost of Airdrops

Airdrops in crypto, while costly as a customer acquisition method, uniquely transfer ownership to the community, adding significant value beyond mere expense. However, their effectiveness is questioned, especially considering the high costs, estimated to be 4–7 times more than traditional methods. The core issue lies in whether these airdrops reach the intended community or fall prey to the exploitation of multiple fake online personas, also known as “Sybil attacks.” This raises a crucial point: Is “airdrops as a strategy” the actual challenge, or is it the execution that needs refinement? The potential financial impact on protocols from Sybil attacks, which could undermine the goal of equitable community empowerment, remains a significant concern.

Sybil attacks jeopardize the maturation of a decentralized protocol by skewing the distribution of allocations, leading to token price manipulation and potential governance attack vectors. In essence, a protocol intended to be community-owned risks being dominated by a wealthy few.

Evolution of Airdrops

The evolution of airdrops in the crypto space is marked by a significant shift from simple, one-time distributions to more complex and nuanced strategies. Uniswap’s $UNI airdrop to over 250k addresses was a pioneering move, establishing the concept of retrospective airdrops. This approach rewarded past interactions with the protocol, such as providing liquidity, and set a precedent for future airdrops.

Subsequently, other protocols have developed more sophisticated criteria for airdrop eligibility. For instance, dYdX experimented with trading volume-based distributions, reflecting a move towards condition-based eligibility. This evolution in airdrop design reflects the growing maturity of the space and the desire to align airdrop strategies more closely with the principles and objectives of each protocol.

At the heart of these evolving strategies is analyzing on-chain data, which serves multiple purposes:

• Identifying Organic Activity: Distinguishing genuine user interactions from artificial ones to ensure fair distribution.
• Detecting Sybil Behavior: Identifying and filtering out manipulative practices by users who create multiple accounts (Sybils) to unfairly benefit from airdrops.
• Quantifying On-Chain Activity: Using data to label wallets and determine their eligibility for airdrops based on specific criteria.

These developments indicate a move towards more dynamic and responsive airdrop mechanisms, aimed at fostering genuine engagement and equitable distribution of rewards.

Challenges in Airdrop Distribution

Airdrops are fundamentally intended to transfer governance to the entire community by distributing tokens to individual users and DApps within the protocol’s ecosystem. However, most airdrop designs exhibit inherent flaws. For instance, only about 7% of wallets that received Uniswap’s airdrop still hold $UNI. While Uniswap set a precedent in this domain, it’s understandable to overlook some of its early mistakes. Yet, protocols that later adopted airdrops have also struggled to maintain reasonable retention rates.

source

Sybil-resistant airdrops have become a complex and sophisticated endeavor, challenging the initial assumptions that attackers only engage in transactions of small amounts or avoid high transaction fees. In reality, some Sybil attackers manage significant funds, incur substantial gas fees, and even maintain fake NFT portfolios, ENS domains, and social media presences, thereby debunking many myths about their operations.

The substantial cost of airdrops and the expenses incurred from Sybil attacks pose a dual threat: they undermine the goal of decentralization and result in significant financial waste.

Why is Airdrop Farming Bad?

At first glance, having a percentage of airdrop farmers might seem benign, potentially increasing protocol interaction and aiding in product testing. However, airdrop designs are meticulously crafted based on specific principles and objectives, primarily to shift ownership from centralized teams to a broader base of stakeholders.

The challenge arises when protocols cannot differentiate individual users from Sybil wallets. As airdrops have evolved from retrospective to recurring mechanisms, so too have Sybil attackers, who now farm airdrops based on the varying criteria set by protocols. Sybil attacks jeopardize the maturation of a decentralized protocol by skewing the distribution of allocations, leading to token price manipulation and potential governance attack vectors. In essence, a protocol intended to be community-owned risks being dominated by a wealthy few.

Participants often engage in platforms like Discord or Snapshot primarily for airdrop eligibility, leading to inflated and misleading metrics of genuine community involvement. Increased voter participation in Stargate’s snapshot is an example of airdrop farming that can have consequences on governance.

Is Network Analysis a Sufficient Strategy?

The Web3 data landscape has evolved to analyze better and index data for identifying Sybils and designing more nuanced airdrop mechanisms. For example, the Arbitrum Foundation, with assistance from Nansen, implemented a detailed approach to determine airdrop eligibility. This approach categorized wallets based on their on-chain behaviors, such as bridging frequency, transaction counts, and balances. To filter out Sybil addresses, those anticipating airdrops without genuine utility intent, they used clustering algorithms on transaction data, complemented by human assessment, ensuring that only genuine participants aligned with the protocol’s values received the airdrop.

In another demonstration of Goodhart’s law, X-explore’s analysis of Arbitrum’s Airdrop revealed significant Sybil activity, with approximately 150k Sybil addresses and over 4,000 Sybil communities participating in the airdrop, cumulatively profiting from more than 253 million tokens. Despite this, Arbitrum stands out for its higher retention rate post-airdrop, surpassing other protocols, so the book is still open on their airdrop strategy.

Similarly, Optimism’s strategy of recurring micro airdrops demonstrates a reasonable retention rate. This approach, enhanced by data labeling techniques that pinpoint Sybil clusters, represents an efficient step in combating Sybil manipulation. However, as Disruption Joe highlights in his talk, the task of differentiating between genuine organic activity and Sybil activity through network analysis remains a formidable challenge.

Identity verification is pivotal in equitable airdrop distribution. By accurately identifying unique individuals, protocols can enhance customer retention, reduce acquisition costs, and ensure fair governance distribution, all while mitigating the financial drain caused by Sybil attacks.

Web of Trust & Social Attestations

Anti-sybil methods developers and researchers in the space are beginning to converge on social attestations as the only viable path forward for decentralized communities to guard against Sybil attacks without sacrificing privacy. A Web of Trust can be a disconnected graph where every person, or node, in the network is as trustworthy as other nodes say they are. In some variations, reputation is transferable, where a highly trusted node that vouches for a new node in the network receives a higher trust score than two new nodes that attest to each other.

An advanced example of the Web of Trust in action is the Circles UBI experiment. The project allows for the distribution of Universal Basic Income in the form of “personalized cryptocurrencies” that begin being issued when the user first joins the network. When two nodes attest to each other’s currencies, they can now exchange with both currencies on an equal basis. Over time, as trust attestations traverse the network, a superset of currencies emerge, allowing people to pay for goods and services with any of the tokens that have been trusted.

However, to join the network, new users must be attested by enough existing users to achieve a sufficient fungibility to participate in the network. This challenge can be difficult in networks with high centrality that make it difficult for new entrants to gain trust. Fake accounts are still a key problem for Circles, there is no way for a person to know the person they are exchanging with is a “shell” account, especially if it is trusted by many other accounts.

Web of Trust approaches to airdrops are limited by their ability to differentiate fake attestations from real people vouching for each other. This weakness becomes a larger handicap if the network is accessible to AI agents controlled by a centralized actor. If the agent cant pass a Turing test, then achieving a social attestation of trust is trivial, and disrupts the power balance in favor of those that have the resources to perform an AI Sybil attack.

Holonym’s method ensures privacy in airdrops by preventing the association of off-chain personal data with on-chain wallet addresses.

Identity Verification: The Key to Equitable Airdrop Distribution

Identity verification is pivotal in equitable airdrop distribution. By accurately identifying unique individuals, protocols can enhance customer retention, reduce acquisition costs, and ensure fair governance distribution, all while mitigating the financial drain caused by Sybil attacks.

Industrial-scale Sybil attacks, which farm a significant portion of airdrops, pose serious threats to protocol integrity. In the realm of Web3, where permissionless systems are foundational, introducing identity verification can be a delicate balance between privacy and security against sybil attacks. Self-Sovereign Identity offers a promising solution, adaptable for use in airdrop mechanisms.

The diversity of identity tools available in Web3, such as Web2-based authentications (Twitter, Discord), biometrics (Humanode), KYC methods (BAB token), identity aggregators (Gitcoin Passport, Galxe Passport), and ZK IDs (Polygon IDs), provides a range of options to combat Sybil attacks. Each tool has its unique applicability and intricacies, allowing protocols to choose based on the desired level of proof of humanity and other factors like cost implications.

Zero Knowledge Identity Verification

In crypto, using government-issued IDs for KYC processes, particularly when shared with third parties for identity verification, raises significant concerns regarding data breaches in centralized systems. Holonym’s zero-knowledge based KYC method addresses this issue by verifying the existence of these IDs without revealing specific personal information.

This approach ensures that the wallet minting the Soul-bound Token (SBT) remains disconnected from any off-chain personal data, upholding the user’s anonymity.

Holonym’s data responsibility, involves encrypted storage and transmission with immediate deletion of sensitive information post-verification, effectively mitigating the risks associated with traditional KYC practices, providing a secure and privacy-preserving solution for identity verification in the blockchain space.

Holonym’s Approach to Sybil Resistant Airdrop

Privacy-Preserving Airdrops with Holonym: Holonym’s method ensures privacy in airdrops by preventing the association of off-chain personal data with on-chain wallet addresses. This is achieved through encrypted data transmission while signing off on the credential and a nullifier scheme during verification, coupled with the use of a Merkle Tree as an identity mixer, ensuring that users can prove their identity without compromising their anonymity. This architecture will be upgraded in early Q1 2024 to remove all third parties and tie the attestation directly to the public key of the identity authority without requiring permission for the user to attest on their own behalf.

Ease of SBT: SBTs, being non-transferable NFTs, are well-suited for credential holding. They can be easily queried to verify if a wallet holds these assets, using tools like Collabland or custom bots for Discord. This makes them convenient for integration with other tools to prove humanness. Holonym also provides an API that allows any web service to query whether a user holds a proof of uniqueness SBT.

Quest and Loyalty-Based Airdrop: Airdrop eligibility has evolved into quest-based allowlisting. The development of tools for community building through quests and loyalty programs is on the rise, yet Sybil resistance remains a challenge. Protocols can integrate Holonym for human verification in these quests, or community builders can incorporate Holonym at the campaign level for Sybil resistance.

Soft & Hard Choice Based on Requirement: Holonym offers two types of SBTs: one for soft proof of personhood via phone number authentication through OTPs, and another for hard proof through government ID authentication. Protocols can choose either verification process based on their specific needs.

One-Person-One-Vote Based Governance or Quadratic Voting: Post-airdrop, token weighted voting is commonly used. However, for protocols interested in one person one vote mechanisms or quadratic voting, Holonym’s ID for proving unique human identity becomes a relevant choice.

Inclusivity of KYCs: Although KYC has not reached global ubiquity, it remains the most widely used identity system, especially since it’s required for opening bank accounts and availing subsidies. Leveraging this extensive network and bringing it on-chain while maintaining privacy can aid in scaling. Holonym employs verifiers like Idenfy and Veriff, broadening the verification process by incorporating more KYCs while preserving privacy.

Holonym’s DID Stack: The modular nature of Holonym’s Decentralized Identity (DID) stack allows other identity protocols to become issuers using Holonym. For instance, Etherscore, a reputation platform that awards badges based on certain on-chain activities, can issue Holonym SBTs. An Etherscore badge holder with more than 10 badges, for example, could be eligible to mint a Holonym SBT.

Challenges

Forgery: The availability of KYC documents or information for creating fake KYCs in the black market is a concern. Identity verifiers on Holonym use liveness checks to deter bad actors from faking KYCs. Holonym v2, coming early Q1 2024, will close many attack vectors along this front by utilizing NFC and biometrics identity technology.

Buying KYC: Collusion with individuals in low-income countries to create Holonym IDs is feasible due to the low cost of committing people to use their KYC for minimal value. This issue is not unique to Holonym but is prevalent in most proof of personhood verification systems. The incident of Worldcoin IDs being purchased highlights this challenge.

Countermeasures include increasing the cost of minting, which, while deterring fraud, also raises the barrier for genuine users. Enhancing fraud resistance can also be achieved by incorporating additional on-chain activities that increase the cost of creating such accounts.

Closing thought

Crypto, an entirely bootstrapped industry, has seen airdrops play a pivotal role in its growth. However, the mechanism of airdrops is not without flaws. The challenge lies in ensuring these airdrops reach their intended recipients without falling prey to manipulative tactics like Sybil attacks. Advances in data analysis and identity verification are key to propelling this mechanism forward.