How to Define Our Soul: How Does Soulbound Token Solve Sybil Attacks on DAO
By Hanson Zhang
Picture from: unsplash.com
Abstract
As Web3 and the concept of decentralization have constantly gained heat starting from 2020, an increasing number of builders are stepping into Web3 by showing their contribution through the Decentralized Autonomous Organization(DAO). Therefore, the issue of the Sybil Attack on DAO becomes urgent. Sybil Attack refers to the malicious behavior of one entity controlling over 51% of power in a decentralized community by various means. By doing this, the entity will maximize his interest by sacrificing the community’s interests. Sybil Attacks would lead to irreversible damage to the community by various means, such as destroying the transparency, controlling the price of community tokens, and preventing the honest nodes from entering. To a macro extent, Sybil Attacks can lead Web3 back to the top-down authoritarian structure of Web2, creating the “Money Class.” Currently, because the Peer-to-Peer network prevents the implementation of a credit system capable of recording the “relational status” of an individual, there is no perfect solution to solve the Sybil Attacks on DAO. Therefore, the introduction of SoulBound Token is believed by lots of Web3 builders as a promising solution to solve the issue and to bring up the blockchain credit system to a whole new level.
What is Web3 built on?
The Peer-to-Peer network is adopted as a “Web3 solution.”
Why does Web3 adopt the Peer-to-Peer network as its underlying infrastructure? To answer this, we need to know how Web2 stores data. In Web2, our data is stored in a centralized carrier. Web2 is a centralized network, where each user is a node, and major Internet companies are the center of the network. We can interpret this idea from a simple scenario. There are three people in A’s family: A’s father, A’s mother, and A. The family has a ledger and is kept by A’s mother(major Internet companies). If any transaction occurs in the family, A’s mother will make a record and share it with A and A’s dad. There are two problems with this system. First, for a group like A’s family, which only has three people, the bookkeeping is straightforward. However, updating and maintaining the ledger is extremely time-consuming and complex for a network system that hosts billions of users. Second, this system is centralized. If A’s mother wants to change the ledger, she can secretly and easily tamper with the data. Therefore, Web3 adopted the Peer-to-Peer (P2P) network. Simply put, the way we used to get information in Web2 was by downloading information uploaded by others from a centralized third party. However, through the P2P network, we can omit the centralized third party and establish contact with others by ourselves. This change brings two benefits. First, the P2P network facilitates cooperation between two unfamiliar nodes without prior verification or any proof from any central authority. Second, because of the convenience and expediency of data transfer in P2P networks, the scale problem of centralized systems can be solved. Right now, if a transaction occurs in A’s house, A no longer needs his Mom’s updates to know what happened but can simply acquire it through his own ledgers, saving time and costs to a large extent.
The implementation of the Peer-to-Peer network solves the issue of scalability but leaves potential threats to Web3 by enabling Sybil Attacks.
To reach the end of the P2P network, “Web3 typically consists of peer-to-peer technology (BitTorrent) with a distributed ledger (Bitcoin) and the social practice of sharing (GitHub)” (Quinten 1). However, although the Peer-to-Peer network can solve scalability problems, it leads to attacks brought by multiple fake nodes maliciously created by a single entity: Sybil Attacks. For example, in a DAO, because of the decentralized and verification-free nature, each member can never imagine whether the other member is a real individual or a fake node. Without a reliable mechanism that can prove the authentic “personhood” of a node, the decision made by a decentralized community could be largely skewed by a large number of fake nodes. “Web3 today centers around expressing transferable, financialized assets, rather than encoding social relationships of trust”(Buterin 1). Therefore, to overcome issues brought by Sybil Attacks, a mechanism that can represent the social identity of each node in Web3, the Soulbound Token(SBT), leads to an emancipation of the mind.
How Does the Sybil Attack Happen and Why Does it Matter on DAO?
From the infrastructure perspective, Sybil Attack ruins the credibility of the Peer Sampling Service and makes the Gossip-Based Protocol invalid.
If we want to understand the impact of the Sybil Attack at the DAO level, starting from the infrastructure can help clarify the problem. Most decentralized distributed systems today use Gossip-Based Protocol to ensure the communication of nodes in large-scale systems. In brief, as one of the many P2P systems, the Gossip-Based Protocol can ensure the overall system’s trustworthiness by letting each node exchange information with a randomly selected subset of nodes. Therefore, the quality of the randomly selected subset significantly affects the credibility of the Gossip-Based Protocol. In order to ensure credibility, “at the heart of the Gossip-Based Protocol lies a Peer Sampling Service (PSS), which provides each node with a continuously changing uniform sample of the existing nodes in the network” (Khelghatdoust 4). Through this mechanism, each node communicates with a specific and continuously changing set of nodes, often called “neighbors.” Therefore, if an entity can create and run a large number of fake nodes, then the prerequisite in this Gossip-Based Protocol, neighbors, is no longer valid. Besides that, it is hard to design a mechanism in the Gossip-Based Protocol to discern neighbors’ diminishing credibility. First, in Peer-to-Peer networks, because there is no mechanism for pre-censorship, it takes some time for each node to discover that the trustworthiness of its neighbor is gradually decreasing. Therefore, even if an effective detection mechanism can be executed, Sybil Attacks can still happen because of the time gap. Second, creating fake nodes is only one of many ways to carry out Sybil Attacks. If multiple honest nodes(nodes run by a real person) are controlled or bribed, one individual can also control over 51% of the community’s voting power. Bribery and malicious manipulation are not technically Sybil Attacks. However, from a DAO perspective, they can be defined as a type of Sybil Attack because they can achieve equivalent damage as the Sybil Attack.
From a DAO perspective, the Sybil Attack’s occurrence could control the whole community and bring irreversible damage.
After comprehending the above principles, it is easy to see the problem in the current Web3 community (DAO). Without any guarantee from the prior verification, an entity can create a large number of fake nodes in the community. Ultimately, such attacks would allow a single entity to gain complete control. The consequences of the Sybil Attacks on DAO are often devastating. For example, in a token-based community, the Sybil Attack can leave one member with more than 50% of the tokens. This member can then make the token prices extremely volatile by radical sales or buys. This allows that member to earn numerous profits by letting other participants fail in this speculative game. Besides that, in a membership-based community, each member’s fixed vote will determine the next steps(carrying out activities or spending treasury). In this case, Sybil Attacks can hinder community development by voting for harmful activities or directly stealing capital from the community’s treasury. From a macro perspective, the occurrence of Sybil Attacks could allow a small number of people to control an extremely large amount of resources, even allowing Web3 to revert to the totalitarian structure of Web2. To be more specific, there are other ways to launch Sybil Attacks other than creating fake nodes when it comes to DAO. Bribery or malicious manipulation, in this case, can also allow an entity to have over 51% of nodes. The few giant whales in each community could potentially band together and control the interest of the community, leading resources unevenly into the hands of a small number of people once again.
Why has the Sybil Attacks on DAO not been solved?
The credit system guaranteeing one’s identity in our society consists of two kinds of status: contractual and relational.
Many mechanisms have already proposed solutions to the Sybil Attack at the infrastructure level. However, verifying an individual’s identity in DAO is still a complex problem. The social structure adopted by the current human society to define individuals can be comprehended as two main categories: contractual status and relational status. In terms of contractual status, an individual’s identity is determined by the contractual relationship with other individuals. For example, when an entity purchases a property, the vouchers generated by him as a result of the property transaction are recorded and become part of the proof of his identity. Contractual relationships can be realized in Web3 because they are easily quantifiable, data-driven, and do not require a human identity. The transaction between two addresses has nothing to do with “personhood.” However, in the case of relational status, an individual’s identity is not only defined by financial transactions; a person’s “personhood” is more credible in most cases to prove his identity. In reality, a person’s past education, work experience, community (association or organization) rating, and family background are all critical relational status criteria. Compared to quantifiable criteria such as financial transactions, a person’s social evaluation criteria are more emotional, difficult to measure and record, and more of a product of human nature than human society.
Web3 can implement the former status but not the latter.
However, the verification-free structure that Web3 currently has does not support the relational status. The decentralized distributed database currently applied by most blockchains does not use centralized authority; no schools can prove an individual’s educational experience, and no former company leaders can prove an individual’s skills. Therefore, there are no ideal solutions to resist the Sybil Attack because of the lack of mechanism proving relational status. In fact, sometimes, Web3 builders must rely on Web2 software to secure one’s identity. For example, a DAO member will use personal profiles on Twitter to prove the credibility of his human identity. However, this method is not secure and lacks trustworthiness. From this point, while the emergence of SBT is an idea that needs to be validated and improved, it presents a groundbreaking concept for creating a more open and transparent Web3 community.
What Defines Our Soul?
Souls and SBTs are not units of quantification but proof of relational status.
Vitalik Buterin, the founder of Ethereum, first introduced the idea of Soul Bound Token in May 2022. Vitalik defines “Soul” and “Soulbound Token.” “Our key primitive is accounts, or wallets, that hold publicly visible, non-transferable (but possibly revocable by the issuer) tokens. We refer to the accounts as ‘Souls’ and tokens held by the accounts as ‘Soulbound Tokens’ (SBTs)”(Buterin 2). Simply put, the decentralized society(Desoc) underpinned by SBTs will operate in a new decentralized credit system. Most participants in this society will have a Soul account to store their unique SBTs to represent their identity. For example, an individual can have different SBTs in his Soul that represent his education, age, hobbies, or work experiences. This new mechanism can be seen as real-world personal proof, similar to a resume. “But the true power of this mechanism emerges when SBTs held by one Soul can be issued — or attested — by other Souls, who are counterparties to these relationships”(Buterin 2). By introducing a mutually-proven Soul system, Web3 can build a long-term, stable, verifiable, yet still decentralized credit system to support the interoperability of various assets instead of just financial products. The emergence of SBT has made financial transaction records no longer the only way to prove the identity of a node. Instead, the relational status of each node is stored in the form of valid identification.
How the introduction of SBT can solve the issue of Sybil Attack on DAO: 4 recommendations:
Recommendation 1: Computing over a Soul’s constellation of SBTs to differentiate between unique Souls and probable bots and denying any voting power to a Soul that appears to be a Sybil.
To start with, computing over a Soul’s constellation of SBTs makes it possible to determine an individual’s relational status. An individual, in this case, is no longer just a wallet that exists on the blockchain, relying on the balance in the account to define their identity. Instead, a person’s relational status can be determined by the different SBTs in their account, which can represent their past experience, education, or achievements. An individual’s social identity is represented through SBTs, which are not tradable, fixed in number, and specific in type. In this case, a fake bot created with malicious intent can never gain enough credibility in a short period of time to convince the community of its existence as an honest individual.
Recommendation 2: Issuing specialized “proof-of-personhood” SBTs, which could help other DAOs bootstrap Sybil resistance.
Developed from the above recommendation, proof-of-personhood SBT can bring more possibilities. Proof-of-personhood SBTs can be interpreted as one of the many SBTs. What makes proof-of-personhood SBTs valuable, however, is that they are designed to be rare. Each individual’s proof-of-personhood SBTs should be rare and unique to the extent that they can effectively represent the individual. Proof-of-personhood SBTs can help Web3 through two perspectives. First, proof-of-personhood SBT allows members to easily traverse different communities without losing their “reputation.” Right now, each member entering a DAO is a complete stranger to other participants because no one knows their achievements and contributions in the previous DAO. Members need to regain the trust of members in the new community by participating in events, donating, or voting. However, proof-of-personhood SBTs can be given by members’ past DAO and accurately contain their past contributions, donations, or even unethical behavior. They are designed to be unique, rare, and thus bonded to one individual. Therefore, this mechanism effectively reduces the cost of entering new communities and better facilitates the interaction between different communities or ecosystems. Second, the proof-of-personhood SBTs have a more profound value in that it provides a new incentive model for the DAO and can thus discourage Sybil Attacks. Financial rewards are no longer the only form of incentive. As mentioned above, for community members who have made high contributions, the DAO can rate them higher than other members and record their achievements as proof-of-personhood SBT. If all DAOs use the proof-of-personhood SBT to evaluate an individual and decide whether he can participate in their DAO, then the proof-of-personhood SBTs issued by each DAO become effective guarantees. As a result, each individual will do their best to contribute to their current DAOs to get the proof-of-personhood SBT from them. Financial incentives, in this case, will no longer be the only way to motivate community members. This change in the incentives mechanism could fundamentally address the Sybil Attacks of occupying more than 51% of the tokens or assets of a community.
Recommendation 3: Conferring more voting power to Souls who hold more reputable SBTs — like work or educational credentials, licenses, or certifications.
The mechanism of conferring more voting power to Souls with more reputable SBT can build a leadership system capable of defending against the Sybil Attack. “Leadership roles could dynamically shift as the composition of the community shifts — as reflected in the changing distribution of SBTs across member Souls”(Buterin 7). Each individual or group formed by several individuals can be a leader in a DAO based on community voting. The misconception that needs to be corrected is that even though Web3 defines a leader as an organizer rather than a person with authoritative power, the ideas and methods they use to organize their communities can still have a very profound impact. For example, leaders may have more voting powers compared to other members of the community, their ideas may be more popular because of their high prestige, or they may have the power to evaluate others. Therefore, if a member without a credible background becomes a leader, the community’s chances of experiencing Sybil Attacks will also increase accordingly. At the same time, the mechanism of conferring more voting power to Souls with more reputable SBT has a more profound impact. For example, in a system where Sybil Attack does not even occur, it is possible that a large number of nodes collectively make a wrong choice because of some wrong guidance. This phenomenon is known as collective ignorance. “Humans collectively know that p is true if and only if at least one human being, now or in the past, knows or has known that p”(Ranalli 2). Human beings misjudge the unknown because of their lack of knowledge, cognitive bias, and over-confidence. Therefore, when humans enter a group, a simple misleading guidance or the choice of majority will make many weak-willed members make wrong judgments. In this case, the community leaders, Souls with more reputable SBT, are extremely important. As the organizers and the guide of the community, they need to ensure the stability of the community by having more voting powers.
Recommendation 4: Checking for correlations between SBTs held by Souls who support a particular vote, and applying a lower vote weight to voters who are highly correlated.
In Web3, “without any social substrate for sybil-resistance and correlation discounts to force-function decentralization, we should also expect to see more monopolies funded by whales, as monopolists increasingly become the largest pool of available investment capital”(Buterin 20). On a technical level, the Sybil Attack can be defined as one entity creating multiple fake nodes and thus controlling more than 51% of the community. However, on a community level, the method of carrying out Sybil Attack is not limited to fake identities because humans are not simply nodes. Bribery, malicious manipulation, or the correlation of monopolies can all execute the same effects as Sybil Attacks on a community. Among them, correlation is the biggest concern. For a DAO without a valid identity system, the “Money Class” and the general user will likely diverge. In this case, as a majority of resources are taken by the money class, incentive imbalances are more likely to occur over time because the contributions devoted by the general users are not reasonably related to the final benefits they receive. Currently, Web3 can be defined as anarcho-capitalism. However, as increasing numbers of small groups of elites start to occupy more resources, Web3 will also fall into the network effect and monopoly threat. Ultimately, if Web3 continues to rely on this route, it is possible that its future will also likely become the top-down authoritarian structure of Web2. To solve this, creating a mechanism to regulate unreasonable correlation is the solution we can achieve by using SBT. By measuring the connections between Souls, such as financial transactions, participation in overlapping communities/activities, and social networks, the correlation between the two Souls can be derived and used to eliminate the potential threat posed by malicious correlation.
Conclusion
Given the Peer-to-Peer network adopted by Web3, it has often been labeled as a platform serving speculative financial assets because of its anonymity, no prior verification, and strong financial attributes. Therefore, the emergence of SBT may have provided Web3 with a new solution for inter-individual relationships. Vitalik Buterin, in his book, Proof of Stake: The Making of Ethereum and Philosophy of Blockchains, mentions that “People celebrate the ownership, and outright waste, of a large amount of wealth, and this limits the appeal and the long-term sustainability of the culture that emerges around these digital collectibles.” Most Web3 builders should recognize the heavy financial attributes of the current Web3 industry brought about by the P2P network and the resulting dilemma. After doing this, they can build defenses against Sybil Attacks by designing SBT-based mechanisms in a myriad of ways, changing the current plight of Web3. Ultimately, if we recall this time some days in the future and try to discover the history of the very first citizens of the DeSoc, perhaps, Soulbound Token would be an ideological revolution that only belongs to them and is worth putting in history.
Reference
Buterin, Vitalik. Proof of Stake: The Making of Ethereum, and the Philosophy of Blockchains. Seven Stories Press, September 27, 2022.
Eisenbarth, JP, Cholez, T, Perrin, O. “Ethereum’s Peer-to-Peer Network Monitoring and Sybil Attack Prevention.” Journal of network and systems management, 2022.
J, Dinger, H, Hartenstein. “Defending the Sybil attack in P2P Networks: Taxonomy, Challenges, and a Proposal for Self-Registration.” First International Conference on Availability, Reliability and Security (ARES’06), 2006, pp.8–763.
Khelghatdoust, Mansour. “Gossip-Based Peer Sampling in Social Overlays.” Networked Systems, 2014, pp.335–340.
Piech, Stepfan. “Soul Searching.” Binance Research. Available at: https://research.binance.com/static/pdf/soul-searching-soulbound-tokens.pdf.
Ranalli, C., van Woudenberg, R. “Collective ignorance: an information theoretic account.” Synthese 198, 4731–4750 (2021).
Stokkink, Quinten, Ileri, Can Umut, Epema, Dick, Pouwelse, Johan. “Web3 Sybil Avoidance Using Network Latency.” Available at SSRN: https://ssrn.com/abstract=4104236 orhttp://dx.doi.org/10.2139/ssrn.4104236.
Weyl, Eric Glen, Ohlhaver, Puja, Buterin, Vitalik. “Decentralized Society: Finding Web3’s Soul.” May 10, 2022.
