Glosarium

Sybil Attack

Moderate

Sybil attacks undermine an online network by creating many IDs, accounts or nodes to upset the balance of power.

What Is a Sybil Attack?

In a Sybil attack, a malicious actor attempts to gain control over a network by creating multiple identities and using them to manipulate the network's consensus, such as by voting multiple times on a blockchain. The attacker does this by creating multiple identities, or "Sybils," that will then act together to control the network. These attacks can be used to double-spend coins, disrupt the network, and even prevent transactions from being confirmed.
For example, the attacker may create multiple wallets, each with a different identity, and use these to vote multiple times to gain control of the network. The attacker can also use these identities to manipulate the network's consensus by controlling a large portion of the network’s computing power

Sybil attacks can be difficult to detect and can be used to gain control of a network without the need for large amounts of computing power. As such, users need to be aware of the risks posed by these attacks and take steps to protect their networks.

Types of Sybil Attacks

The most common type of Sybil attack is a double-spend attack. In a double-spend attack, a malicious actor creates multiple fake identities, or Sybils, and uses them to send the same transaction to multiple nodes on the network. This allows the attacker to spend the same coins multiple times, resulting in a double-spend transaction.
Another type of Sybil attack is a selfish mining attack. In a selfish mining attack, a malicious actor attempts to gain control of the blockchain by creating a large number of Sybils and using them to mine blocks faster than the rest of the network. This gives the attacker a disproportionate share of the network’s mining rewards and reduces the security of the blockchain. 
A Sybil attack can also be used to launch a 51% attack. In a 51% attack, a malicious actor creates a large number of Sybils and uses them to control more than 50% of the nodes on the blockchain. By controlling more than 50% of the nodes, they can control all transactions on the network. They can prevent any transactions from being processed, censor specific transactions or double-spend coins. It could also be used to manipulate the blockchain's consensus rules and dictate which changes to the network will be accepted. 

Finally, a Sybil attack can also be used to disrupt the network by flooding it with bogus transactions. The attacker can clog the network with fake transactions, making it more difficult to process legitimate transactions. 

How to Prevent Sybil Attacks?

  • Implement a reputation system that is used to identify and block malicious actors and limit their ability to create multiple identities. Reputation systems can also be used to track user's activity on the network and assign them a score that determines the trustworthiness of their transactions.

  • Use cryptographic identity verification to create a secure and verifiable identity for each user on the network. This can help to ensure that malicious actors cannot create multiple identities.
  • Implement a proof-of-stake consensus algorithm by requiring users to stake a certain amount of their coins to participate in the consensus process. This means that users cannot create multiple identities to control a majority of the network’s hash power.