Sybil Attack: What It Is & the Threats It Poses to Blockchains
Blockchain is certainly one of the most exciting new innovations in the financial world. However, this new technology comes with some potential hazards. If you want to avoid major issues, you need to be aware of problems like Sybil attacks. What is a Sybil attack? This guide will help you understand what it is, and to learn how a blockchain network is made more Sybil-resistant.
What Is a Sybil Attack?
A Sybil attack is a type of malicious assault that targets peer-to-peer (P2P) networks. It involves a single entity operating multiple identities at the same time to get undue influence over the network's actions.
This type of attack existed long before blockchain networks. It can be used in just about any sort of P2P network, so it’s a potential threat to many applications. This computer network service attack has gone by many other names, including “pseudospoofing” and “sock puppets.”
The term "Sybil attack" was first coined in 2002 by Brian Zill, at that time a researcher at Microsoft. He named the attack after Sybil Dorsett (neé Shirley Ardell Mason), a renowned psychological patient known for having dissociative identity disorder. Reminiscent of Dorsett's case, a Sybil attack involves multiple identities all being controlled by a single node in a network. Though the identities appear to be completely distinct nodes, the reality is that they all correspond to the same local entity.
This type of attack was initially used to gain excessive control over P2P systems. However, with the advent of blockchain, Sybil attacks became a lot more prevalent.
In modern times, a large-scale Sybil attack can be one of the most efficient ways of taking over a system such as bitTorrent’s Mainline DHT. A Sybil attack can be used to manipulate outcomes in a network, or it can disrupt a network's functioning entirely.
Types of Sybil Attacks
To better understand what a Sybil attack is, it’s helpful to take a closer look at how these attacks work. Sybil attacks are usually classified into two main categories.
A direct attack is the most straightforward. It starts with one or more nodes that spoof other nodes within the network. These nodes, which are called Sybil nodes, mimic the identity of an authentic node in the network.
In a direct attack, other real nodes end up communicating directly with the Sybil nodes. The authentic nodes don’t realize the Sybil node is a fake, so they communicate with it directly and accept influence from the Sybil nodes.
An indirect attack involves both normal nodes and Sybil nodes. However, the normal nodes and the fake nodes don’t directly interact with each other; instead, a Sybil node maliciously influences a middle node in the network. This node then becomes a malicious node that communicates with other nodes on behalf of the Sybil node. An indirect attack allows the Sybil node to affect the network without being easily identifiable.
Problems Caused by a Sybil Attack
Why should you be concerned about a Sybil attack? A few false identities might seem relatively harmless, but as more develop, they can greatly harm a network. Here are some common examples of how a Sybil attack causes problems.
Sybil Attacks Can Block Users From a Network
The main concern with a Sybil attack is that it can create enough fake identities to completely overwhelm all the honest network nodes.
Once the Sybil nodes have control of the network, they can completely alter the way the network runs. The Sybil nodes can refuse to either transmit or receive blocks in a network. This ends up essentially blocking other users from being able to access the network.
These attacks can temporarily cause a drop in crypto values, so they can be very problematic. In fact, Ethereum's founder has stated that he plans to entirely change the crypto's algorithm simply due to the problems caused by recent Sybil attacks.
Sybil Attacks Can Disrupt the Network with a 51% Attack
In modern times, a Sybil attack is often used to enact a 51% attack. This type of online assault involves making sure that 51% or more of the network is made up of false nodes. These nodes can then outvote all the honest nodes within the network. This sort of Sybil attack tends to cause quite a few issues with voting on operational decisions in a network.
The attack can be used to stop transactions from being confirmed, order new transactions, or even reverse transactions to cause double-spending. For example, in August 2021, Bitcoin SV underwent a 51% attack that let malicious miners double-spend coins. This caused BSV values to plunge by 4%.
A Sybil Attack Can Compromise Privacy
Nodes are responsible for handling the flow of information within a network, so any compromised node is a privacy risk. A Sybil node can be used to retrieve information about other nodes within the network. At the very least, a Sybil attack can do things like obtaining users' IP addresses to create more fake nodes.
When used on a P2P model like the Tor network, this privacy breach can be even more malicious. An attacker can use Sybil nodes to spy on data transfer and to monitor network traffic. A widespread attack from 2017–2020 used 900 servers to discover the data of hundreds of Tor users. This in turn defeated the entire purpose of Tor which was to guarantee anonymity.
Are All Blockchains Susceptible to a Sybil Attack?
As you can see, a Sybil attack can cause all sorts of problems. Just about any P2P system can be harmed by a Sybil attack. Since a blockchain is a type of decentralized P2P network, a Sybil attack can affect it.
However, this doesn't necessarily mean that all blockchains are at risk of a Sybil attack. There are plenty of ways to protect against these attacks, so only certain types of blockchain need to worry about a Sybil attack.
In some cases, a Sybil attack can be devastating. For example, the cryptocurrency Verge suffered a massive Sybil attack in 2021. The attacker managed to perform the deepest reorganization ever of a blockchain. Over 200 days' worth of transactions were deleted. In response, Bittrex had to entirely pause the Verge wallet.
There have also been instances of a Sybil attack being used to compromise blockchain privacy. Some types of crypto, like Monero, are focused on providing a private, secure method for completing transactions. In 2020, an unidentified assailant used a Sybil attack to disrupt the network and link transactions to IP addresses. Though Monero was mostly able to halt the attack, some private user information was still leaked.
While there have been many examples of a Sybil attack on smaller blockchains, it’s worth noting that big blockchains are less susceptible. For example, no attacker has managed to successfully complete a 51% attack on Bitcoin. Since the blockchain is so large, the costs of adding so many fake nodes would outweigh most benefits of an attack. Furthermore, since new blocks are added at such a rapid rate in Bitcoin, an attacker has only a very small window to make alterations.
How to Prevent a Sybil Attack
Whether a blockchain is big or small, there are still plenty of ways to prevent a Sybil attack. Though a successful Sybil attack can definitely be intimidating, it's actually fairly easy to avoid. As long as companies put a few security measures in place, they can usually halt these assaults before they happen. Here are a few of the most common ways of dealing with these attacks.
Associate Costs with Identity Creation
Many methods for blocking an attack don’t actually make it completely impossible for someone to create Sybil nodes. Instead, they work by making it inefficient to use a Sybil attack. The whole point of the attack is often to manipulate a blockchain for financial gain. If it’s very costly to create each new identity, the cost of performing a 51% attack can outweigh any potential gain.
This is one of the big reasons that blockchains like Bitcoin are rarely targeted for a Sybil attack. Users can only create a block when they can provide proof they've actually mined a coin. This requires so much processing power that miners don’t have much of a financial incentive to create a fake block.
Create a Reputation System
Since this type of attack is usually carried out by a flood of new identities, one option for reducing attacks is to create a reputation system in which different members have different power levels. Typically, those who have been in the system for a longer period of time have the ability to perform more interactions.
This sort of system can be a little more complicated to implement. It often puts a lot of responsibility in the hands of individual users. However, it can be fairly effective. Since older members who are proven to be honest nodes have more power, they can often override newer Sybil nodes. Furthermore, it discourages attacks — because most attackers will move on to an easier target, instead of taking the time to make accounts and wait for them to gain enough power to perform actions.
Validate All Identities
In cases where privacy is a concern, simply discouraging an attack is not enough. Instead, prevention methods will typically rely on actually validating each new identity.
There are multiple techniques involved with identity validation. Some blockchains use direct validation, where a central authority validates each new identity. Others use indirect validation, where already-accepted identities vouch for new identities.
Each style has its own benefits. Direct validation often relies on requiring new users to submit information such as a telephone number, IP address or even a credit card. This can be simple and fairly reliable, but it's susceptible to attack techniques like IP address spoofing.
Meanwhile, indirect validation can be a little more resistant to identity proxies, but it's more time-consuming. Something to keep in mind with any of these methods is that they often effectively require users to sacrifice anonymity for security.
Use Social Trust Graphs
A social trust graph works by carefully analyzing connectivity data among nodes. These tools closely consider activity within the blockchain, so abnormal nodes can be identified and halted.
There are several different techniques used with social trust graphs. Some use sparsity-based metrics, while other mechanisms analyze user attributes within a topological structure. The graphs then try to partition the portion of the network with Sybil nodes and keep them from altering honest nodes. There are many tools used to perform these actions, such as SybilRank, SybilLimit, and SybilGuard.
Social trust graph techniques do work well at limiting the fallout from an attack. However, they don’t completely prevent attacks from occurring. Instead, these techniques are meant to quickly identify and halt a specific Sybil attacker. They’re an effective way to prevent major issues while keeping a blockchain relatively anonymous and affordable for real users.
It’s good to keep in mind that these tools work best on more complex P2P networks. If the attackers can engineer Sybil nodes that behave like normal nodes, it’s harder for social trust graphs to catch them.
Require Personhood Validation
This Sybil prevention technique attempts to ensure that only a single identity is able to control each node. It relies on the strict validation of each created identity. Users aren’t required to provide things like their name or a credit card number. Instead, they have to pass a test that ensures that they’re a real human, and aren’t in control of other nodes.
There are many ways to do this, such as passing a CAPTCHA test or chatting with another user. A popular option is a pseudonym party, which requires users to go online at a designated time and website.
Personhood validation is a highly effective way of verifying identities without requiring users to share their real-world identities. It’s a useful way for privacy-focused blockchains to ensure that all users are controlled by individual people.
Personhood validation is particularly useful for permissionless blockchain networks, but keep in mind that implementation can take some time. It takes time to thoughtfully design a validation method that’s effective without being so strict that it frustrates real users. Furthermore, since it mostly weeds out bots, it might not catch a real person using a small-scale Sybil attack.
Add Economic Costs
An effective Sybil assault often relies on adding an extremely large number of nodes to the network. Therefore, an effective barrier can be to make each new action quite costly. This can extend far beyond just making new users pay an application fee. Some blockchain networks require users to invest in resources, or show proof of work for mining.
Adding economic costs to your blockchain has both pros and cons. As examples of past attacks have shown, making it too pricey to attack a network is an effective way to make a network Sybil-resistant.
However, this strategy can be a little risky. At a certain point, costs can get so high that they discourage legitimate users. If you become the target of an entity with a lot of funds, they may be able to simply throw money at the problem until they’ve successfully attacked your network.
The Bottom Line
Ultimately, a Sybil attack is one of the leading threats in modern blockchain technology. These online assaults can damage crypto values, steal funds and affect user privacy. Most prevention strategies simply rely on making the cost of an attack too pricey, but these methods don't guarantee security. To truly avoid the negative results of a Sybil assault, blockchain networks need to design their systems carefully and implement extra forms of user verification security.