No new notifications
More
Rise/fall colour
Start-End Time of the Change
- Topic
139k posts
84k posts
69k posts
60k posts
57k posts
50k posts
46k posts
46k posts
45k posts
- 10#比特币#
45k posts
- Pin
- 🔥 Here Comes Gate.io 2024 Year-End Community Gala Official Selection!
🏆 Vote for your favorite Streamers and Content Creators to the Top
🎁 Fancy exclusive merch, MacBook Air and more surprising rewards await
👉 Vote Now: https://www.gate.io/activities/annualceremony?now_period=1
Details: https://www.gate.io/announcements/article/42065
- 📢 #GateOpinionQuest# for #72# is online! DYOR on Sonic SVM (SONIC), share your opinion on Gate Post, grab a $100 GT prize pool!
💰 Select 5 high-quality posters, win a $20 reward in $GT each easily!
👉 How to Participate:
1.Research $SONIC and share your opinion on Gate Post.
2.Include $SONIC Spot trading link: https://www.gate.io/trade/SONIC_USDT and note $SONIC listing time: 2025/1/7 12:00 (UTC)
3.Promote $SONIC Startup Free Airdrop, join to share 719,943 $SONIC free of charge: https://www.gate.io/announcements/article/42300
Suggested Content Themes:
🔹 What are the main functions of $SONIC
- 🎉 Discover Gate.io Rewards Hub – Your Path to $5,000!
🔥 Take on Exciting Tasks and Watch Your Rewards Grow.
➡️ Start Now: https://www.gate.io/rewards_hub
Details: https://www.gate.io/announcements/article/33724
- 📣 #GT# Continues to Break New Highs!
⚡️ Prediction Frenzy Ends Today – Win $10,000 #GT# Grand Prize
⏰ Don't miss it. Seize the last prediction chance. The grand prize is near: https://www.gate.io/activities/price-prediction/?now_period=5
📊 The top 500 nearest to today's closing price in the last two rounds can get a $50 #GT# reward!
The Daily Double-Round Price Prediction is About to End. Learn more: https://www.gate.io/announcements/article/42097
- 📣 New Year, New Beginnings!
💎 #Trading Fair# Celebration with a $21,000 Reward Feast!
🍬 Smash Golden Eggs for the New Year, Overflowing with Good Luck: https://www.gate.io/activities/new-trading-fair?now_period=32
» Complete simple tasks to earn smashing chances and enjoy endless rewards
» Get up to 20 chances to smash golden eggs daily
More: https://www.gate.io/announcements/article/42226
Gitcoin COO: How to Build a "Web3 Anti-Making" System
This article is from: Gitcoin
Original Author: Gitcoin Chief Operating Officer; Kyle Weiss
Translator: Odaily Planet Daily Azuma
Sybil attacks (commonly known in the airdrop industry as "hair-pulling") are a very serious problem, which destroys the trust and integrity of the decentralized network.
The decentralized mechanism operates on a "unique identity assumption" - each participant has an independent identity on the network and has an equal voice between different identities - however, when a single user is created through a Sybil attack This assumption no longer holds when multiple false identities are assumed and the system is manipulated.
Through sybil attacks, a user can create multiple fake addresses, and then get airdrop rewards far exceeding that of a single address. This behavior distorts the distribution of rewards and undermines the original airdrop program, which is supposed to incentivize real users.
Gitcoin's secondary matching mechanism and voting mechanism also rely on the above "unique identity assumption" to operate. If Sybil attacks are not resisted, votes and funds may be distributed disproportionately to those unexpected false identities, thus The votes and funding that quality participants would have received were cut.
This article introduces a brand new concept and strategy - "Cost of Forgery". This concept takes into account the cost, time, and effort required by an attacker to create a false identity. By implementing this concept, the cost of the attacker can be amplified and the cost of normal users can be kept low. In this way, projects can use this concept to limit Sybil attacks.
Where is the key to breaking the game?
The types of sybil attacks are very complex. The initiators may be "scientists", criminal organizations or even a nation-state, and the motives may be profit, entertainment or pure malice. These adversaries may try vastly different attack tactics, such as identity theft, IP manipulation, botnets, social engineering attacks, coercion and collusion, etc. Tactics to deter these attacks vary. What we need is a comprehensive, anti-fragile method of defense.
One of the most important things in my opinion is the need to "make attacking more expensive than defending", meaning that the cost of a successful attack on a system should be higher than the cost of an effective defense against such an attack. By economically disincentivizing attackers, systems can become more resilient to Sybil attacks, as well as other types of fraud.
The balance between "security, efficiency, and scalability"
Sybil-resistant consensus requires each identity to be independent and unique. Currently, there are some protocols that achieve self-sovereignty (creating and controlling identities without the involvement of a centralized third party) and privacy (acquiring and utilizing identities without revealing personal information) The resistance to Sybil attacks, these three dimensions (resisting Sybil attacks, protecting self-sovereignty, and protecting privacy) are exactly the trilemma faced by decentralized identities.
In order to solve the Sybil attack challenge and establish a reliable identification system, the balance between security, efficiency, and scalability needs to be considered when building a Sybil attack defense system. Although higher security can achieve better resistance, it will limit the efficiency and scalability of the system, and conversely prioritizing efficiency and scalability may also lead to weaker resistance. Therefore, whether in Finding the optimal balance between these different factors is critical to being able to build a Sybil-resistant decentralized identity system. This is why there is no single answer to the problem of Sybil attacks, but multiple approaches.
Gitcoin Passport initiative
In Gitcoin Passport, an on-chain identity credential system developed by Gitcoin, the team uses two mechanisms to assess a user's independent identity: Gradual Unique Humanity Verification and Boolean Unique Humanity Verification. These mechanisms will assign weights to users' various behavioral achievements (such as whether they have verified Twitter or Google accounts, whether they hold GTC or ETH, whether they have participated in Gitcoin Grants), and then "Passport" calculates the holder's composite score. Scores can determine whether Passport holders can unlock certain rights, features or other benefits. For example, in order to activate secondary matching qualifications in the last round of Gitcoin Grants Beta Round, donors must have a composite score of at least 15 or higher.
In the next phase of development, the Gitcoin Passport team is exploring the concept of "fake costs" as another mechanism to help projects design their Sybil defenses. “Cost of Fraud”; provides some design choices, such as utilizing easy-to-understand metrics to securely distribute airdrops.
How to implement the concept of "counterfeit cost"
The "cost of forgery" concept is essentially a strategy to make it more expensive for an attacker to forge identities. The key point is to compare the resources, time and effort required to forge identities with the cost of implementing defenses. By increasing the cost of counterfeiting, attackers are less likely to engage in fraudulent behavior, increasing the security of the system.
If the main strategy of "counterfeiting costs" is to drive up the cost of attackers while keeping the cost of ordinary users low, then what we need to do is to create a system that is more expensive to attack than to defend. Here are the four main approaches to building Sybil resistance today:
Verification based on government-issued identification (driver's license, passport, ID card, etc.);
Verification based on biometric information (face scan, fingerprint or retinal scan, etc.);
In-person (conference, party, etc.) verification;
Authentication based on social/trust network (Web2 account, Web3 account, NFT, ENS, etc.).
In future versions of Gitcoin Passport, we will classify and verify different behaviors according to these four methods to ensure that multiple mechanisms are in place, because no single solution can completely prevent Sybil attacks, and using multiple mechanisms can make the system more efficient. Resistant to different types of attacks.
Potential Drawbacks
While the "cost of counterfeiting" concept can be effective, if the total cost of counterfeiting in the system equals the amount of money in the system, it could make it so that only wealthy individuals have access to identity. This presents a potential challenge that may inevitably lead to a "magnanimous" outcome, so those verification mechanisms that require less capital need to be prioritized. Financial status should not affect the acquisition of identity.
Suggestions to the project party
Any plan to resist sybil attacks can be cracked at a certain cost, so the project party needs to focus on determining the acceptable degree of fraud; individuals should be able to obtain anti-sybil certification more effectively through appropriate channels, rather than in the gray or Purchase on the black market; although the cost of counterfeiting needs to be designed at a higher level, attention should also be paid to maintaining a balance so as not to cause real users to complete verification.
It’s worth noting that Sybil-resistant identity systems are still vulnerable to collusion attacks (such as bribery). For an ideal system, TCB (Total Cost of Bribery) and TCF (Total Cost of Fraud) must be greater than the number of rewards available to citizens within the system. While cost-based metrics are essential in combating counterfeiting, they are not always the most effective way to prevent counterfeiting, and attackers may still be willing to incur some cost if the potential non-financial benefits outweigh the costs . For example, a counterparty who wants to promote its own project may be willing to spend time and resources creating multiple fake identities, even if the cost of counterfeiting is quite high. In addition, an opponent with a huge financial resource advantage may also be willing to bear high costs in order to obtain valuable benefits or privileges.
Luckily, there are other mechanisms that can help us mitigate these attacks, and Gitcoin has realized that multiple solutions are the only way to maintain an advantage in the battle against attackers.
Collusion
The "cost of counterfeiting" concept provides the community with a more granular and intuitive approach to designing the security, efficiency, and scalability of Sybil resistance systems.
We'd love to gather more relevant feedback from the community. If you are using Gitcoin Passport in your Dapps or planning to integrate it, please let us know how the overall score compares to the cost of counterfeiting. Finally, I would like to add that as technology advances, the mechanism of some people's identification (such as the reverse Turing test) has become more vulnerable to artificial intelligence, which may also have a negative impact on the method and design of "cost of counterfeiting". Tremendous influence.