Sybil Attack

A Sybil attack exploits systems that grant power or resources based on identity count by having a single adversary create thousands or millions of fake identities. Named after the famous case study of multiple personality disorder, Sybil attacks undermine any system where one-entity-one-vote or one-entity-one-share assumptions hold. In a DAO where each address gets one vote, an attacker can create unlimited addresses and dominate governance. In airdrop distribution based on unique wallets, Sybil farmers spread activity across thousands of wallets to claim disproportionate allocations. In peer-to-peer networks, Sybil nodes can surround honest nodes, controlling their view of the network. Proof of Work systems resist Sybil attacks because each 'identity' requires computational work, creating a million miners means running a million mining rigs, which is prohibitively expensive. Proof of Stake similarly ties identity to staked capital. But systems without such costs are vulnerable. Defenses include proof of personhood (biometric or social verification that each participant is a unique human), reputation systems that tie influence to verifiable history, quadratic voting where influence grows with the square root of resources, token-weighted mechanisms where votes cost money, and graph analysis that detects suspiciously connected account clusters. Perfect Sybil resistance remains an unsolved problem in decentralized systems.