"Arbitrum Airdrop Sybil Loophole": Proposed Measures to Address the Issue for the StarkNet Project

It will be impossible to weed out sybil attackers completely, there will always be edge cases but the main goal should be to

incentivise ‘strong on-chain’ profile over one or small number of addresses, vs ‘weak on-chain’ profile over many.

This is implicit incentivisation and can only be achieved by projects going this route, unfortunately I think ARB has emboldened sybiloors.

I have a friend who claimed DYDX, on 50 addresses and sold it all for 500k or so, the same friend just claimed ARB on 100. Currently farming the hell out of Argent wallet, but liquidity there can’t be more than $100 on average on each of these farming wallets.

I was mistaken in my assumption, that the optimal strategy would be ‘strong on-chain’ profile on one or few addresses, it turned out my friend was right to sybil (from a pure profit standpoint)
Optimism did this best, with the scaling factor, this made the optimal strategy to have a strong on chain profile

Projects should consider

Volume: unfortunately, the more liquidity/volume per address the more likely it belongs to an individual, there are limits to spreading capital.
eg: my friend with <$100 on separate argent wallets,
Large players with large pools of capital can do this but then things such as patterns can possibly be used to identify.

KYC: this is a touchy subject but its probably the best way to curb sybils

Eg: Anima: proof of personhood, or KYC without the need for projects/or counterparts to hold any identifying information themselves.

Not an expert on anima, just saying its worth exploring similar ideas

Sybil Bounty’s: this is great as you outsource a sybil hunting tasks to the community with an incentive at basically zero cost.

eg: Hop Protocol, some have complained about the HOP’s method, but there was a review process and it can be viewed on their repo, many reports were invalidated as reports accepted with clear identification.

Other meaningful activity: Such as Governance voting, which requires some attention, Public Goods Funding- Gitcoin donations,
even if ‘gamed’ for the inclusion in airdrops, its created an environment where more public goods are funded

These activities make it more likely that a person is behind just regular transactions.

I also think a criteria that is useful to add is ‘beacon chain depositors’

After filtering out the obvious centralized entities, anyone in this list has meaningfully contributed to Ethereum’s security and is ecosystem aligned in a way that is hard to sybil.

NOTE: this isn’t to neglect users, its to ‘include’ a set of specific actors likely to support node operations, it’s a targeted distribution, one that especially makes sense for zk based L2s
I go into more detail in my forum post here: [DRAFT] [Airdrop: Proposal] Ethereum Validators

1 Like