Blockchain security: How does crypto prevent Sybil attacks?

Sybil attacks are one of the most talked about threats against blockchains. For a blockchain to be truly secure, it needs a way to resist Sybil attacks.

What is a Sybil attack?

A Sybil Attack is a security threat that involves one actor (a person or group) trying to take over a network by operating multiple accounts, nodes or computers. The name ‘Sybil’ comes from a famous case study about a woman, Sybil Dorsett, with Dissociative Identity Disorder.

On social media, this can happen when one person creates multiple accounts under different online identities. Sybil Attacks can be used to hijack internet polls, with a single person swaying results by voting multiple times using different IP addresses.

In a cryptocurrency context, a Sybil Attack occurs when a single actor runs multiple masternodes, service nodes, or mining farms, to secure a disproportionately large influence over the blockchain.

Problems presented by a Sybil attack:

When a Sybil Attack has occurred, an attacker is able to out-vote honest nodes on a network, and refuse to receive or transmit blocks, which essentially prevents others from using the network.

If an attacker is able to gain control of the majority of the network’s hashrate or computing power, they would have the ability to change the ordering of transactions, prevent transactions from being confirmed, or even reverse transactions (which can lead to double spending). This is known as a 51% Attack. In the case of a Sybil attack, honest node operators wouldn't necessarily realise that one person was controlling more than half the network — because they're acting as though there are actually multiple, independent nodes.

There is no guaranteed defense against Sybil Attacks. However, the use of various consensus mechanisms can make performing such an attack impractical or extremely difficult. Whatever the solution, it needs to ensure that an attacker is unable to gain a disproportionately large degree of influence or control over the network.

Proof of Work Sybil attack protection:

Proof of Work consensus mechanisms require cryptocurrency miners to generate new blocks by solving complex computational puzzles. These puzzles generally require a significant amount of hash power to solve, which is provided by expensive crypto mining hardware.

The amount of mining hardware needed to control 51% of the network’s hash power (enabling an attack) would be exorbitantly expensive, so much so that it would not be worth the attacker’s while. Put simply, the cost to attack would exceed the potential rewards.

Proof of Stake Sybil attack protection:

Proof of Stake consensus mechanisms require masternode or service node operators to stake (lock up, or collateralise) a significant amount of cryptocurrency. This stake acts as a deterrent to Sybil Attacks. A node detected by the network conducting fraudulent or malicious activity stands to lose a part of its stake, as well as the right to participate in the future. Since the stake is higher than the potential reward, the cost to attack again exceeds the reward.

Furthermore, to take control of the entire network the attacker would need to acquire 51% of the circulating supply of cryptocurrency. The cost to do this would be so high that it is extremely unlikely any attacker could afford it.

Hybrid PoW/PoS Sybil attack protection:

Considering that both Proof of Work and Proof of Service consensus mechanisms provide different ways of defending against Sybil Attacks, combining them offers further protection. This means that an attacker needs both a lot of (extremely expensive) hash power and an extraordinary amount of cryptocurrency to stake in order to undertake an attack. This makes such an attack completely cost-ineffective.

Imagine a bank robber considering her options. The bank has a million dollars on its premises. But the cost of pulling off the heist is ten million dollars. After weighing up the pros and cons, the bank robber decides it’s just not worth the expense!

Furthermore, service nodes offer checkpointing — a feature that not only has nodes reach a consensus on the state of the ledger, but makes it impossible to change previous transactions without gaining full control of the network. This adds another extra layer of security.