Sybil Attack

Sybil attack is the strategy of undermining a reputation system by creating a large number of fake identities that collude to manufacture artificial trust, influence, or authority. Named after the protagonist of Sybil, a 1973 novel about a woman with multiple personality disorder, the term captures the core vulnerability of any system that equates identity with credibility: if identities are cheap to create, reputation is cheap to fake.

The attack is devastating precisely because it exploits the design assumption that makes reputation systems scalable. A system that requires personal acquaintance for every trust judgment cannot grow beyond Dunbar-sized communities. A system that permits trust by proxy — through network propagation, institutional endorsement, or algorithmic summary — opens the door to Sybil attacks the moment identity creation becomes cheaper than genuine reputation accumulation. The history of peer-to-peer networks, online marketplaces, and social media is a continuous arms race between Sybil attackers and the detection mechanisms designed to stop them.

The defense landscape includes identity verification (making identities expensive), graph analysis (detecting statistically anomalous endorsement clusters), and economic deterrence (requiring proof-of-work or stake to participate). None of these is fully satisfactory. Identity verification sacrifices anonymity; graph analysis fails against patient adversaries who build organic-looking networks over time; economic deterrence excludes the poor. The Sybil attack is not a bug to be patched but a structural feature of open reputation systems — a tension between inclusivity and integrity that has no definitive resolution, only regime-dependent tradeoffs.