Sybill attacks

[ryanpeach]

Found a great repo on sybill algorithms on a DAG

https://github.com/BrightID/BrightID-AntiSybil

However, how will STAMP prevent such things? Would it be part of StampNet:

• Preventing two accounts having duplicates of some credentials (like email address)
• Pruning a stamp sybill cluster periodically

etc.

If you are just sharing your identity file, someone would need a tool to verify the stamps are not a sybill attack. BrightID does this by putting everything on a blockchain that everyone has, and running their sybill algorithm on the chain periodically. That's a good approach. In a federated way though, you could set up StampNet federated nodes (maybe with activitypub) which share (or blacklist) other nodes of themselves, and identity's they've seen could be shared among them (anyone could upload anyones identity), and then you could go to such a website for "verification" of an identity.

Just some ideas.

[orthecreedence]

I've thought a LOT about sybil protection being baked into StampNet.

To be frank, I'm torn. On the one hand, being able to have some measure of inherent trust in an identity in StampNet has extreme value. On the other hand, this is a small project with no real network yet and I don't want to spend too much time building "walls" per-se before there's a need to.

My current feelings are that sybil protection is important, but might be something that's either a) built later or b) released as a separate project.

The way StampNet is being architected, people will have to either host their own identity on their own node (which advertises itself to the network) or sign up for a service that hosts it for them. This in itself reduces the surface area of attacks because if you want to host 1M ids then you have to do it yourself...you can't just flood the network and expect everyone to host your ids for you. There's obviously more that can be done, but that's a start.

Preventing two accounts having duplicates of some credentials (like email address)

I want people to be able to advertise their ids by name/email/etc. As such, any sort of arbitration on who can do this and who cannot will require both centralization and effort. Ultimately, this is what stamps are for: look up an id by email, and see which one has the most trustworthy network. Effectively, we'd distribute the trust to the person looking up the identity.

So ultimately, no, there's no plan to prevent duplicates, but rather show all the available ids for a given name/email and let those querying figure out which one is correct.

Pruning a stamp sybill cluster periodically

I touched on this a bit already, but my thinking here is eventually there'd be some kind of external mechanism which determines a sybil score. Ultimately this might be built into clients that can score sybil nodes themselves without the aid of extensive network analysis, or some sort of ongoing service that hums along all day trying to find sybil nodes and publishing a list (which is, of course, centralization but I'm really not ideologically opposed to that where it makes sense).