Digital assets platform CoinList recently explained how it fights Sybil Attacks.
Since CoinList’s inception, their team has reportedly “removed approximately 2.4 million bots and fraudulent accounts from our platform.”
For any business, removing accounts of this nature would “have negative impacts on revenue, as sybils are great for pumping numbers and boosting profits,” the CoinList team noted.
But this is not the type of business CoinList aim to run. Their goal is to be here “for the long run and onboard real, high-quality users to interact with the builders we support.”
In a detailed blog post, CoinList has explained what a sybil attack is, their process of offboarding sybils, sybil case studies, and what they claim to have “achieved by offboarding these 2.4 million accounts.”
A sybil attack is a security threat in which “a single malicious actor creates multiple fake identities to try to gain disproportionate influence in a network.”
The actor often achieves this by creating numerous accounts or wallets “that appear to belong to different individuals or by purchasing real people’s identities.”
In the context of token launches via airdrops and fixed priced sales, sybils can “distort the allocation of resources and rewards, and manipulate token voting.”
Sybils take up valuable spots “in token launches, preventing legitimate users from engaging and contributing.”
At CoinList, they aim to “prioritize comprehensive sybil prevention to ensure the integrity and fairness of our platform.”
While many on-chain platforms and airdrops rely solely on on-chain data to mitigate sybil attacks, their approach is “more robust.”
They verify the legitimacy of devices and browsers, “analyze IP addresses, screen for bot-like and unusual activities, assess email addresses for legitimacy, and ensure each participant is a unique and verified individual.”
Sybils are often able to “exploit on-chain airdrops by faking transaction activities and ceasing connection with other wallets they controlled.”
CoinList users must pass additional verification steps “to ensure account security, and even a single suspicious action may result in the loss of their account.”
All accounts flagged for review are “asked to re-verify their identities with a simple selfie and ID process.”
Re-verifications may also be “requested for regulatory reasons.”
For more details on this update, check here.