Knowledge Transfer: Characterizing the Sybil Resistance Problem

🧙 🧙‍♀️ Ideas and Open Discussion
,
2

Some further thoughts on this:

The DAO could consider a multi layered modular approach to these problems, comprising of multiple reinforcing feedback loops on multiple different time preferences.

532×530 55.8 KB

The loops on shorter time periods rely more on trustware and immediate actions. And the loops on the longer time period rely on DAO governance & take more time.

Some mechanisms that could be in these feedback loops are:

  1. New & Better Stamps (Continuous)
  2. Upala (Instant)
  3. Sybil Data marketplace (Instant)
  4. DAO Blue Team Action Squad (Daily)
  5. DAO Policy Issuance (Quarterly)
  6. A sybil DAO of DAOs that shares information across BrightID/POH (Quarterly)

A sketch of these mechanisms:

0. New&Better Stamps

Feedback speed: Continuous

There is a mountain of data on and off-chain that could help increase the personhood score of users in the system.

  • My gut says that there is a lot of opportunity with integrating POAPs if the DAO can determine which POAPs are most important
  • Carl + Lawrence have done a great job taking a look at multiple data sources in passport and using that to produce sybil-ness, presenting that at Gathering Hour on July 28th 2022.

There should be a continuous feedback loop between the data analysis team + the stamps roadmap, with the ability to add new stamps rolling out often. It should be easy for the user to know what stamps are the highest priority for them to integrate (perhaps the user could sort the stamp UI by total added personhood score).

Right now the GPC is building in new stamp integrations themselves. There is an opportunity to just publish the stamp roadmap + accept PRs from third parties that would allow us to push this development work out to the community.

1. Upala

Feedback speed: instant

Upala is a protocol that provides human uniqueness score in dollars. The score of an account represents how much it would cost to forge the account.

Sound familiar? :slight_smile:

Upala has a quite elegant mechanism where it allows anyone to “liquidate” an account for a reward equal to their personhood score.

Why is this powerful? It allows us to create a rational crypto economic incentive for attackers to claim a honeypot reward. If no one is claiming the reward, we could reasonably assume that no such attacker has been able to manufacture an identity equal to their personhood score

Project website: Upala Digital Identity - Medium

2. Sybil Data Analysis marketplace

Feedback speed: instant

This is a topic that has been discussed on the forum. What if GitcoinDAO made the data for it’s sybil attackers available publicly (within reason, in a privacy preserving manner), such that anyone could evaluate where they think attackers come from, and then get rewarded for reporting those attackors to the DAO?

Such a system would provide instant feedback to the Passport ecosystem about how attackers are abusing the system.

This is a model that has been pioneered in other domains by Numerai.

3. DAO Blue Team Action Squad

Feedback speed: Daily

Perhaps the GitcoinDAO FDD or Data science group could continuously monitor the data in Passport during Grants rounds, and propose daily squelches to some sort of governance mechanism. (Perhaps the DAO has a rotating steward slot that is the Sybil Resistance Steward who sits in this role for a quarter at a time, and they are responsible for approving these recommendations). Governance could then verify that those recommendations are legitimate.

If the DAO is successful in decentralizing, the DAO Blue Team Action Squad will not be needed any longer. Over time the DAO Blue Team Action Squad will become part of the sybil data marketplace.

4. DAO Policy Issuance

Feedback speed: Quarterly

Perhaps the GitcoinDAO FDD or Data science group be in charge of issuing an algorithmic score for how personhood scores are computed.

A policy could be as simple as follows

PS = CF = Weight(twitter) + weight(POH) + weight(POAP1) + weight(POAP2) and so on.

Perhaps there could be more complicated logic where certain stamps compound one exponentially. Or perhaps a squelch list could be built in to a scoring policy that dApps could subscribe to (as opposed to computing in memory in the dApp), so that the DAO Blue Team Action Squad’s actions have teeth.

By doing this on a quarterly basis, the DAO can enter into a loop where it

  1. Observes the attackers
  2. Learns their patterns
  3. Recommends policy to governance
  4. Governance approves
  5. Updates the official GitcoinDAO algorithm

Over time, this system would create algorithmic policies that cover many different permutations of sybil attackers.

5. A sybil DAO of DAOs that shares information across BrightID/POH (Quarterly)

Feedback speed: Quarterly

As Gitcoin Passport aggregates more and more data from DeSoc, it will naturally become a information marketplace for the latest trends in sybil resistence.

If Gitcoin wants to be a good neighbor to the systems it integrate switch, it could find a way to report sybil attackors back to BrightID, POH, and any other ecosystem that is integrated with it. Such a data interchange would make the whole ecosystem stronger.

6 Likes