Simulated airdrops targeted by farm accounts and Sybil attacks
Amidst the price hike, many crypto projects have seen a rise in fake farm accounts, or “sybil attacks,” named after a book about a woman with many personalities. These fake accounts create artificial network activity to claim as many tokens as possible during AirDope events, which has become highly profitable over the years.
“We recently took action by banning around 2,000 users,” the creators of the Dagen memecoin project, which is built on the Farcaster social media protocol, told X.
The Degen airdrop runs until August 1st and rewards users who create or create quality content posted on Farcaster's social channels. However, it seems that a large number of users have started posting sub-sub content just to earn airdrop points. “Combining mainly organized actions to earn tokens and posting unrelated content in augmented channels” will result in a ban, the Degen developers wrote.
The memecoin project is far from the first protocol to suffer from Sybil attacks.
On April 4, self-sustaining wallet Bitgate Wallet said it will deduct airdrop points from users who use BWB token rewards to generate artificial wallet referrals and downloads. “Ensuring fairness and honesty for all participants is our top priority, and we cannot condone any dishonest behavior that violates the event's code of conduct,” Bitgate Wallet staff wrote.
The Bitget Wallet Weather has been ongoing for the past month and will end on April 27th. Users can earn rewards by referring friends, depositing tokens, or exchanging decentralized finance (DeFi) self-sustaining wallets.
While the problem can be identified, Sybil attacks are still difficult to control.
“To make sure we don't inadvertently penalize honest users, we only deduct points from the top 50 users who illegally inflated their referral points,” Bitgate Wallet developers explained.
Earlier this year, popular DeFi developer Bantega raised concerns about Ethereum's layer-2 protocol, Starknet, and Weather. They said they went through all of Starknet's airdrops and “found 1,854 people who changed or deleted their account after the activity snapshot.” Bantag also identified an estimated 701,544 addresses suspected of duplicating or modifying GitHub accounts controlled by WeatherFarmers.
Despite such disclosure, the addresses of airdrop farmers are included in Starknet's airdrops. Shortly after its launch, Starknet temporarily surpassed its fully discounted valuation of $20 billion. The airdrop will continue until June.
In a report published last August by Gamik HQ, researchers explained that in order to deploy the Sybil attack, weather farmers “develop scripts or bots to create large numbers of fake accounts on a targeted platform” and continue to automate tasks such as “generating random usernames and so on.” Emails, filling out registration forms and even verifying accounts with CAPTCHA.
Gamic HI researchers wrote that when Sybil was attacked, “the largest share of airdropped tokens is less for real users who are more interested in using and supporting the project in the long term.” As a result, the reputation of the project is affected, the cost of supply increases, and after the event is over, prices may rise due to over-disposal by farmers.
However, the company noted several positives as a result of the attacks. “The rise of Sybil attacks has pushed blockchain projects to develop sophisticated methods to verify user identity and ensure fair airdrop distribution,” he said. “We hope this ongoing battle will lead to a stronger and more secure blockchain ecosystem in the long run.”
Related: Blockchain Data-Availability Protocol Avail Announces 600M Token Airdrop