Blockchain technology is a higly protected technology, but it is not perfect, and one of the attacks that can affect this type of network is the Sybil attack. This is a curious vulnerability that can seriously affect blockchain networks, allowing an attacker to have a greater presence on the network.
What is Sybil Attack?
In the world of cryptocurrencies and blockchain technologies, there are many known cyber attacks and vulnerabilities, and one of them is the Sybil attack. This is a violation of the system by an entity that controls two or more different identifiers on the network. That is, when one person controls two or more points that should belong to different people or identities.
The name Sybil Attack comes from the book “Sybil”, the work of the famous writer Flora Reta Schreiber. In this book, there is a story of Sybil Dorsett, a young woman suffering from dissociative Identity disorder (DID), a psychological disorder that causes a person to create several different identities.
This is exactly what will happen in a cyberattack of this type in a distributed network. But in this case we will be talking about nodes that seem to act independently, but are actually under the control of the same person.
In this sense, we can summarize that a Sybil attack is nothing more than when a person tries to take control of a network by creating multiple accounts, nodes, or computers that are his property. All this shows that each of its points is different from the others, so as not to arouse suspicion.
But how can this type of hack affect blockchain technology and cryptocurrencies? What steps are being taken to prevent this? Well, let’s talk about all this, and much more.
The impact of the Sybil attack on the blockchain network
Sybil’s impact on the blockchain network is primarily focused on exerting undue influence on decisions made on the network. To do this, the user creates and controls many aliases that allow him to apply this influence in practice. As a result, the attacker gains disproportionate control over network solutions.
Let’s look at an example to make it easier to see this. In networks such as Bitcoin, many decisions affecting its operation are put to the vote. Voting allows miners and those who maintain network nodes to vote for or against the proposed proposal. Now, if an attacker has created multiple IDs on the network, he will be able to vote as many times as the IDs are under his control. A situation that goes against all the rules, and puts the other participants at a disadvantage.
But not only that, the Sybil attack can also control the flow of information on the network. For example, its use in Bitcoin can be used to obtain information about the IP addresses of users who connect to the network. This is a situation that threatens the security, privacy, and anonymity of network users. It sounds incredible, but Sybil’s attack on BItcoin is able to do it. The only thing an attacker will need is to gain control of several nodes in the network and start collecting information from them for analysis, which will allow him to get all the information he needs.
The situation reaches a peak if the attacker, in addition to receiving this information, carries out active censorship. A fact that prohibits users from legally using the network at any time.
How the Sybil attack is performed
Basically, we believe that technology has enabled us to make the world a safer place. To some extent, this is true, but the technology is imperfect, and there are vectors that can disrupt all kinds of systems. In this sense, we can say that there is no absolute security. And in all this, the Sybil Attack is a good example.
For example, peer-to-peer systems (P2P). They base their work on a decentralized and distributed network. Each node in the network is managed by different identifiers scattered around the world. This fact makes their networks difficult to attack and hack in general. This resistance level is ideal for mission-critical systems and is the reason for its use in blockchain and cryptocurrencies. After all, they are secure, stable, scalable, censorship-resistant, and highly accessible.
However, what if an enemy impersonates a friend and multiplies online using false data? This is the Sybil attack, and it was first described by John R. Douceur.
Douceur’s idea is simple, and it can be summarized as follows:
A P2P system can be disrupted if most of its nodes (which should be secure and belong to different people) are actually controlled by the same person remaining in the shadows.
Depending on the P2P system, this can mean a large investment in Bitcoin, when it is necessary to purchase mining equipment to influence the network. In other systems, the costs can be almost zero. For example, those where their decisions are made by the vote of those who are part of the network. In these cases, an attacker can create thousands of fake accounts controlled by the same person and influence network decisions.
In all cases, the means or forms of attacks differ depending on the network and its operational structure.
Example of Sybil’s attack
An example of the Sybil attack can be seen in the Tor network breach. This network operates on the basis of a P2P model, in which its nodes ensure that you can use the Internet anonymously. However, it is possible that an attacker or an object of surveillance (such as the NSA) may position dozens, hundreds, or thousands of nodes as trustworthy, completely violating their security. This is because the input and output nodes will be monitored by the NSA, and thus it will be able to monitor the network traffic of all those who use these compromised nodes.
This example of an attack is more practical than theoretical. In fact, in 2014, the Tor network fell victim to one of them.
Are blockchain networks susceptible to the Sybil attack?
Yes, blockchain networks are vulnerable to this type of attack. But each network is unique in this respect. This is because each blockchain takes its own security measures to protect itself from this type of vulnerability. Remember that Sybil’s cyberattacks are not unknown at all. Against this, developers take measures to protect the network and its users.
One of the most important measures at this stage is the chain of trust. For example, in Bitcoin, the blockchain and its history are distributed among all its nodes. They all have the same ledger, and if even one of them tries to change it, it is simply rejected. So when a node starts syncing on the network, it takes data from different sources. It matches information from all of them, and if any of the nodes tries to change any data in any way, it is simply rejected, and an attempt is made to take data from another trusted node.
This method protects Bitcoin from this type of threat, which makes it very complex and exposes these malicious nodes. In fact, in 2015, such an event occurred. At the time, Chainalysis was aggressively seeking information from all nodes. The attempt was discovered by the community, and later analyzed by Gregory Maxwell, a major Bitcoin developer.
Also, networks such as Ethereum, Bitcoin Cash, Dash, and even GRIN are susceptible to this threat. Of course, each of them has its own characteristics.
Does blockchain technology have ways to prevent Sybil attacks?
Of course, Sybil attacks are a very complex type of cyberattack, but the blockchain technology has several methods to avoid them and minimize the danger to those who connect to the network through the unique identification of nodes. All in order to avoid duplication in them and thus open the door for this attack.
How to prevent this type of attack?
Sybil attacks are not something that we, as users, can handle. In fact, measures to prevent them are a matter for developers of P2P networks. Among the most commonly used measures to prevent this type of cyber threat are:
- Use validation systems and trust chains. This allows you to exclude intruders, and even disable the use of network resources for malicious purposes.
- Use consensus protocols that imply the cost of identity or access to network resources. Thus, any action performed on the network will have a corresponding cost, and it will be multiplied in proportion to the usurped individuals. While this doesn’t prevent Sybil from attacking, doing it limits her potential too much.
- Another way to prevent this type of attack is to create a reputation system. Basically, this system gives more opportunities to those users who spend more time on the network, demonstrating good behavior. That is, it turns the blockchain network into a meritocratic network, where power is transferred to the one who has the most merit. At the same time, the number of new users is decreasing. Thus, if an attacker creates hundreds or thousands of new accounts, their total capacity will never reach the level that is important for the network. This is because the system is responsible for balancing the potential of each new account to reduce it, as opposed to those with more time.