List of mechanisms to solve sybil attacks

proof of video meeting:
https://www.reddit.com/r/ethereum/comments/3bz8uv/facial_recognition_as_part_of_identityantisybil/
potential implementation here:

time stamped selfie:
http://barisser.com/2015/10/consensus-and-identity/

An interesting protocol to quantify the reliability of an identity issuance system. The idea is if users can create two accounts they are rewarded a specific amount “r”. So the costs of getting two accounts has to be at least “r”.

Proof of real world meeting
https://www.reddit.com/r/ethereum/comments/3hvcsa/proofofindividuality/

Another collection:

Do you know https://tlsnotary.org/ ?
You can get a proof on any https webpage with that. It can be used to prove a bank transfer as well to prove that you have a social media account or that a certain page had a certain content. You trust indirectly the webpage provider (bank, twitter,…) which should be not a big issue as you can use any https page.
There is a decentrlaized and a centralized solution (PageSigner) the latter is very userfriendly and use an oracle so there is no real trust issue. At Bitsquare we will use that for dispute cases where arbitrators can prove that a bank transfer took place (or a peer not received the money).

this can be indeed very helpful. Groups could use it as one mechanism to accept members.

There’s a list here:

http://groupcurrency.org/#AppendixA

http://barisser.com/2015/10/consensus-and-identity/

not exactly something to prevent sybils but a general concept of proofing that you as a human controls an address. The idea is the well known selfie picture hash in a blockchain but with the small twist that you write the latest block number on a piece of paper that is part of the selfie. No you submit the hash in the next block. This way you can proof that the selfie (tying your face to an key) was taken within a very short time frame.

Might be helpful for a proof of identity system.

thx fist of all for the summary of solutions!

Here are some thoughts:

  • Require some amount of currency to join the network looks promising

for example this can look like:

  • simplest way, just require to donate / pay amount X to join the network

  • more complex: pay out basic income in relation to hold, or donated (payed) money up to the basic income maximum

  • another solution: require to donate / pay amount of x to create an trust relationship (combinable with about)
    in this case like above the pay out of the basic income could in relation to the trust the person has up to the basic income maximum payout.

all three ways would also give first use-cases for the currency itself.
it could also give an incentive for the community to become active and borrow newcomers the initial money for zero interest (or interest as high as the money inflation is).

Other ideas:

  • use tools like open streatmap to mark where participants are living, so that others could easy proof their identity.
    alternative an small picture visbile on the house or post box with their user name would also be possible. this could also help to spread the awareness.

Well, I agree - but it can only be one element. If investing 10 units guarantees you an monthly income of 10 and there is no other mechanism in place to prevent Sybils than the system will obviously not work.

I also have some reservations about making a unconditional basic income conditional.

Finally - in the cirecles idea it would be a problem to agree on the currency you need to join. There could be a group of the core team/ core developers of the project - and you would need to pay this currency to join. On the one hand this is tempting as a source of income for development and spreading the world on the other hand - and this is a pretty big downside - it makes it no longer completely decentralized and could even become a big factor in slowing down adoption (if the entrance price gets too big)

you are right, the current circle concept does not have something like an reference money but maybe it would be good to combine it with an reference currency like ripple(XRP) for example did.
The reference currency could be distributed according to the trust level, as outlined above. (in short the more trust the more units of the currency you get up to an certain maximum per participant). For making trust relationships you would require to spend some of the currency itself.
This would have the benefit, that this reference currency could be used with the same easiness similar to Bitcoin or XRP, because the currency itself is independent of the issuing of an basic income.

In away the circle concept + reference currency and basic income would look like very similar to Stellar(ripple clone), but with distributing the stellar as an regular basic income and maybe an higher distribution rate then 1% like stellar has.

There is some proof of individuality concept here:

https://www.reddit.com/r/ethereum/comments/3hvcsa/proofofindividuality/
http://proofofindividuality.tk/

Hey - thanks for the link and welcome to the forum! As a German I am a little bit irritated by your username.

I’m russian, then don’t be)

Identity is established by networks which allow people to publish and form human relationships along the following lines:

  • Social Media - a publishing platform
  • Social Networks - the source of reputation developed via interpersonal relationships
  • Reputation - Nothing more than a few numbers used as a gauge which give our online profiles a “humanness” score which measures the effort we have invested into making relationships and maintaining them within the context of a specific online community. If the community has value then the numbers it bestows upon online identities also have value. Then you can use this number to gauge how the community values a specific person. It also measures the efforts we took to build up our online persona and make it of value to us. People are less likely to commit evils with identities that are of value to them due to the cost which is the loss of reputation for which they have worked to build.
  • Identity management performed by the platforms we use - HTTPS, usernames, passwords, 2 factor authentication. All of these secure our ability to log into accounts from which we build our online identities through publishing and establish our online relationships (what eventually becomes our reputation) through our interactions on the network.

Facebook, LinkedIn, Reddit, Github are platforms for publishing.

Example:

Many people who do an AMA on Reddit post a picture of themselves with a sign that says “Reddit I am ask me anything”. The picture serves as proof that the source behind the username is the genuine person. But if you never met that person and there are no pictures of them on the internet and they simply are not famous enough for anyone to know what they look like then its a pretty futile effort for them to post that single photo.

Imagine what a picture of someone holding up a sign saying “Reddit I am Satoshi Nakamoto inventor of bitcoin AMA” would actually look like. What would your gut reaction to such a sign be, how many people would react by thinking “wow now I know what Satoshi Nakamoto looks like!” Ok now imagine if the person holding up the sign was a noteworthy scientist (NS)? If you never met that person and there was no pictures of him on the internet this would mean nothing until that person took the following steps to establish his identity:

  • NS could state on his own blog that he is Satoshi Nakamoto.
  • NS could update his LinkedIn account with a picture of himself.
  • NS could use his twitter account to inform people that he is doing an AMA on Reddit.
  • Finally the most definitive proof would be that NS sends 0.001 BTC from accounts belonging to SatoshiNakamoto to a bitcoin account address of 1NoteScientistIsSatoshiNakamotoxxx.

The above four items establish NS’s identity but how do they do it? What is the one thing that all the above items have in common? They are all related to publishing across various social media platforms which results in the establishment of an online identity.

  • More publishing = more established identity
  • More relationships and participation in a community = more reputation (social capital)

If this is true the idea known as proof of individuality

http://forum.ethereum.org/discussion/comment/12827

is useful only insofar as it uses publishing to establish an online identity. The outcome of chatting with people over Skype is that something is published and that published record not the chatting itself serves to establish identity. If the Skype conversations are seen as having little to no value because they do not form meaningful relationships between participants then they would have no ability to impart value into the system at large. If the system has no value then consequently neither do the identities on the system.

Summed up in one chart:

https://www.lucidchart.com/documents/view/51393916-0a8f-4341-ab6a-4b4321a139c1

The internet is just a publishing platform. Social media is nothing more than publishing. Social networks are nothing more than online relationships. Reputation is nothing more than a measure of how valuable your interactions with people have been in the context of a specific online community.

To sum up:

Establishing an online identity relies on the relationship between social media as a publishing platform, social networks as reputation systems and social capital as the value that we have to specific online communities. So long as the communities, platforms, and networks that we belong to have value within the context of the society in which we live then publishing establishes our identity. All this has a foundation in the fact that our ability to publish is secured by encryption protocols and that our current use of usernames, passwords, and account recovery mechanisms although not perfect are good enough to allow the system to continue to work the way it does today.

~J

Hey @joshuad31 - welcome to the forum! This are very good thoughts on online identities.
I think it is a little bit easier to get Circles started since I expect that people will connect to each other mainly based on “real world” relationships.

It is also noteworthy that Cirlces does NOT solve the sybil problem in general. There WILL be sybil accounts. However - the good thing is that every single user is not (negatively) affected by sybils unless they directly “trust” a sybil or trust a group that contains sybils.

What about simultaneous solving of a captcha?
Or flipping things around so that the Sybil is creating a social good.
e.g. If you have a mesh network, the more nodes the more resilient and stable the network is.
So you can create as many nodes as you want, but each one comes at a cost and has a disproportionate benefit to the wider network.

Perhaps you could have geographically dispersed wifi nodes giving away cash at x/units a second. The rate would be based upon how geographically isolated one node is from it’s nearest neighbour and the population density of the area. Your phone would connect to these nodes (verifying their existence) as you go about your day and collect the cash, so that on average as you travel around in a week you will receive approximately the basic income from a diverse set of nodes.

Could it be one option beside others to use existing eIDs to grant entrance rights to certain circles-groups? For example in Germany:
“Ausweisapp2: Bundessoftware für die Online-Ausweisfunktion wird open source gestellt und um Entwicklermodus ergänzt- 03.07.2017”
https://github.com/Governikus/AusweisApp2

Hi everyone, this is my first message here.

The problem of proving identity/individuality is indeed a tough one.

Here-s a presentation of Vinay Gupta where he makes a good point on using insurance to cover loss in case of identity fraud. In Circles I guess the group(s) one is connected with are insurance agents for each other. https://medium.com/humanizing-the-singularity/a-blockchain-solution-for-identity-51fbcae94caa

Here-s another proposal of Fabiana Cecin https://medium.com/democratic-money/a-democratic-identification-system-60d0c430b4dd
Here are “official agents” that simply meet people to check their “paper” identities and register their publc-key identity in her “Democratic Money” system.


Cezar

1 Like

Using eIDs should be straightforward means to prove identity IF the underlying keys allow signing in other applications than government’s administration.


Here-s a proposal for using normal identity documents (id cards, passports) and notary services to legally bind a real, identifiable person to a signing public key. https://drive.google.com/file/d/0B1udbEguLYNuWGxuV0xkN1c5eDg/view?usp=sharing

1 Like

Hello

With all methods discussed here, you need to keep in mind that it must be as easy as possible to proof identity, as especially people who do not possess the ability to fill in forms or complete tasks will be the ones most reliant on a basic income. This includes for example people who are seriously ill. On a more general level this also begs the question how to reach people who don’t have an internet access, due to whatever reason.

To proof identity, I think that it will be hard to get around an official ID, issued by a government. What might be possible, is video identification (showing passport into camera), as used by some online banks, but again, loopholes and questions remain.

Two points more I would like to raise:

  1. How to make sure that people are not being abused? Vulnerable people (for example people suffering from a mental illness) could be exploited by others, who could spend their coins. What I mean is, the person in question exists, but someone else is using his/her coins.

  2. Should people need to identify every time a payment is made, or how are deaths are being accounted for? Otherwise it would be possible that someone else would get that money.

1 Like

This is my favorite at the moment: idena.io

No KYC, no web of trust, no social media profiles or biometric fotos and private information required, you just have to appear at a fixed date online and solve flips (CAPTCHAs-like puzzles made by other participants) all at the same time, to prove that you are a unique human, not a bot/ sybil account.

It comes with some downsides like people beeing able to verify two or even three identities if they are just fast enough, also human farmers (people paying people to run an identity) did show up. But in comparsion to all other projects I heard about it seems very promising, it’s addresses are also compatible with ethereum and they are going to activate VM / enable smart contracts by QT4 2021. docs.idena.io