NFT’s, the Metaverse, and Play to Earn (P2E) gaming are the newest blockchain buzzwords to be bounced around in blogs, forums, Discord, Twitter & social platforms, establishing a solid position in the future of blockchain. Important to note, as new and as exciting as these initiatives are, they are all subject to the current problems which are experienced in other areas of blockchain today.
One of these challenging issues are known as sybil attacks. What is a Sybil attack? A Sybil attack is when a user leverages multiple Web3 wallets and social media accounts to gain multiple positions with an unfair advantage of systems within the crypto space. There are many examples of this, but the most typical ones we see are:
- Bot accounts spamming Discords, Telegrams, and Twitter with scam phishing links or fake NFT collections that drain a user's wallet if they interact with the NFT’s or attempt to sell them
- Bot accounts/multiple Web3 wallets are used to secure several whitelist spots for NFT presale drops or even buy out the lion's share of the public sale mints as soon as NFT goes live. This leaves members of the community either entirely excluded from participating or left disappointed with worthless JPEGs since the attacker can just dump their entire NFT supply, plummeting the price.
- Bot accounts/multiple Web3 Wallets are used to game potential airdrops or other rewards by securing a large percentages, diluting the value for those left holding their bags when the bad actor sells off all their rewarded tokens as their core objective is to game the system.
What do these Sybil attacks have in common?
Sybil attacks are avoidable! There are several centralized and decentralized Identity Solutions for Web3 users, each with pros and cons. Some of them require users to KYC (Know Your Customer), which is opposed by many blockchain users, due to the level of privacy they must sacrifice. This entails providing sensitive information such as driver's license photos, addresses, etc without any understanding on how that information will be secured. This allows entities to track your wallet and, in some circumstances, sell your data to third parties. In worst-case scenarios, hackers can access a user database and then sell your data on the black market to other hackers. These are the same types of people we are trying to weed out by implementing Digital Identity solutions in the first place.
Other solutions are decentralized but require a more intrusive method of authenticating, such as going to a physical location to get your eyeballs scanned.
Governor DAO has implemented a non-invasive solution using ‘Say-Tec’ technology from the biometrics company Finnovant. When users access the Proof of Existence portal, they connect their Web3 wallet. Their biometric data is processed into an irreversible and non-replicable hash, ensuring that your data is safe and used only for its intended purpose: to secure an on-chain Proof of Existence Token.
Why is this important? Users do not have to surrender their personal information, they remain anonymous, and yet they are verified as using a single unique Web3 wallet. That verification allows protocols, companies, NFT mints, Metaverses, and Play-to-Earn games to protect its users and reward them in the fight against Sybil attacks. A person is established as a single entity on-chain with one wallet and one identity.
So what possible Sybil attacks could occur within the Metaverse and Play-To-Earn Gaming?
Reward Farming
In play-to-earn games, there are tasks with capped rewards that players can engage in to reap a reward tied to real-world value. A Sybil attack within P2E and Metaverse environments includes using multiple accounts/wallets to harvest or complete tasks to receive more rewards unfairly. This typically means smaller rewards for others and a dilution of rewards value when the attacker cashes them in. For example there could be 5 NFT’s to harvest, 10 players, 5 unique, and 1 player with 5 wallets, the odds are highly favoured on the person with 5 wallets securing the majority of those available NFT’s.
Phishing Scams
Some of these games have anti-bot mechanisms in play, but savvy users easily surpass them. Once a bad actor or bot gets inside the game or Metaverse, they can wreak havoc in a multitude of ways. One such way is for them to earn the trust of another player and gain access to their wallets seed phrase by using phishing links which can be innocently clicked on. Another way a hacker could scam someone in-game is to determine their victims Web3 wallet address, and then airdrop them with a dusting attack. This could be in the form of fake crypto or fake NFT’s, and when the user interacts with either, the transaction grants the hacker access to the users wallet and subsequently they drain all of the victims funds.
What are some of the potential benefits of Sybil resistance/Proof of Existence within the Metaverse and P2E gaming?
Verifiably Player 1
By associating one wallet to one user using Governor DAO’s Proof of Existence technology, a project guarantees players in-game are human. This results in that player 1 always = player 1, not player 1 = player 1, player 234, and player 3490 at the same time. A strategy used on Twitter is to verify a user with a blue checkmark next to their username, Proof of Existence technology would work in the same way.
Gating Mechanisms
There is flexibility in-game for which non-authenticated players could still participate if the creator sets it up that way; however, specific areas within the Metaverse or game could be gated for Proof of Existence verified wallets/players only. Exclusive access as a VIP or high-ranking player with a confirmed human verification. The gating mechanism could be used in a restricted area like a virtual strip club or combat arena that includes graphic violence, or for users who want to post other types of NSFW content. It could also help prevent potential luring of vulnerable players, vulgar language, and other inappropriate conduct in the game. Being tied to one account/wallet with biometrics means that the player in violation of the rules could be issued a soft or hard ban, allowing each Metaverse, world, or game to protect their users from bad actors in their own chosen way. Without sybil resistance solutions, rogue actors will continue to contaminate a friendly Metaverse with multiple wallets. If they are banned on one wallet, they can easily return on a 2nd to commit more sybil attacks. Therefore, sybil resistance technology will play a key role in building out a healthy, secure and democratic virtual landscape.
Governance
This Proof of Existence Sybil resistance technology could also be used in-game for governance - allowing verified users to cast one vote for any proposals or road map items the game creator requires feedback on. Proposals like changing a quest, creating a new character set, inviting an influencer or famous musician to come and perform at an event. All these initiatives will be part of the buildout in the not-so-distant future. Access to unique portals into secret areas with special items would incentivize and reward verified users who want to play the game fairly and democratically.
Where can we go to help join the fight for Sybil resistance?
A verifiably human whitelist will make the metaverse and play-to-earn gaming safer, more enjoyable, more democratic, and more profitable for everyone. By signing up for the Proof of Existence ERC-20 token, you can be part of the fight for Sybil resistance, with all sorts of rewards and incentives for doing so. Sign up while it's still free!
Sign up here to join the fight for sybil resistance.
Learn more on Proof of Existence here
