ShieldLabs
Back to blog

How to prevent Sybil attacks: catching one actor behind many identities

A Sybil attack: one actor behind many fake identities that look like separate participants but trace back to a single source

Last updated on July 13, 2026 · 10 min read

A Sybil attack is what happens when one actor convinces a system that it is a crowd. By creating and controlling many fake identities at once, a single entity can outvote a poll, claim a reward many times over, or seize enough of a network to bend it. The whole attack rests on one economic fact: if making a new identity is cheap, making a thousand of them is cheap too. I measured how many "independent" wallets in a reward campaign actually traced back to one device once, and it was never close to as many distinct people as the wallet count suggested. This guide explains what a Sybil attack is, the forms it takes from blockchain consensus to airdrop farming, how each layer is defended, and how to catch the application-layer version that targets signups and reward claims.

Key takeaways

  • A Sybil attack is a single entity creating many fake identities, accounts, or nodes to gain influence it could never have as one participant.
  • The name comes from a 1973 book about a woman with multiple identities; the attack was formalized in a 2002 research paper by John Douceur.
  • It works wherever identities are cheap to create and influence is counted per identity, so a thousand fake voters outweigh a hundred real ones.
  • There are two layers to it. Protocol-level Sybil attacks target a network's consensus and are held off by economic cost (Proof-of-Work, Proof-of-Stake). Application-level Sybil attacks farm rewards, votes, and signups at the frontend, and are held off by identity and device signals.
  • The common thread of the application-layer defenses is linkage: the fake identities differ on the surface, but the device and connection behind them often do not.

What is a Sybil attack?

A Sybil attack is a security threat in which one actor subverts a system by creating and operating a large number of fake identities, sometimes called Sybil identities, all at the same time. Because many systems grant influence per identity, one vote per account, one reward per wallet, one node per peer, an attacker who controls hundreds of identities gains hundreds of times the influence they are entitled to. They can outvote honest participants, claim a disproportionate share of a distribution, or take enough of a network to disrupt it.

The name has an unusual origin. It comes from the 1973 book Sybil, about a woman diagnosed with a dissociative identity disorder, and the term was coined at Microsoft Research, where John Douceur formalized the problem in The Sybil Attack, published at the 2002 International Workshop on Peer-to-Peer Systems (IPTPS). His conclusion was blunt and still holds: without a trusted authority to vouch for identities, a system has no reliable way to tell whether two identities belong to two people or to one actor wearing two masks. Everything built since is an attempt to work around that.

How a Sybil attack works

The mechanics are simple, which is what makes the attack durable. In a peer-to-peer system, a participant's influence is tied to its identity, and if creating an identity is cheap or unverified, one machine can spin up hundreds or thousands of them, a threat later extended to wireless sensor networks in research published at IPSN 2004. The attacker does not need to compromise anything; they just register, again and again, until their crowd of fake identities is large enough to swing whatever the system counts.

From there the fake identities are put to work in a few recognizable ways:

  • Consensus manipulation. In a blockchain, controlling a majority of nodes lets an attacker rewrite recent history or double-spend, the heart of a 51% attack.
  • Outvoting and governance capture. In a DAO or any one-identity-one-vote system, enough fake identities decide the outcome.
  • Reward and airdrop farming. One person operating hundreds of wallets claims a token distribution or referral reward many times over, taking a share meant for many real users.
  • Network isolation and de-anonymization. Surrounding an honest node with malicious ones, or running a large share of a privacy network's relays, lets an attacker censor or trace traffic.

Protocol-level vs application-level Sybil attacks

The distinction that matters most for defending against Sybil attacks is the layer they happen on, because each layer is defended completely differently.

A protocol-level Sybil attack targets the machinery of a decentralized network itself: the consensus among nodes, the relays in a privacy network, the validators on a chain. This is the layer where a 51% attack lives. It is defended by making each identity expensive, which is exactly what Proof-of-Work and Proof-of-Stake do, and it is the responsibility of the protocol, not of any single website.

An application-level Sybil attack targets what people actually touch: the airdrop claim page, the signup form, the faucet, the governance snapshot taken through a web frontend, the referral program. Here the "identities" are wallets and accounts created through a browser, and influence is one claim or one vote each. This layer is not defended by consensus economics; it is defended by asking whether the hundreds of wallets lining up for a reward are really hundreds of people. That is an identity question, and it is the layer where reading the device and connection behind each claim does the work.

The 2023 Arbitrum airdrop became a prominent case: the project applied anti-Sybil criteria to screen out clusters of farmed wallets before tokens were distributed, a cleanup that happens at the identity layer, not the consensus one. Most teams running a token launch, a reward program, or an open signup flow are fighting this application-level version, even though most of what is written about Sybil attacks describes the protocol-level one.

How Sybil attacks are prevented

There is no single fix, because the core problem, telling one actor from many, has no perfect solution. In practice, defenses stack several partial answers, each raising the cost or exposing the link:

DefenseHow it resists SybilsWhere it fits
Economic cost (PoW, PoS, staking, fees)Makes each identity expensive to create or runProtocol and consensus layer
Identity and personhood validationTies an identity to a real person, through documents or proof-of-personhood systemsHigh-assurance signup, KYC, Web3
Social-graph / web-of-trustTrusts new identities only through existing trusted onesCommunities, reputation systems
Reputation and behavior analysisFlags identities that act alike or lack genuine historyLong-lived accounts and nodes
Device and network signalsLinks many "separate" identities back to one sourceApplication frontend (signups, claims, votes)

The economic and personhood defenses sit at the protocol and identity layers. At the application frontend, where most reward and signup abuse happens, the practical question is linkage: the wallets and accounts are designed to look unrelated, but the machine and the connection creating them frequently are not. That is the same one-actor-many-identities shape behind ordinary multi-accounting, with wallets standing in for accounts.

Preventing application-level Sybil attacks with ShieldLabs

ShieldLabs reads the web and device layer where the fake identities are actually created, the browser session behind each wallet creation, airdrop claim, or signup. It derives a device identifier that survives cleared cookies and rotated IPs, so a hundred "separate" wallets claiming a drop from one machine collapse back to the single source driving them, and it flags the anonymity signals farmers lean on, such as VPNs, proxies, datacenters, and anti-detect browsers used to make one device look like many. Each session gets a risk score from 0 to 100 with the signals named, delivered through the API and webhooks, so your team decides by its own rules whether a claim is one of many from a single actor.

We implemented this read at the claim page itself, where a wave of wallet creations dressed up as separate participants folded back onto one device identifier that survived erased cookies and swapped IPs. Screening at that identity layer is what the Arbitrum airdrop applied in 2023 to filter clusters of farmed wallets before distribution, a different job from the protocol layer, where a 51 percent attack is priced out by Proof-of-Work and Proof-of-Stake instead.

The honest boundary matters here. ShieldLabs covers the application frontend, the part attackers reach through a browser; the protocol-level defenses, Proof-of-Work and Proof-of-Stake resistance, on-chain wallet-graph analysis, and consensus security, are the chain's own layer. The two are complementary: the chain makes nodes expensive, and the frontend read links the wallets that a person spins up to game a claim. It is a supporting signal weighed into your own decision, and the same approach runs on the Sybil attack prevention page.

Sources

  1. John R. Douceur: The Sybil Attack (IPTPS 2002)
  2. Wikipedia: Sybil attack
  3. J. Newsome, E. Shi, D. Song, A. Perrig: The Sybil Attack in Sensor Networks (IPSN 2004)
  4. Ethereum.org: Proof-of-stake (PoS) and Sybil resistance
  5. Wikipedia: Double-spending (51% attack)

Frequently asked questions

Why is it called a Sybil attack?
The name comes from the 1973 book Sybil, about a woman diagnosed with dissociative identity disorder, a single person with many identities. The term was coined at Microsoft Research and formalized in John Douceur's 2002 paper The Sybil Attack, which argued that without a trusted authority to vouch for identities, a network cannot reliably tell whether two identities are two people or one actor wearing two masks. The book's many-identities-in-one image fit the attack exactly.
What is a Sybil attack in crypto?
In crypto, a Sybil attack is one entity creating many fake nodes or wallets to gain disproportionate influence over a network. At the protocol level that can mean controlling enough nodes to threaten consensus, the basis of a 51% attack. At the application level it usually means operating hundreds of wallets to farm an airdrop or governance vote, claiming a share meant for many real users. Proof-of-Work and Proof-of-Stake defend the protocol layer by making identities expensive; the wallet-farming layer is an identity problem.
What is a Sybil attack in an airdrop?
A Sybil attack on an airdrop is one person operating many wallets to claim a token distribution multiple times, taking rewards intended for a wide base of real users. The wallets are made to look like separate participants, each with just enough activity to qualify, but they are driven by one actor. Projects fight it with post-distribution wallet-cluster analysis on-chain and, at the claim page itself, by linking the device and connection behind the wallets so a single source operating many of them is visible.
How are Sybil attacks prevented?
There is no perfect prevention, so defenses are layered. Economic costs (Proof-of-Work, Proof-of-Stake, staking, and fees) make identities expensive at the protocol level. Identity or personhood validation ties an identity to a real person. Social-graph models trust new identities only through existing trusted ones. Reputation and behavior analysis flags identities that act alike. And at the application frontend, device and network signals link many separate identities back to one source. Most real defenses combine several of these.
Does ShieldLabs prevent Sybil attacks?
ShieldLabs addresses the application-level form, where wallets and accounts are created through a browser to farm rewards, votes, or signups. It links the device behind each claim across attempts, so many separate wallets from one machine collapse to a single actor, and it flags masked connections like VPNs, proxies, and anti-detect browsers. It returns a risk score with the signals named through an API, leaving the decision to you. Protocol-level Sybil resistance and on-chain analysis are the chain's layer; ShieldLabs covers the frontend, and the free tier includes your first 5,000 identifications.

Related articles