As we all know, large-scale P2P systems face the threat of problematic and opposite nodes. In order to deal with this threat, many systems use redundancy. However, if a malicious entity imitates multiple identities, it can control a large part of the system and destroy the redundant countermeasures of the system, which leads to witch attacks? " />

What is Sybil Attack?

Witch attack refers to an entity attacker attacking by manipulating or imitating multiple virtual identities on the blockchain. Witch attacks are widely known in peer-to-peer (P2P), wired and wireless network environments. In its basic way, peers representing attackers generate as many identities as possible, and behave as if they are multiple peers in the system, aiming to affect the stable behavior of the system.

Witch attack in the blockchain is essentially a distributed database that only writes but does not delete, and the network is secure and tamper proof according to the redundant data of multiple nodes. Witch attack means that a single node has multiple identities, and the redundant backup is weakened according to the majority of nodes in the control system.

For example, in the secret name voting of a blockchain project, the attacker has a high voting right in the voting based on manipulating a large number of virtual identities, so the attacker may change the real voting results, thereby changing the project direction and completing the attack purpose.

What are the consequences of witch attacks?

1. Redundancy Countermeasures for Destroying Systems

In P2P system, due to factors such as node adding and withdrawing at any time, in order to maintain network stability, the same data often needs to be backed up to multiple distributed nodes, which is called data redundancy system. If there are many nodes that do not exist, they are just fictitious identities. The data is not stored completely. As a result, in extreme cases, when the data is modified or lost, the system will be unstable if the information is not backed up and restored.

2. Conduct fraudulent voting in the process of democratic governance

For a network that competes for power with a voting model, if attackers create sufficient false identities, they can defeat the real nodes on the network with a majority of votes, which undermines fairness.

3. Influence public opinion and undermine the fairness of recommendation algorithm

According to the use of multiple false user accounts, it is possible to centralize power, influence most suggestions on social media platforms, and even control the public voice in the decentralized network. The purpose may be to do some marketing, or to get the traffic and praise of the recommended algorithm.

For example, to attack the recommendation algorithm of Tiktok and get higher rankings and more recommendations in Tiktok, it may forge some false identities to vote for application, and finally make the system's behavior error and exceed the integrity identity in the system.

4. Cause the network system to be insecure and forge transaction data to steal property

For P2P systems, if a malicious person uses a few nodes in the network to control multiple false identities, he can control a large part of the network system, control or affect a large number of normal nodes in the network, such as obtaining network control, rejecting responses, and affecting viewing. This affects the stability of the application.

In the Bezantine fault-tolerant mode, if there is a witch attack, as long as the disguised node breaks through the n/3 limit, it can control the entire network. In fact, there may be only one malicious node.

Large scale witch attacks can even constitute 51% attacks, which can change the data on the blockchain, refuse to receive or transmit blocks, make some transactions uncertain, or even reverse transactions, causing problems such as dual payment.

(For the 51% attack, please refer to what is the 51% attack in the American TV series Silicon Valley? Will the application of Web3 be adjusted by the calculation rate?)

5. The project party suffered unnecessary troubles due to wool removal

Even small-scale witch attacks, building false identities, and removing the wool of the project party for airdrop will cause great losses to the project party.

For example, on April 27, 2022, Optimism, the project party of Ethereum's two-layer expansion scheme, announced that it would conduct multiple token air drops. Many professional wool parties have made a lot of false identities to cheat. On May 24, 2021, Optimism carried out an air drop customer qualification check, deleted 17000 wizard addresses and recovered more than 14 million OPs, which were then distributed to many qualified receivers of the first batch of air drops in proportion.

Speaking of this, I believe you have a certain understanding of what is witch attack and what consequences it will lead to. In general, witch attacks are caused by identity problems. Theoretically, each identity (or node) has a unique identity that has been verified for a long time and cannot be forged, so witch attacks will not occur. This is the goal of DID (Distributed Identity). In the future, more and more honest people will have DID, which will prevent dishonest people from doing evil.