HIP: 55 title: Explicit Sybil Resistance author: @greenlucid status: Phase 1 created: 2022-07-18 conflicts with: None languages: EN
Make the registration policy reject sybils explicitly.
Make the Acceptance Criteria be explicit about sybils not being allowed. Allow challenging sybil submissions as Duplicate. A sybil is an actor that controls human accounts whose human does not represent themself.
In its current state, the Policy states the registry is sybil resistant, which is a desirable trait. But the Acceptance Criteria was not explicit about this. This has resulted in some different strategies to creating sybils, like farming, or helping family members to get in while controlling their keys.
Merge this PR to the HIP-45 compliant repo. Changes are also stated here, for completion: (but, the authoritative wording is in the PR)
- Define sybil as
actor that has direct control over registered human accounts that don’t represent them
and be explicit about 100% proof not needed.
- Add non-sybil as Acceptance Criteria.
- Add examples of sybils.
- Add sybil as Duplicate worthy challenge.
It’s not possible to prove that someone is a sybil at its core, since that would imply proving they are holding other accounts’ private keys or whatever equivalent. So, an explanation that indicates high changes of being a sybil should be enough. The most important characteristic of the registry is sybil resistance, not inclusion.
It would also be desirable to treat a sybil submission challenge as a Duplicate, because then, whoever vouched for them gets removed as well (who, is certainly malicious, unawarely or knowingly so).