Proof of Scarcity and Sybil attacks
The full article was originally published by Chris Mueller on HelloIOTA. Read the full article here.
In this article, we’ll examine proof of scarcity, using the electromagnetic spectrum as a method to protect against Sybil attacks.
Identities on P2P Networks
Since distributed ledgers were invented, different systems have been brought to light to protect the networks from attacks. The most well known and widely used of these methods is called Proof or Work (PoW), but alternatives include Proof of Stake (PoS) and Proof of Bandwith (PoB).
All of these systems have something in common: they compromise some scarce and expensive resource to protect against identity forgery on a network. This is done in a way that makes it extremely impractical to create nodes that propagate fraudulent information to mislead some portion of the legit nodes.
The term Sybil comes from Sybil Dorsett, a pseudonym of a book character written by Flora Rheta Schreibe (1973) that suffers from multiple personality disorder. A Sybil attack occurs when an attacker successfully manages to mount a set of peer-to-peer network nodes that broadcast illegitimate data, and is able to convince other nodes that this its supplying legitimate information.
Most DLTs work over a P2P network with some sort of reputational system based on identities. Decentralization is achieved through a scheme in which nodes interact and regulate themselves without need of a centralized intervention. If a node misbehaves (e.g. propagates inconsistent blocks data), others in the network will punish it by not listening to what the malicious node says for a period of time.
To Sybil attack a network you need to have the ability to create a decent amount of nodes (identities) broadcasting illegitimate data. It is fair then to say that the more difficult it is to create an identity within the network, the more difficult it will be to conduct a Sybil attack.
Proof of work (PoW) and the Coordinator (Coo)
In general we could define proof of work as a system that demands the usage of some finite/scarce/expensive resource to ensure that a request is genuine. A captcha, for instance, is a PoW consisting of your brain trying to figure out what those hieroglyphs say. The whole idea behind this type of mechanism is to avoid spam or Denial of Service (DoS) attacks. You can submit that captcha protected form as many times as you can read and input whatever the blurry image says.
In DLTs, proof of work is needed to avoid attacks such as the one described earlier. As I write this article, IOTA is safe from Sybil attacks because of the existence of a coordinator (Coo) that tells the nodes where the legitimate network is. This instance makes impractical to forge identities on the Tangle since nodes will detect attackers illegitimate nodes and blacklist them immediately.
The coordinator is temporary, analogous to the training wheels of a child earning to ride a bike. This article will discuss IOTA in its post-coordinator state which means that IOTA would be susceptible to Sybil attacks the same way Bitcoin or Ethereum are right now.