Sybil Attack Prevention Making Accounts and Markets using SFT

#1

We need to protect the network against Sybil attacks for the feature of making accounts and marketplace titles. It is my idea that instead of burning SFT we use the lockin feature where someone can lock in their SFT -> spit out an account or title market; then after some interval of blocks those SFT get unlocked and can then be used for making accounts or go towards incentives again.

4 Likes
Account creation tokens
Safex Development Update - March 18, 2019
#2

Good idea. Could the amount needed be dynamically pegged to a fiat price or market transaction volume?
1k to 10k SFT may seem reasonable now but may be way too much in the future when the SFT price is higher. The lock-in time could be some days maybe.

2 Likes
#3

I think the interval of blocks would need to be a decent period of time to prevent Sybil attacks, otherwise you could just keep recycling the same tokens to open more and more accounts. I’m concerned that if there is no ‘cost’ to creating an account, then the reputation system will be compromised. Perhaps in this case, the cost is the period of time the tokens are locked.

4 Likes
#4

Exactly! Even if it’s a month it should be ok. As long as you get it back eventually. If you really have to pay for account opening and don’t get anything back this may scare off potential users.

You could also build in a function that it unlocks after you bought/sold something.

3 Likes
#5

We will model it out, how many accounts can be created over time versus the interval and the token requirement to create the account/title market.

Furthermore, the value of reputation is to build it up, not throw your account away. It is incredibly expensive to grow reputation. Besides paying a fee in SFX and locking in SFT to make that account. It is pretty much useless.

What if I have a high value item shop that only trades with 5 star users with minimum 50 successful trades.

3 Likes
#6

I was under the impression that creating accounts and title markets burned SFT rather than locked them in, did that change or was it always intended they would just be locked in and unlocked later for reuse?

@cryptooli maybe SFT/BTC would be a good price peg. that should incorporate all fiat currencies to some degree and also account for fluctuations in the hype/depression crypto cycles when prices can get wonky.

1 Like
#7

The burn of SFT was considered first but temporarily locking the tokens is better. The supply is “only” 2 billion SFT. If you think very long term, a substantial amount of SFT would be lost via burns in the process of millions of accounts and title markets created after mass adoption.

3 Likes
#8

Good idea.

Seems it was suggested early on, so great to see this improvement to the project

5 Likes
#9

@dandabek How is the rate going to be determined for the number SFT that have to be temporarily locked to get an account or a title market? Would it be based on an exchange rate like SFT/BTC or SFT against some fiat currency? I would imagine the higher the value of SFT the lower the quantity required to access certain marketplace features like account and title market creation.

2 Likes
#10

No we do not base things on exchange rates; it is not smart.

We will base it on sybil proof ness: meaning how many accounts are created within a period of time. So as to limit how many accounts are being forged at a time.

Of course if drastic adjustments in price occur we can change the “cost” of accounts. However since Tokens lock and unlock it is not a sunken cost.

4 Likes
#11

I see. I think I understand. Couching it in terms of “sybil” makes me think you’re attempting to keep people from spamming the system by creating lots of accounts in rapid succession, and the cost of accounts will be more related to the rate of account creation rather than the raw cost in terms of dollars or btc? It sounds similar to how as the hashrate on the SFX blockchain increases, so does the difficulty and the cost of mining.

1 Like
#12

It’s not about the account creation rate but the validity of the reputation system, In a simple way, if I can get lots of account for cheap and fast, it will be easier for me manipulate my feedback and look more legit. It happens frequently on ebay for example, you cant stop the problem but limit damage

2 Likes
#13

yes you’re right it is related to flooding names out of the system; even if they are expensive we can deploy faucets that give people free accounts;

@eddie995it to your point, reputation will cost you 5% every time; also if you have a botted reputation, it will be obvious if its small transactions .I would filter you out. Not to mention it will cost 5% for every transaction you want to clear. and If you only do ones for 1$ i wouldn’t necessarily want to trade with you and see you as a risk.

I think this addresses most of exploitation:

  1. limit the number of accounts over time
  2. cost of creation of reputation (if you spend 100$ to scam me for 10$… LOL) you see reputation cost more than the scam benefit.
  3. possibility to filter out accounts with weird feedback cases
3 Likes
#14

Would people be able to see your “volume” on the marketplace like ebay with your obfuscated name on the feedback and a link to the paid item/service and related price? in that way would be somewhat doable.
what about a system that gives you trust based also on the account age?
on cs:go there is a thing called trust factor, in short, if you play a lot and people dont report you every match for cheating and you dont grief on purpose, lots of variables involved, you get an high trust factor, but if you dont play for x time you lose it because the system count the probability you sold an high trust factor account to a cheater. It’s basically social engineering, if you are closed source you can keep things secret and outsmart the attacker by not letting him know what he can and what he cant. so he cant neither figure it out what to do. but the more variables involved the more frustrating and costly becomes, not only monetary speaking.

1 Like
#15

Another example given by counter strike :slight_smile: about reports, there is a thing called overwatch to determine if a guy is cheating but the anti cheat does not kick him, let’s hypothesise that the supposed cheater is a seller and the guy reporting it a buyer. Would you give much weight to the opinion of a fresh new account(noob) accusing a professional seller with 99,6% good feedback? I dont think so. So it could be an effective way in my opinion differentiate the feedbacks by the tier of the buyer, if seasoned buyers gave me always(mostly) nice feedback but i have a wave or reds in a month by fresh new accounts. It doesn’t take a genius to understand what it happened in reality.

4 Likes