Defeating the Sybil Attack

in Hive Gaming8 months ago (edited)


So I've been thinking more on how WEB3 games should be created and what kind of templates we should be using... and honestly it's going to be a tough nut to crack. We've been unknowingly taking so many shortcuts with the centralized client/server model that even rewiring our thought patterns to address the problem becomes difficult. It's going to take quite some time before this ice gets broken.

For example how does one stop cheating in a first-person-shooter? When someone uses an aimbot, their client is tricking the server into believing that every shot fired is an automatic headshot. It's up to the server to run countermeasures to stop this from happening. Other cheats that are more difficult to detect would be maphacks or the ability to see through walls. Again, it is expected that the centralized agent will come up with a solution to these problems... but what happens when this mythical centralized agent doesn't exist within a decentralized ecosystem? What then? The entire game changes.


Who remembers SOJ?

Stones of Jordan are a ring from Diablo 2 which became one of the most coveted items in the game. At one point they essentially became a fungible currency used to trade value among players. This is quite possibly the first significant example of an "NFT" that became a fungible currency within a community. Funny considering SOJs are a super rare "unique" item. How did so many exist that they were used to transfer raw value between players?

Farming SOJ the legit way.

Just like every other RPG out there: gold is largely worthless. It's kind of pathetic actually, and crypto needs to find a way to make in-game gold valuable where all else have failed. In any case in D2 you could 'gamble' your gold away in exchange for a random item. In some cases that item would roll into a unique, and in some cases that unique would be a stone of jordan.

D2 programming prevented the same "unique" item dropping for a player that already had one. So what people did was transfer all their gold to an alt that didn't have an SOJ. Then they'd make sure that alt also had all the other unique rings (that were crap and nobody wanted). After this was accomplished, anytime a gambled ring rolled unique it was guaranteed to be an SOJ because all the other uniques were already in the player inventory. When an SOJ was found it was transferred to another account so they could continue finding more. Gamers doing gamer things.


One of the most classic hacks when dealing with RPGs and a client/server model was the classic duplication hack. Many of these hacks were discovered completely by accident. Somehow this problem just keeps popping up again over and over again across all kinds of games. Minecraft comes to mind.

At one point something about the minecart moving on top of a rail in combination with a coral fan broke the game and made it think the TNT was in 2 places at once.

Essentially something happens on the client side that makes the server think that a single item is in two places at once. The game believes that both of these items are separate entities rather than the same one, and thus the dupe is born. It's actually quite incredible how often this problem pops up, and I'm happy to report that this will almost certainly not be a problem in crypto.

Imagine is duping was a problem with crypto.

We have a name for that: it's called a double-spend attack. The issue has been solved a thousand times over as it is regarded as one of the main threat vectors of any currency (including fiat). We call it counterfeiting, and crypto does an amazing job at eliminating the threat. In fact crypto eliminates the counterfeiting threat vector better than any other asset known to humanity. An impressive feat to be sure.


Even if dupe hacks do become a problem with WEB3 the problem will be identified and fixed instantly simply due to the incentives in play. In WEB3, the entire community can see everything. Anyone can run a node and see everything that happens in the game. Even if someone was able to dupe a highly valuable item in game it would be detected immediately... by everyone.

Compare that to a centralized company with employees who are all working on different tasks. The company has way less incentive to fix the problem in a timely manner. After all... the cat is already out of the bag. They'd already sold the game. They already have the money. In WEB3 everything changes because the in-game assets ARE money and if one bad actor is allowed to exploit them: the entire community loses. The incentives in play are completely different and heavily imply that cheaters will be dealt with swiftly and harshly. After all... they're stealing from everyone.

ban hammer.jpg

The Ban Hammer

And this is the tricky bit in WEB3. How is punishment issued? We already know how WEB2 does it and we know that this path is unavailable to us. A centralized service provided by an incorporated entity gets the final say on everything. Whatever they decide goes. That doesn't work in WEB3. At all.

Many gamers will cry and make the claim that the game should just be good enough so that no one ever gets banned in the first place. This is especially true within the context of permissionless and open crypto networks. Yeah well, welcome to the real world kid... I look forward to playing that magical game that you never build.

I've even gone so far as to claim that many WEB3 games will be exclusive invite-only clubs. The easiest way to stop cheaters from ruining the game is to not allow them to play in the first place. Again, this seems wholly counterintuitive when building open-source products on a game-theory level, but once we see how these games will actually work it makes perfect sense.


If we take a look at something like World of Warcraft we can see that there are literally hundreds of servers to choose from. Each one of these servers is unique and completely disconnected from the others; running their own instance of the game. The things that happen on one server do not happen on the other. Different players. Different ratios. Different items on the auction house. Different economy. Different everything. The only thing that's the same is the original underlying code that all players are governed by. But once actual players join the server and start playing the game the economy is completely unique across the board.

Used to be that players were not allowed to switch servers. You pick your server and that's that... you're stuck there unless you make a character on another server. Then certain servers became too big and overpopulated. My first server Ner'zhul was one one such server. A one time deal was offered to anyone that wanted to transfer to a low population server. My guild did it (we shouldn't have because Ner'zhul was pretty awesome after all those people transferred away like we did). Later it was allowed to transfer servers whenever players wanted (for a steep price and with economic conditions imposed).


The point being is that we need to ask ourselves what this looks like within a WEB3 environment. As the owner of the IP, Blizzard Entertainment has zero incentive to allow other entities to run their own node. They will go so far as to sick their lawyers on those entities and legally force them to shutdown. A corporation has no incentive to allow anyone else to profit off their IP. That is clearly not within their bests interests, nor does it align with obvious business strategies.

In a WEB3 environment all of that changes.

In all likelihood a WEB3 game that had hundreds of duplicate servers running at once would often be owned an operated by different entities. So while players have hundreds of choices about where they want to play and the system in open-source and borderless... that doesn't change that fact that the owner of a particular server can create any rules that they want to.

If the MMO game and server are balanced around having 1000-2000 players... that's not a lot of players. World of Warcraft in total has millions of players, with each server only hosting thousands. It's expected that it's Blizzard's job to prevent Sybil attack. Without a centralized agent available to play arbiter, that leaves the node-runners themselves to ensure that the game won't be hacked by exploiters. The concept that some of these servers would be private or invite-only is not far-fetched, despite what we already know about permissionless decentralized ecosystems.


What even is a Sybil attack?

At the core it is simply when one person pretends to be more than one.

  1. One person plays multiple accounts or multi-boxes.
  2. One person runs a bot that plays for them.

This is the ultimate problem to solve within any kind of game economy.
And the solutions we've been able to come up with are actually quite bad.
Not only that, but many of them only apply to centralized WEB2 models.

So how do we stop the cheaters?

The first step is to create a game in which it is more advantageous to continue playing on one account rather than creating multiple. However, this is quite difficult to accomplish as getting the balance right is not a trivial matter. If the most hardcore players are scooping 99% of the rewards because the incentives give singular accounts more resources... that's even worse than a Sybil attack. At the end of the day distributing resources in a fair way is no easy task, even in something as mundane as a video game.

Even if we were to create the perfect mechanics to ensure that multi-accounting was discouraged while also not creating runaway inflation from legitimate hardcore players... we'd still be left with a bot problem. If the game is playable by bots it doesn't matter how inefficient it is to multi-box... because bots can be cloned indefinitely. Time is the ultimate resource in a game in which resources can be farmed. Bots completely eliminate this constraint and ruin the economy for everyone while syphoning value to the attacker.


I'd like to say we should just design games that can't be played by a bot, but even before the advent of AI bots were running around deep learning themselves into grandmasters. Considering the financial incentive to play WEB3 games it's safe to assume that preventing bots from playing the game simply due to difficulty and mechanics is pretty much impossible.

Luckily if the game is high-stakes enough and requires the player to take significant risk this would eliminate the ability for all but the best bots to operate profitably. Combined with the ability for the entire community to monitor the economy and prevent cheating in real-time (something that corporations could never hope to achieve) it's possible that such a Sybil attack could be mitigated. This is especially true if the server in question is invite only and requires a certain level of reputation to engage with the WEB3 economics.


It seems as though most WEB3 developers out there still seem to think that they need to compete with WEB2 on an even playing field. Unfortunately, this is not how it works. Offering free service to users is WEB2. We tried that. It's over.

There's a very good reason why WEB2 corporate entities do not build exclusive products with an invite list. That runs completely contrary to their entire business model. They need as many users as they can possibly get to turn a profit. Devs in WEB3 are still stuck in the same mindset, thinking they need to scoop as many users as possible to turn a profit.

However if we actually think about it rationally... that's not a great strategy with WEB3. There's no way WEB3 can scale in such a way. We are copying and recopying the same data over and over again across dozens if not hundreds of servers. Getting a ton of users that are all worth a little bit is NEVER going to work. Again, that's WEB2. WEB3 needs a smaller number of high-value users to work and scale up in a reasonable way. These two systems are completely different, but most devs keep conflating the business models as if WEB3 needs to be as close to WEB2 as possible. It's not going to work.


If I created a game and launched it... it would not be hard to simply make it invite-only. I can find 100 people I can reasonably trust to test the game out. After that, I could create a voting system that allowed the group to invite more accounts instead of letting it be open for anyone to try. A 51% attack in this case would be if so many bad-actors got invited that they were able to keep inviting more bad-actors and take over the system. Of course it probably wouldn't go down that way considering everyone would be able to see what was happening and take action against it. Hell that's exactly how the inception of Hive happened in the first place.

Given any kind of reasonable success, I would then just open-source the code and allow anyone to boot up their own server. They could then set permissions however they liked. Someone (maybe even myself) would test a server with no permissions that anyone could join. That would be a great control-group to note the differences in economics. Would that be a better model? At this point I highly doubt it, but it certainly would be good simply for exposure to the outside world and testing.


The idea of creating exclusive clubs based on reputation simply to play a video game is a totally foreign one, but I think the idea has merit. After all, a single node for any MMO can only host thousands of players. It would not be difficult to fill up a server with reasonably trustworthy actors using an invite-only technique, especially if those votes are stake-weighted and distributed to the community based on how much that player has to lose if they invite bad-actors.

It's also possible to eliminate the economic side of the equation completely in terms of gaining an in-game edge. Which again is a completely foreign concept to WEB3 devs as a whole. If the entire economy is relegated to cosmetics only (skins) then this also completely eliminates the economic incentive for a Sybil attack. Unfortunately that's not really an option in a WEB3 RPG-type game, and only works for other genres like FPS, RTS, or other competitive strategy games that end and reset all progress made during the next game.

Sybil attack is the most significant attack vector, not only just for crypto, but also for legacy economics. The entire point of KYC is to mitigate some type of Sybil attack and keeping citizens honest. How will WEB3 rectify this lack of intrinsic KYC and reputation based data collection? It won't be easy but we're figuring it out. Slowly.


Ah I remember SOJ’s those were the days. I think I got one off a boss run, I used to love to do Mephisto those ones were my favorite. I used to bot them though lol run it all night while I was sleeping and wake up to see what treasures I had. Those were the good old days. Did they put SOJ back into the latest re-release of Diablo? That would be cool.

The days of developing and putting out a game that can’t just be botted to no end seems like it’s waning and going to disappear. Crazy how hard it is these days, but I guess that’s the web3 way.

I'd have to dig it up, but when I was writing my last publication I found some old Microsoft stuff on Sybil attacks. They were very pessimistic about the whole ordeal. The only way I can see it working is to take away financial incentive to do a Sybil attack but that's hard to implement and limited at best.

The biggest financial incentive to Sybil attack stems from providing free services.
The entire WEB2 business model is the ultimate harbinger of such attacks.
Luckily WEB3 doesn't provide free services.
We incentivize good behavior instead.

Absolutely. It's really hard to convince people that this "free" stuff isn't free though. The precedent has been set so there's a certain level of creativity needed in Web3 implementations.

I have been saying this for a while: make a diablo like game where loots are the actual valuable nfts + 1 ingame token (and maybe a "stable" coin). the only other thing to figure out is how to stop bots from competing. This is where skill comes in. Is it possible to design a game where mainly the higher levels drop rare loot nfts and also has battle encounters too hard to script for bot armies?

Right okay so we make a hack and slash game....

But who stops the clients from cheating?
The clients can tell the network literally anything they want.
There's are already AIs that play chess and real-time strategy games at the grandmaster level.

Like on Hive all the data is text.
How would you ever know that text that said "I used this skill at this time" wasn't a bot?
I have not seen a single actual strategy for decentralized cheat detection.
Which leads me to believe that the real problem here is one of establishing reputation and whitelists/blacklists and private servers.


Sent 0.1 PGM - 0.1 LVL- 1 STARBITS - 0.05 DEC - 1 SBT - 0.1 THG - 0.000001 SQM - 0.1 BUDS - 0.01 WOO tokens

remaining commands 1


The tokens that the command sends are: 0.1 PGM-0.1 LVL-0.1 THGAMING-0.05 DEC-15 SBT-1 STARBITS-[0.00000001 BTC (SWAP.BTC) only if you have 2500 PGM in stake or more ]

5000 PGM IN STAKE = 2x rewards!

Discord image.png

Support the curation account @ pgm-curator with a delegation 10 HP - 50 HP - 100 HP - 500 HP - 1000 HP

Get potential votes from @ pgm-curator by paying in PGM, here is a guide

I'm a bot, if you want a hand ask @ zottone444


$PIZZA slices delivered:
@torran(9/10) tipped @edicted

Tough call, if the target of a web 3 game is to have a list of fair players that don't cheat the number of players that this kind of game can have it's very narrow, then you will depend on huge whales for the system to be sustainable or will have a short life.

I'm quite amazed that SL survived 5 years, this last with awful global economics and a bear market at crypto. But truth is that the more successful a web 3 is the more incentives exist for cheaters.

I think that from this perspective the only way to avoid bots is fighting the fire with fire, thus having bots extracting data of the users playing and looking for players that have "bottish" patterns, then those would be banned in a decentralized manner.

Solving this problem is imo the holy grail of web 3 games, whoever comes with the best solution will have an impressive success and a model that should be patented as would be very very profitable for companies to replicate it.