Jesus god. Why can't you actually look up the words you use before getting a popular article out and sharing it on twitter?
This is NOT a sybil attack. STEEM is sybil resistant, else noganoo would be the overlord since a long time.
You are viewing a single comment's thread from:
Are you claiming the 20 witnesses pushed into consensus by a single individual were not "pseudonymous identities" but known, trusted members of the community voluntarily put into a position of leadership by the community according to the intended design of DPoS?
STEEM, clearly, is not Sybil resistant enough. This was a Sybil attack. Pretending otherwise is not defensible. If noganoo had enough stake (or enough influence to get exchanges to do what they did), he could attack the chain through this Sybil strategy just the same.
It was a bribe attack as well, and I do see your point where a fully-sybil attackable system does of course have no restrictions at all in terms of the cost of account creation and those accounts giving a single actor more vote weight. I feel you are not validating my position that the stake wasn't used just to create one witness account but directly created 20 which, according to the "sybil resistant" rules or Steem, gave them full control (or "more influence in the network" if you like) of the chain. Steem is remarkably Sybil resistant in most regards. It still got Sybil attacked because one majorly staked individual was able to act as 20 accounts. That to me is a clear Sybil attack on what should be Sybil-resistant system. We have work to fix DPoS.
And that would not have been a Sybil attack. He also could not take over the chain with this approach unless those 29 witnesses agreed with him. In that case, it would have been done according to the proper design of DPoS (again, not a Sybil).
Yes, he only needed 20 (technically only needed 15) to do what he wanted to do. The moment "pseudonymous identities" were used to accomplish this, it became a Sybil attack. You are a technical person who has been in this space a while and you of all people should understand this. I don't think it's at all helpful to deny what took place. What is helpful is calling it exactly what it is and figuring out how to prevent it in the future.
To your point, there are other attack vectors also demonstrated here (bribe attack, centralized custodial stake without skin in the game, etc), but the real one which broke Steem, IMO, was this Sybil attack where fake accounts were able to act as a single individual. As you say, it's supposed to be Sybil resistant. It was not in this case.
The ultimate level of "influence in the network" is full control which requires more than one account. It wasn't just creating multiple accounts that made this a Sybil attack. As you've already mentioned, Steem has fairly good protections against that attack. It's the combination of stake and creating multiple pseudonymous identities which made this attack possible and that is, to me, undeniably a Sybil attack. I'm confused why you're stuck on this point because multiple pseudonymous identities was clearly required to pull this off. Those accounts were not real people. They were one person pretending to represent 20 different entities. DPoS is designed to have individual block producers, not one producer pretending to be individual block producers. These 20 accounts may be running in the same datacenter or even the same server for all we know!
From: https://steempeak.com/dpos/@dantheman/dpos-consensus-algorithm-this-missing-white-paper
How is it "taking turns" if they are all the same person in control because of this Sybil activity pretending to be multiple, separate accounts?
The election process failed because exchanges don't have skin in the game. They didn't vote with their tokens so they don't care if it impacts the token price negatively.
I think this document didn't spend enough time on the election process as that's where this Sybil attack became a reality.