Scammers exploit airdrops, causing Sybil attacks and draining funds. This highlights the growing threat of AI-driven crime in the crypto world.
Many projects and developers find it difficult to lessen the effects of Sybil’s assaults as scammers take advantage of profitable airdrops.
Community Incentives and the Pursuit of “Free Money”
Blockchains and Web3 apps have been developed primarily thanks to community support. However, building and maintaining a community may take much work, particularly for new initiatives. To address this, developers have used various economic techniques, including ICOs and staking.
Airdrops, frequently disregarded, offer the community yet another vital incentive. This tool has developed into a sizable market. Uniswap, ApeCoin, and dYdX are the three biggest airdrops in history, with a combined value of around $12 billion, according to CoinGecko. According to reports, the cumulative value of airdrops over the last three years has exceeded $26 billion.
Intended initially to reward involved community members, airdrops have grown so profitable that professional opportunists have turned them into a source of income for themselves. These swindlers open several accounts to fulfill organizers’ assignments automatically or with inexpensive labor.
In an attempt to obtain what they eventually see as “free money,” their rigged activities range from publishing straightforward content on social media to sending little sums of cryptocurrency to flooding a protocol’s source code with pointless contributions.
How Sybil Assails Dry Tap Airdrops
Thus, airdrop hunters represent a new class of genuinely malevolent actors damaging Web3’s future by taking value away from legitimate users and upsetting the ecosystem’s economic activities. Two “super airdrop hunters” took advantage of the Arbitrum airdrop in March 2023, according to a Lookonchain article on X (Twitter), and they managed to obtain almost $3 million worth of ARB tokens from roughly 1500 addresses.
This is not a unique instance. Similar attacks by hunters and their bot farms have been made against the most significant airdrops in the past three years, including those from Uniswap, 1inch, Optimism, and numerous more. “Blur gave us something like $300,000, Arbitrum gave us around $180,000, Aptos gave us $125,000, and Optimism, $120,000,” an unidentified raider told The Block’s reporter.
Unlike community members, airdrop hunters swiftly sell off their rewards, resulting in instant price decreases, and move on to the next target. We saw this personally with Starknet, the much-awaited Layer 2 blockchain based on Ethereum. Researchers claim that airdrop hunters compromised the network months before the native coin’s launch in February 2024. What was the outcome? In its first two days of trading, STRK fell 50%, endangering the future of Starknet. The Chinese authorities were even alerted to the hunters’ activities and detained a person they suspected was using identity fraud to steal STRK tokens.
A “Sybil attack,” a cybersecurity phenomenon in which an attacker generates several phony identities to obtain influence or control in a computer network, has also been reported to have exhausted other initiatives, including Linea, EthernetFi, and Connext Network. When these offenders do not get their way, they frequently propagate false information about the project by commenting negatively on social media. In essence, this is a form of public extortion. Everscale has noticed a campaign against our partner blockchain network, Venom, which was introduced a few months ago.
Continuous Lookout for the Best Defense Against Sybil Attacks
Though the industry has acknowledged the issue, a practical remedy has yet to be found. Raising the eligibility requirements to claim airdrops is one strategy. But even highly developed airdrop initiatives, such as Arbitrum’s, could not repel the Sybil assault.
Specific initiatives, such as LayerZero’s latest suggestion to give smaller airdrops to accounts that self-identify as hunters, make an effort to reach a middle ground. If not, their addresses can be included in an airdrop. Still, it’s difficult to tell a phony account from a legitimate one, not to mention the history of accepting offenders as deserving of community awards.
Another recommendation is to introduce stringent identity verification for each airdrop participant. While projects like the palm recognition system in Humanity Protocol and the iris verification system in Worldcoin provide viable answers, they risk violating Web3’s fundamental principle of user privacy. Professional drop hunters have also discovered ways to get around various “digital passports,” creating a market for purchasing and “pumping” virtual identities in large quantities. This approach doesn’t address the issue; it just makes scammers pay more.
The Soulbound Token (SBT), an NFT that is irreversibly linked to a natural person’s “soul” and acts as an identity and “proof of person” without revealing personal information, is another option put out by Vitalik Buterin. As a result, SBTs could independently validate users’ reputations. If an SBT’s history demonstrates a high reputation score, its owner is granted access to airdrops, which encourages good conduct. SBTs, however, still need to be widely adopted because they are merely concepts.
These and other choices are now available. In my paper, I advocate for increased dialogue and action among all ethical players in the Web3 sector. Airdrop raiders must be addressed before additional Web3 projects, and their righteous backers become targets of further Sybil attacks. We would have the opportunity to once more use airdrops for their primary purpose, which is to reward vibrant communities for their commitment and allegiance, by jointly developing a global strategy and set of guidelines.
Concerning Everscale
With its infinite sharding method, Everscale is a TVM blockchain that can adapt to any workload flexibly, meaning that the magnitude of the load does not impact network fees or transaction delays.
Because of this, Everscale is the best blockchain to run large-scale and heavily loaded decentralized apps. During the past few years, Everscale has created a solid web3 project ecosystem, including DeFi, GameFi, NFT, and other flourishing communities.