DeFi Sybil attack created $7.5B fake TVL on Solana from ‘anon’ developers
An investigation led by CoinDesk revealed that two brothers (Ian Macalinao and Dylan Macalinao) used pseudonymous developer profiles to inflate Solana’s TVL by $7.5 billion.
Sybil Attack
This news is a warning to those skeptical of real-world feasibility. Sybil Attack About the crypto ecosystem. According to Binance Academy, the Sybil attack is “a type of security threat to online systems where one person creates multiple accounts, nodes, or computers to try and take over the network.”
Gitcoin co-founder Kevin Owocki launches EthCC[5] By speaking about the potential risks of Sybil attacks in his talk “Sybil Resistance for a more democratic web3”. The increasing popularity of the DeSoc, Social Graph and Soulbound token concepts coincides with a desire to reduce the likelihood of effective his Sybil attacks.
But to answer the question of whether this is a real threat, you can see a CoinDesk report detailing how the Macalinao brothers created fake developer profiles to simulate community development.
Anonymous developer profiles are much more common in the web3 world than in other industries. The most famous crypto developer is the infamous Satoshi Nakamoto, creator of Bitcoin.
A developer conference on web3 often looks like the Google Meet call below, with all participants contributing behind virtual identities.
my favorite kind of meeting @_ledao 🥐 Town Hall.
Talk about elite crew and 1/1 art. When did you join that patisserie? pic.twitter.com/TUH83ShU25
— Trade For Tendies 🥐 (Solana developer) (@immature69) August 3, 2022
a hackermoon article From February 2022, commenting on the current state of anon developers in cryptocurrencies:
“If we attend to witness how Satoshi has tweaked anonymity to our liking, he may need to rethink his stance on decentralization. , because it hinders adoption, especially now that fraud continues to occur.”
macarinao brothers
According to CoinDesk research, Ian Macalinao is building a project as “11 independent developers” to create an inflated TVL on the Solana blockchain. CoinDesk claims Ian created an unpublished blog post on his March 26th.
“I devised a scheme for maximizing Solana’s TVL. Build protocols that stack on top of each other so that you can count a dollar a few times…that led to SOL’s dramatic rise. I think I contributed.”
Using various anonymous identities, the siblings network of protocols Utilize double-counted assets to artificially inflate the total TVL of the ecosystem. Ian is quoted as explaining, “We wanted it to look like a lot of people were building on our protocol.” — A prime example of a Sybil attack.
Dylan personally went as far as Tweet What he felt was ‘comfortable staking’ [his] unique cipher [the] The project “Sunny Aggregator” is now believed to have been developed by the brothers.
The pair appear to be using their public identities to cover up a project they worked on to anonymously boost recruitment. Thing seems to appreciate building web3 tools for the community.
will be grateful to @simplyianm to launch this tool. As soon as he has finished our audit of his SPQR program, you should file a claim. https://t.co/yggc0o2mYz
— veSurya Khosla (☀️,🇮🇳) (@SuryaKhosla) April 2, 2022
big fan of @goki protocol and what are they doing @solana UX.
please look! https://t.co/c1Byzrwk5N
— ian.move ↗️ (@simplyianm) September 4, 2021
coin desk paper It details how the brothers operated the Solana DeFi ecosystem. This happened when Solana was shaken by the Slope Finance wallet exploit.
Civil Resistance
of gitcoin passport By allowing builders to “grow a decentralized identity record with different credentials about you,” it aims to address the problem highlighted by fake developer profiles.
soul bound token (SBT) is another technology that helps build sybil resistance through non-transferable NFT tokens tied to specific wallets. When Ethereum founder Vitalik Buterin introduced his SBT concept, he said:
The alleged abuse of the Solana DeFi ecosystem by the Macalinao brothers reinforces the strength of Vitalik’s criticism. The brothers are said to have elaborated a network of his DeFi projects with a financial goal of inflating his TVL of his DeFi on Solana.
Vitalik concluded his presentation on SBT by declaring that “more effort is needed to ponder and resolve these issues” on the transferability of “identity objects” in the web3 space. rice field. One of his core “identity objects” is her identity for developers building in the open source ecosystem.
Decentralization and “DeSoc” may be the long-term goals of many web3s, but a significant unresolved issue is that of Sybil resistance. If his two young developers from Texas can fool the entire ecosystem of a $7.5 billion existence, something is wrong.
If you are building a project trying to solve the Sybil attack vector for the crypto industry, please contact CryptoSlate via the email or Twitter link above.
CryptoSlate reached out to the Macalinao brothers but did not immediately respond to a request for comment.
