Source: CoinList; Translation: Golden Finance xiaozou
Token launch is one of the most important moments in a project’s history. If you screw up your token launch, your project could be doomed.
Nothing destroys the credibility of a token issuance faster than a sybil attack, in which a malicious actor creates multiple false identities in an attempt to gain disproportionate influence and token distribution in the network.
No one wants a ghost community.
Below, we’ll explore how sybil attacks can ruin token launches by looking at data from two recent airdrops: zkSync and LayerZero.
1、zkSync
zkSync, a Layer 2 scaling solution for Ethereum that uses zero-knowledge proofs, was one of the most anticipated airdrops in 2024, but has since faced a lot of criticism for its lack of sybil protection measures. For example, Polygon Labs Chief Information Security Officer Mudit Gupta said this on X:
(1) zkSync Network Activity
From the start of the zkSync airdrop (June 17, 2024) to July 17, 2024, the number of active addresses on the network dropped by approximately 78.7%. This suggests that a large portion of users were only interested in the free airdrop and turned away shortly after receiving it.
The number of daily depositors reflects a similar pattern - the indicator peaked at 41,257 on March 25, 2023, but fell to just 32 on July 17, 2024.
After the airdrop, more than 40% of those who received the most zkSync airdrop sold their entire token allocation, and 41.4% sold some of their tokens. Currently, only 17.9% of the top recipients still hold tokens. According to CryptusChrist, 746 sybil attackers are known to have been eligible to receive approximately $6.9 million in ZK tokens in the airdrop.
(2) ZK price fluctuations
Unfortunately, the ZK sell-off — likely orchestrated by a sybil attacker — created selling pressure that caused the token price to drop by approximately 39.29% between the start of the airdrop to users (June 17, 2024) and July 23, 2024.
So, what went wrong with zkSync? First, the team’s airdrop qualification criteria made it relatively easy for sybil attackers to participate, and lacked measures to prevent sybil attacks. In addition, zkSync seems to exclude certain legitimate users to some extent, such as projects created on zkSync ERA, which have made direct contributions to their ecosystem.
Their team now needs to redouble their efforts to recapture the inflated activity that preceded the sybil launch, triggering significant price speculation.
2、LayerZero
In contrast to the two examples above, LayerZero is an interoperability protocol designed to facilitate seamless communication and asset transfer between different blockchains, and it has strong measures to prevent sybil attacks.
Bryan Pellegrino, CEO of LayerZero Labs, said that their team ultimately identified 1.1 million to 1.3 million unique address sybil wallets during the sybil self-reporting and analysis phase, and the team will continue to encourage and reward the community for sybil reporting.
(1) LayerZero Network Activities
From April 30, 2024 (the day before the snapshot date) to July 7, 2024, the number of messages on LayerZero dropped by 91.5%.
Likewise, the number of daily transactions also dropped by over 92% between the snapshot date and the airdrop date.
This downward trend is partly due to users often stopping activity after the snapshot date, as trading is no longer necessary to receive the airdrop. However, it is also possible that the team’s sybil prevention measures also had an impact, making their airdrop less vulnerable to sybil attacks.
(2) ZRO price fluctuations
Between June 20, 2024 (the airdrop date) and July 18, 2024, the price of LayerZero’s native token, ZRO, dropped from $4.79 to $4, a 16% drop, significantly less than the 39% drop in ZK over a similar timeframe after the airdrop. Interestingly, despite the drop in LayerZero’s network activity, ZRO’s price ultimately remained above its initial listing price.
While it is difficult to determine all relevant factors for LayerZero’s relative price sustainability, its sybil prevention technology may have played a role.
3. Why should Builder pay attention to Sybil prevention?
In the short term, sybils appear to be beneficial to projects because they can artificially boost data and generate direct profits.
However, as the above example shows, a sybil influx can lead to token sell pressure and a drop in network activity, both of which can undermine the long-term sustainability of a project.
After a Sybil exit, legitimate participants will have more opportunities to come in and contribute, as the exit of the fraudulent entity frees up valuable slots.
Most teams launching via airdrops need to work harder to recapture the activity that drove price speculation and inflated network activity prior to launch. No one wants a ghost community.
At CoinList, we take sybil prevention very seriously. We verify the legitimacy of devices and browsers, analyze IP addresses, screen for unusual bot-like activity, evaluate the legitimacy of email addresses, and ensure that every participant is a unique and verified individual.
