developers aren’t the first humans to face identity verification problems. In the book of Exodus, Moses finds a peculiar bush that is on fire but not engulfed in flames. When it’s revealed that the burning bush is God delivering a message to his people, Moses asks quite reasonably: Blockchain how will they know it’s really you who sent me, when I tell them? It turns out that not even God is above identity verification. Exodus 3:14 “Tell the people of Israel: I AM has sent me to you.” When it comes to incentive programs, the problem is that Anyone can create an algorithm that distributes a novel crypto-coin to every person in the world. Without any additional layers of though, such network would easily fall prey to a Put another way, fake identities would be created for the attacker to gain more rewards than they are fairly owed. Designing a system that is both viral and resistant to such attacks is a holy grail. there’s an inherent tradeoff between the virality of the program and its resistance to identity fraud. security Sybil attack. Do you remember ? They sponsored a competition to find red balloons, and a team from MIT solved it in just a 8 hours using recursive incentives. Anyone who found a balloon for MIT would win $2000, and anyone who referred a balloon finder for MIT would win $1000. Even if you referred someone who referred someone who referred someone…you’d win amount of money in return. the DARPA red balloon challenge some The truth is that MIT was lucky that it solved the challenged in only a few hours, because Sybil attacks were most certainly on the way. As , the system had the unintended consequence of incentivizing the creation of false identities to extract undue rewards. For example, if Alice knew where a red balloon was located, she could create two false identities, “Bob” and “Carol,” and claim to have been referred by them. She could add to her reward without doing any additional work. Babioff, Zohar et al clearly pointed out Many of the “ ” problems we’re tackling are best solved by an ad hoc viral network. , for example, is easiest when you have a large group of people (i) applying and (ii) spreading the word about the job opening. Therefore, one of the fundamental goals of nCent is to discover the point at which the virality of a network is maximized relative to acceptable levels of identity fraud. In reality the answer is really a set of answers depending on the properties of the particular incentive program being discussed. needle in a haystack Finding the right employee As networks grow, though, it becomes harder to remain resistant to a Sybil attack. This property is one of the most under-appreciated aspects of Bitcoin — and what makes it such a powerful system. A common challenge of an incentive program is to maximize network membership while minimizing the opportunity for fraud. When a Sybil attack occurs, a large part of the network doesn’t contribute new information. It is instead dominated by one actor who creates numerous nodes simply to ensure that they reaps the rewards if someone finds the solution. Additionally, the attacker in the red balloon case would be able to receive upto twice the reward they deserve (instead of just $2000, they can collect almost $4000 in added chunks of $1000+$500+$250+$125.5 etc). This can dispirit the efforts of the honest participants, and cause the network to fail. So you see, identity verification ends up being the limit of virality. The very incentives that can lead a network to rapidly grow can therefore also lead to its demise. nCent is actively working on identity and other related problems such as collusion and fraud detection. There are a number of interesting ways that we’ve come up with for securing our native blockchain protocol. We explain some of our approaches in and our upcoming whitepaper. See our upcoming posts for more information, or contact us to learn more! Beware of Sybils Not Bearing Proof of Work Think you have new ideas about how to approach identity verification? We’re all ears. E-mail me directly at kk@ncnt.io to discuss!
