Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[submission] Sybil defense #2

Open
okdistribute opened this issue Dec 7, 2020 · 1 comment
Open

[submission] Sybil defense #2

okdistribute opened this issue Dec 7, 2020 · 1 comment

Comments

@okdistribute
Copy link
Contributor

The Design Problem

Someone tries to impersonate someone else! How can you tell the person you're talking to is /really/ the person they say they are? The most common attack vector here is someone pretending to be someone you know quite well, usually including changing their nickname, display name, and other profile characteristics to be the same.

The Design Solution

Different providers have different user experiences for handling this.. not sure if these are all different patterns or the same pattern with varied levels of severity?

  1. Timer. Discord provides a timer (1 day) by default for these links. The benefit here is that hopefully the invite links would only be sent to known parties, and any potential leak of an invite code to an attacker would then expire and they would not gain access. I don't know of a decentralized app that is doing this right now but I bet it exists somewhere.
  2. One-time use invites. Magic wormhole provides invitation links that only work once, and if there is a failed attempt, the invite connection is broken and must be re-established with a new invite password. This is also called PAKE (or improved SPAKE2).
  3. Revocation. Creating a chain of invites & moderators that can be revoked in the case an attacker is inside. TACO is an example implementation.
  4. Walkaway keys. In cabal, this method is essentially how to dis-invite in the app level A new channel or room is created and only sent to individuals who the issuer wants be included (i.e., minus the device that should be dis-invited, the sybil attacker).
  5. Nickserv. This is how IRC prevents sybil attacks. You could use a 3rd party service (like email) and a cabal bot that verifies user nicknames based on their registration and password (or if you want to go blockchainy instead of email, some private key zero proof crypto stuff).
  6. QR code verification is related, can be used to verify the person's identity in addition to these other methods.

Category

Identity
@okdistribute okdistribute transferred this issue from sprblm/dots-patterns Nov 5, 2021
@bumbleblue
Copy link
Contributor

I'm inclined to say there are 6 patterns here, and we should file them under Identity. Maybe it's time to introduces tags as well (for Sybil defense).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Pattern Development
Status: Proposed
Milestone
No milestone
Development

No branches or pull requests
2 participants
@okdistribute @bumbleblue