It is named after the subject of the book Sybil, a case study of a woman diagnosed with dissociative identity disorder.
As of 2012[update], evidence showed that large-scale Sybil attacks could be carried out in a very cheap and efficient way in extant realistic systems such as BitTorrent Mainline DHT.
The attacker controlled a quarter of all Tor exit relays and employed SSL stripping to downgrade secure connections and divert funds to the wallet of the threat actor known as BTCMITM20.
This entity controlled over 900 malicious servers, primarily middle points, in an attempt to deanonymize Tor users.
Identity-based validation techniques generally provide accountability at the expense of anonymity, which can be an undesirable tradeoff especially in online forums that wish to permit censorship-free information exchange and open discussion of sensitive topics.
In addition, it is not clear whether real-world online social networks will satisfy the trust or connectivity assumptions that these algorithms assume.
[21] Alternatively, imposing economic costs as artificial barriers to entry may be used to make Sybil attacks more expensive.
Proof of work, for example, requires a user to prove that they expended a certain amount of computational effort to solve a cryptographic puzzle.
In Bitcoin and related permissionless cryptocurrencies, miners compete to append blocks to a blockchain and earn rewards roughly in proportion to the amount of computational effort they invest in a given time period.
Such proof of personhood approaches have been proposed as a basis for permissionless blockchains and cryptocurrencies in which each human participant would wield exactly one vote in consensus.