Moloch Grant Proposal 62 - Sybil Resistance

MGP 62 - Sybil Resistance (link)

Summary

  • MGP 62 - $100K (23 ETH) for bounties for breaking Proof-of-Humanity and BrightID
  • Ameen will manage the funds → 0x8f0e02abe31af51737a4e6a09230e845380b48e3
    • coordinating with Santi Siri and Kevin Owocki for bounty terms & conditions
  • Any unused funds will be returned to the DAO treasury

Background

  • the Ethereum community desires to move beyond coin-voting governance
  • alternatives to coin-voting are hampered by the lack of secure anti-sybil mechanisms
  • the two leading anti-sybil systems Proof-of-Humanity and BrightID, and while they are gaining traction, they have yet to be adversarially battle tested
  • this grant proposal would fund bounties for successful sybil attacks against the systems, to demonstrate their security and viability as governance infrastructure

Example Proof-of-Humanity Bounty Schedule (Final TBD)

  • $5K - $1K for first 5 people to get 2x sybil attack at all - rewarded immediately
  • $5K - bonus for the first successful sybil attack that uses a deepfake of another person
  • $20K - for the first person to successfully sybil attack with at least 2x for 30 days
    • 2nd account must live 30 days
  • $20K - for first person to sybil attack 3x accounts for at least 1 week
    • 3rd account must live 1 week
2 Likes

Hello Ameen,

In general I think this is a good initiative, but I would prefer if you split it up into two proposals - one related to BrightID and another related to Proof of Humanity, for $50k in bounties each.

Last grants round Santi was seeking Moloch DAO add liquidity to the UBI/ETH pool, and multiple Moloch members expressed doubt about that being something Moloch DAO should fund. Instead of Santi remaining in the Moloch DAO community, after he received criticism for his proposal, he ragequit.

I would vote yes to Bright ID and no to Proof of Humanity, because it seems weird for a founder of a project to ragequit a DAO, then that DAO later giving that person’s project money. What sort of precedents do we want to set here in Moloch? I feel like Santi would have eventually found support from Moloch DAO if he stuck around.

If Santi re-joined Moloch DAO as a member, I would vote yes for the Proof of Humanity bounty. I think that would then show that he has no hard feelings towards the DAO for not agreeing with his proposal in the past, and we have both collectively found ways to become a community.

I am just trying to ensure that Moloch doesn’t become a community that people just extract from, and don’t give back to, and when one can’t successfully extract from Moloch DAO - they leave. (I was seriously personally about to apply to Moloch DAO for a grant and ragequit as performance art if I got rejected to make a statement, because I feel it’s a bit of a weird pattern we may have going on here.)

I think that if we don’t create some solid norms, Moloch DAO will become a community of a lot of self-interested parties that become easily offended by disagreement as opposed to one that is trying to slay the god of coordination failure.

I think what Santi is doing at Proof of Humanity is definitely something that is still an experiment and bounties like this will help improve it. I would love to see more democratic governance of protocols as opposed to protocol plutocracies. I welcome him with open arms back to Moloch DAO as a member and will support this proposal after he is a member of our community again.

Best,
Stellar Magnet

I share your concerns about POH, but as I understand this proposal, no money would be going to the POH project. It would only go to people who successfully break their Sybil resistance.

1 Like

That is a good point, but at the same time: Moloch DAO would be allocating some capital towards improving POH, even if it it is not directly going towards the the development team, the value is flowing towards the POH project.

But please note that this is definitely something I am not 100% a strong NO on, and I can be convinced/persuaded otherwise – if existing Moloch members can convince me that this wouldn’t create poor precedence for how our community works.

It is definitely possible that the way I am evaluating this can be harmful and set poor precedence as well, so please let me know. I think Moloch generally has a pretty inactive membership so it’s always at the top of my mind for how we balance:

  1. awarding grants super well
  2. maintaining and growing our membership base - and encouraging members to participate in proposal review processes, as opposed to only participate when asking for money.

i think this is a good proposal: tightly scoped, clear use for funds, and clear measures of success. only thing i would add is commitment to summarize the results from each experiment in a writeup or something

what are the chances this is just becomes a honeypot for accounts that have already broken the sybil resistance to unmask one of their 10 accounts lol

i’m fine with this even tho that Santi left, it’s chill

Good to see your input here @trent.eth - it is definitely enough to sway me towards voting Yes on this proposal and not holding any personal grudges :slight_smile: Thanks.

I like your suggestions as well.

The proposal doesn’t have enough detail lol.
That being said, I think it’s punk as fuck and I love it. The adversarial battle testing bounty is an incredible archetype for MolochDAO, perhaps a new tradition? +1,000
The combo of Ameen, Santi, and Kevin seals the deal for me.
:white_heart:PoH :white_heart:I totally support this.

I think the idea of bounties for adversarial attacks to strengthen key tools is really interesting and useful, and not a common grant type. I’m def in on this one.

This comment is intended to be constructive, so please take it that way.

I think this proposal is great – we need a way to prevent Sybils, but, if you think about it for a minute what does that actually mean. The flip side of eliminating Sybils is that we can identify an individual as being a unique individual.

My concern with a system that can uniquely identify individuals is that, if it works, anyone, even bad actors, can use it.

If you’re building a system that needs to uniquely identify individuals, the elimination of Sybils is a good thing. It’s absolutely horrendous thing if you’re an individual who needs protection from being individually identified (for example, you’re a dissident in a country ruled by a dictator who kills dissidents.)

I wrote about this issue here: https://tjayrush.medium.com/be-careful-little-brain-what-you-code-6ad4d5fb9d9b.

I think it’s a super-important issue, and I’d like to see a not-insignificant portion of this proposal (or a different proposal) go towards understanding and mitigating the unintended consequences of a system that can uniquely identify individuals.