Deployed On Ethereum Goerli Testnet - Mainnet Launch 2023       
✤ SybilDAO
Defending DeFi From Sybil Attacks
Zero Knowledge Protocol To Defend DeFi From Sybil Attacks


A Sybil attack is when an attacker creates multiple fake identities, or wallet addresses, to manipulate a network or protocol. This can be done for a variety of reasons, such as to gain an unfair advantage, or to disrupt the normal functioning of a system. A Sybil attacker uses their fake identities to gain influence over the network which can have serious consequences such as unfair distribution of rewards.

Sybil attacks are widespread in DeFi particularly for:

  • Airdrops
  • Bounty Campaigns
  • Community competitions
  • Whitelistings & Token Generation Events
  • Voting systems


SybilDAO solves the problem of mass sybil attacks in DeFi in a streamlined way that is simple for blockchain developers to implement and has a great UX for end users.

From a end-user perspective they will go from the clients dApp/Platform via a link which opens in a new tab to

This frontend web page uses a number of anti-fraud protections to prevent sybil attacks and bot authentications. These include the following:-

  • Cloudflare BOT protection
  • VPN/ToR/Botnet blacklists
  • Client side analysis
  • Transactional cost + gas fee
  • IP Restrictions
  • hCaptcha integration
  • ML Risk Analysis (TBC)

Once the captcha has been completed the frontend provides a one time authorization code to the clients web browser. This authorization code is part of a zero knowledge proof within our smart contract

The user can then sign a transaction which charges a small fee + transaction cost in the native currency for that chain. This will pass the authorization code (ZK–Proof) to the smart contract which registers the wallet address as a permanently verified address.



3rd party DeFi protocols can look up on-chain verified addresses from within their smart contract and get a true/false boolean response. Here is a simple smart contract interface to check if a wallet address has been verified.

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.17;
interface ISybil {
    function check(address) external view returns (bool);
contract SybilDeveloperExample {
    address constant sybil = 0x7927BEa1eA84614DCeAECa1710cea8a7DeAa1d25;
    function test(address _address) external view returns (bool) {
        return true;

There are more example integrations including ERC20 and ERC721 tokens here: contracts/examples


There are two options to get users to verify prior to carrying out a function that requires Sybil Protocol protection.

The first option is to direct them to a simple link, this can be given out over social media or linked to from a frontend application:

The second option is to embed the iframe widget directly into your dApp or website.

<iframe width="320" height="500" src="" title="SybilDAO DeFi Defender" frameBorder="0" scrolling="no"  marginwidth="0" marginheight="0" hspace="0" vspace="0"></iframe>

This code renders a 320px x 500px iframe like the one below


Whitelisted addresses are immutable and verifiable from any smart contract, these can be used across various DeFi partner promotions and campaigns.

SybilDAO adds value through exposure to our community. Once someone is verified they are part of the Sybil Network and can participate in any SybilDAO partner promotions without reverifying. There is potential for SybilDAO to build a large audience which will hold value in itself.

Partners are provided promotional exposure via:-

  1. Partnership and promotion announcements on website
  2. Social media channels - Twitter & Discord primarily
  3. Video content on YouTube, TikTok & Instagram

SybilDAO can also offer pre-built promotional campaigns such as sybil attack resistant NFT drops where a partner just needs to provide an image for the NFT.

By partnering with SybilDAO, DeFi teams get a win/win situation where we can grow our communities together through a valuable service that protects against bot networks.

BizDev team can outreach to DeFi founders to sell cross-promotional activities even if their core protocol has no requirement for sybil resistance. This provides a large potential customer base with an optimizable sales funnel.


SYB is the governance token for the SybilDAO. The draft tokenomics are as follows:-

Initial supply100,000,000 SYB
Max supply150,000,000 SYB

The initial distribution is as follows:-

Treasury (Locked)50,000,000 SYB
Public Sale20,000,000 SYB
Team10,000,000 SYB
Liquidity10,000,000 SYB
Partners5,000,000 SYB
User Airdrop5,000,000 SYB

The remaining 50,000,000 SYB vested:-

Private round20,000,000 SYB
Founders20,000,000 SYB
Team10,000,000 SYB

Private funding round will be via SAFT and then distributed according to vesting period.

When a user completes the transaction to verify their wallet a fee is added to the transaction/gas. 100% of fees generated by the protocol are distributed back to stakers of the SYB token on Ethereum mainnet. Fees from layer 2's are bridged back and added to the pool on mainnet. Fee revenues for staked SYB are claimable in ETH #RealYield

The treasury fund allocation of SYB tokens is in a restricted wallet that can never be sold or transferred. This guarantees that a minimum of 50% of the fees initially and 33% after the vesting period will always go to the treasury to ensure continued financing for the project.

In due course the Sybil Protocol will reach a tipping point where it becomes the default tool for preventing sybil attacks in DeFi.



Note this is an Ethereum Goerli Testnet airdrop (instructions here) but...
Spoiler Alert we may be doing something for our early adopter community on mainnet in due course.
Follow us on Twitter & join the Discord community to ensure eligibility.

To receive your airdrop you need to first verify your wallet here:


The SybAirdrop smart contracts are a good example of how to integrate the Sybil Protocol.


We need training data for our machine learning algorithms.

If you can break our bot protection systems to gain 100,000 SYB tokens we will award a bounty subject to the following terms:

  • BOUNTY - $100 Payable in ETH on Ethereum mainnet
  • Requirements:
    • One bounty per person/botnet, system is yet to be broken so we wont pay out 10 bounties in the same week
    • You share the code for the bot so we can reverse engineer it to improve our systems
    • Bot code does not rely on 3rd party services like scrapingant/anticaptcha
    • No damage is done to the system or user experience, go slow and don't DDoS the platform
    • Inclusion in the hall of fame is optional, let us know if you want a social media account on there
    • Contact the team via discord/twitter and we will get back to you ASAP

Hall of Fame

To date 2 attackers have broken our bot protection systems to claim the bounty

2022-12-190x457f...Bounty paid 0.255 ETH ($300 USD) attacker managed to gain around 50k SYB tokens in 48hrs, bypassed Cloudflare and hCaptcha protection, submitted the code for the bot and has been very helpful. Thank you
2022-12-240x8809...Bounty paid 0.25 ($300 USD) attacker gained 100k SYB tokens, submitted the code for a python based bot. Thank you
© Copyright 2022-2023 SybilDAO