From zkSync to LayerZero: Sybil Attacks Undermine Projects
Token issuance is a crucial moment in a project’s history. If mishandled, it could spell the end for the project.
Nothing can destroy the credibility of a token issuance faster than a Sybil attack. In such attacks, malicious actors create multiple fake identities to gain disproportionate influence and token allocation in the network.
No one wants to see a fake community.
Next, we’ll explore how Sybil attacks impacted token issuances through two recent airdrop cases: zkSync and LayerZero.
zkSync
zkSync is an Ethereum Layer 2 scaling solution using zero-knowledge proofs and was one of the most anticipated airdrops of 2024. However, it faced criticism for lacking Sybil protection measures. For example, Polygon Labs’ Chief Information Security Officer Mudit Gupta commented on X:
zkSync airdrop is out.
Most farmable and farmed airdrop ever probably.
Almost no sybil filtering as far as I can see.
Anyone who knew the criteria could’ve easily farmed the shitout of it.
Makes you appreciate what LayerZero is trying to do with sybil filtering
Adam Cochran, a partner at Cinneamhain Ventures, shared similar concerns:
I love the zkSync guys but damn that was not a well planned airdrop from
a sybil perspective.
Those criteria are easy to not hit as a real user, and easy to Iit as a
farmer, and had no anti-sybil program.
Real users could easily use 1-2 dapps or only a handful of tokeris on your
chain when its so new and has so few projects.
Projects really need to put more thought into this stuff if they don’t want
turbo dumping mercenaries.
zkSync’s Network Activity
In the month following the zkSync airdrop to users on June 17, 2024 (until July 17, 2024), the number of active addresses on the network decreased by about 78.7%. This indicates that most users abandoned the project after obtaining the airdrop.
The number of daily depositors also showed a similar trend—only 32 depositors on July 17, 2024, compared to a peak of 41,257 on March 25, 2023.
After the airdrop, over 40% of the primary recipients of zkSync sold all their allocated tokens, and 41.4% sold part of their allocation. Currently, only 17.9% of these primary recipients still hold their tokens. According to @CryptusChrist, 746 known Sybil attackers received approximately $6.9 million worth of ZK tokens in the airdrop.
ZK Price Trend
Unfortunately, the sell-off of ZK—likely orchestrated by Sybil attackers—increased market pressure, causing the token price to drop by about 39.29% between the user airdrop date (June 17, 2024) and July 23, 2024.
So, what went wrong with zkSync? First, the project’s airdrop eligibility criteria were relatively easy for Sybil attackers to exploit and lacked effective anti-Sybil measures. Additionally, zkSync excluded certain legitimate users, such as those building on zkSync ERA and directly contributing to its ecosystem.
Now, the team needs to redouble its efforts to re-engage those driven away by the false activities of Sybil attackers and significant price speculation.
LayerZero
LayerZero is an interoperability protocol aimed at facilitating seamless communication and asset transfers between different blockchains. Unlike zkSync, LayerZero implemented robust Sybil protection measures.
According to LayerZero Labs’ CEO Bryan Pellegrino, the team identified 1.1 million to 1.3 million unique Sybil wallets during the self-reporting and analysis phase, and they continue to engage and reward community reports of Sybil attackers.
LayerZero’s Network Activity
Between April 30, 2024 (the day before the snapshot date), and July 7, 2024, the number of messages on LayerZero dropped by 91.5%.
Similarly, daily transactions dropped by over 92% between the snapshot date and the airdrop date.
This decline is partly because users typically stop activity after the snapshot date since they no longer need to transact to qualify for the airdrop. However, the team’s Sybil protection methods might have also influenced this decline, allowing them to conduct the airdrop with fewer Sybil attackers.
ZRO Price Trend
From June 20, 2024 (the airdrop date), to July 18, 2024, LayerZero’s native token ZRO’s price dropped from $4.79 to $4, a decrease of about 16%. This drop is significantly less than ZK’s 39% decline over a similar period. Notably, despite the decline in network activity, ZRO’s price eventually exceeded its initial listing price.
While it’s challenging to pinpoint all factors contributing to LayerZero’s relatively stable price, its Sybil protection techniques likely played a role.
Why Should Builders Care About Sybil Protection?
In the short term, Sybil attacks may seem beneficial for projects as they can artificially boost data and generate immediate profits.
However, as shown in the above examples, Sybil attacks can lead to token sell-offs and decreased network activity—both of which undermine the long-term sustainability of a project.
When Sybil attackers are removed, legitimate participants have more opportunities to engage and contribute, as the removal of fraudulent entities frees up valuable positions.
Most teams launching through airdrops need to redouble their efforts to re-engage those driven away by false activities and significant price speculation. No one wants to see a fake community.