1

In 'The Tangle' white paper, at the beginning of Section 4, this statement is made:

  1. It is possible for the attacker to have a plethora of Sybil identities which are not required to approve tips.

And then Wikipedia states this regarding Sybil attacks:

The Sybil attack in computer security is an attack wherein a reputation system is subverted by forging identities in peer-to-peer networks.

What impact do Sybil identities have on the tangle when there is no reputation system?

And how can a transaction be attached to the tangle without performing any approval of the two transactions it's being connected to?

blockmined
  • 710
  • 1
  • 4
  • 9
shoe
  • 251
  • 1
  • 2

1 Answers1

1

The IRI (Iota Reference Implementation) select the transactions to approve such that "selected transactions-to-approve are almost always tips". A tip is a transaction that isn't approved yet. This process is also known as the "tip selection algorithm" (or the "random walk"). It is expected that all "honest" nodes use this official tip selection algorithm to select transactions to approve.

From a technical point, it is perfectly possible to attach a transaction to 2 other transactions that aren't tips, but simply 2 random old transactions. The Sybil attack suppose that an attacker is able to deploy a huge amount of dis-honnest fullnode that do not implement the official tip selection algorithm, but rather use a biased transaction to approve selection algorithm. Such an attack would definitively hurts the tangle if the amount of dishonnest fullnodes overcome the amount of honnest ones.

ben75
  • 5,344
  • 11
  • 32