How do we deal with this Sybil Attack?

Reference the tweet here: https://twitter.com/gnome_labs/status/1516861401163177984

So basically this guy Nation3 (NATION) Token Tracker | Etherscan has registered > 50 ENS just several days ago and has collected more than 50 NATION.

My questions are:

1. Is this some insider job?

2. Why don’t you limit the rule only to ENS registered > 1months before April 9?

3. How do we deal with this sybil attack?

See: majority of his eth originates from here: Address 0x4c3e26d02508adcfc0e6f6cb6de4ea66d802467c | Etherscan, just 3 days ago.

Actually maybe more than 100 NATION will be controlled by this single entity.

@Gnome Good observation, thank you. Looks like he already dumped all his $NATION tokens for $ETH: Address 0x8770e81a19ef799e9f39457d1b43b4c786ad5ead | Etherscan

So at this point in time, there is not much we can do about this sybil attack. It has already been executed.

CC @anastasiya @luis @0xGallego

Hey @aahna,

Digged further more, below 2 accounts should also below to him : )

These 3 are connected through address Nation3 (NATION) Token Tracker | Etherscan

1. I don’t think so, we launched this as a very tight group of 5 people that really trust each other and are friends with each other as well, our friendship and reputation is worth more than 100 $NATION. Of course because of the nature of the blockchain it’s impossible to provide definitive proof, but I can speak for everyone’s genuine love for the mission.
2. We should indeed do that for the ones that were left out of the initial tweet drop, and filter by that date for the second batch.
3. Unfortunately, the only way I can think of is by creating buying pressure to eat up the possible selling pressure… tweet drops are a great way of reaching a large number of token holders quickly, but it is a fact that a big percentage of those who are dropped $NATION will sell it immediately. I don’t know what are the intentions of the person behind this, but probably to sell it ASAP as well. Looking at it from a positive perspective, that creates new opportunities for community members that actually care to buy the token at a cheaper price.

Lot of work need to be done on Magnifying the power of holding the Nations so that people do not want to sell off and run .

Am not a holder yet,

But, I Can’t wait to be part of this Amazing Revolution.

My ETH is

0x3eEDC418f451e9A42dad04B82CC708FB6F4D9AC5

I have been doing the math, and it looks like that person was able to extract around 100 $NATION. Good news is that there have been almost 1,900 claims, so most likely they have already claimed all their tokens.

While this is not a big deal for the project, it’s not nice that someone has done this. There have been some ideas of how to counterbalance this, some are more drastic and some less, and I have decided to do the less drastic one for now: to buy them out.

I have sent this message to the 5 addresses identified as executing a Sybil attack:

Hi! We know what you did. Smart. You have a way out, which is to slowly sell your position, but I am offering you a better one: to buy all your $NATION above market price. $NATION should go to people who want to be part of the movement, hope you understand. There are other ways we can resolve this, but they are harder for both of us. {AirSwap OTC link goes here}

I am offering them 1 NATION = 1 ETH, above current market prices and from my own pocket, to buy them out.

Update: I spent 40 ETH buying out 40 NATION from the malicious actor. It seems like this is around 50% of their NATION holdings. Happy about this.

WOW.I saw confidence, belief and strength of the team.
It’s my honor to participate in this project.

Thanks for highlighting it. It’s good to see people caring for this project.

1. As Luis said, we are a very tight group of people who want to push this initiative in the long run, so this option has no sense to me. But, if I see any of the founders with a new Lambo I’ll let you know .
2. That’s an interesting proposal, but as I’ve already transmitted it to Luis, I don’t think it is the most convenient filter. I reviewed the last batch of addresses from claims by mail, and I saw many legit accounts that never had a .ens before or registered in the last month and shouldn’t be left behind. As a team, we learned a valuable lesson about tweet-based drops, and we can apply the learnings to future ones.

I think this time is okay. But in the future, we need to discourage these type of behaviors by stripping away their airdrops.

@luis I don’t know how you sent the messages, but I’m assuming through HEX data in Ethereum transactions? In addition, maybe the hacker can be reached through channels like Blockscan Chat or <ETH address>@ethmail.cc.

I assumed he saw them, since he took two of my offers and I already got 40 NATION off him.

Thank you @Luis for doing this for the project, and thank you @Gnome and others for helping identify this early.

As Luis said, tweet drops serve as a fantastic mechanism to bootstrap the community, and using ENS names certainly limits the chances for possible attacks, but they still exist. In the future we should collectively come up with ways to ensure this doesn’t happen!

Do it well, and you have the financial resources to do it well. The mind can’t open the country, there is no hope