The Hidden Cost of Ignoring Sybil Resistance in Quadratic Voting

Sybil attacks exploit the cost asymmetry between acquiring voting power and influencing outcomes. A malicious actor can spend $1M on fake identities to swing a vote that controls a $100M+ treasury, achieving a 100x+ ROI on attack cost.\n- Attack ROI > 100x for large treasuries\n- Undermines the core 'one-person-one-voice' principle\n- Turns governance into a game of who can spin up the most wallets

Effective Sybil resistance requires layering cryptographic proof-of-personhood (e.g., Worldcoin, BrightID) with persistent cost functions. This creates a multi-faceted barrier where attackers must solve for both identity and ongoing economic expenditure.\n- Worldcoin's Orb provides global biometric uniqueness\n- BrightID's social graph creates web-of-trust verification\n- Stake-weighted layers add persistent economic cost to fake identities

Ignoring Sybil resistance leads to protocol capture by well-funded entities, causing value leakage from token holders to attackers. This destroys community trust and leads to forking events and governance apathy, as seen in early DAO experiments.\n- Direct value extraction via malicious proposals\n- Erosion of community trust and participation\n- Increased protocol risk premium and lower valuation

Minimum Anti-Collusion Infrastructure (MACI) uses zk-SNARKs to provide strong coercion resistance and Sybil detection. It allows for private voting while enabling a central coordinator to detect and filter Sybil blobs via quadratic funding formulas and identity proofs.\n- zk-SNARKs ensure vote privacy and correctness\n- Coordinator can reject votes from non-unique identities\n- Enables true quadratic funding (e.g., Gitcoin Grants) not just voting

The poster child for quadratic funding's vulnerability. Sybil farms systematically drained matching pools, forcing a pivot to expensive identity solutions like Gitcoin Passport. The cost of retroactive defense eclipsed the value of genuine community signaling.

• Matching fund leakage estimated at ~20-30% before mitigation
• Introduced ~2-week latency for donor verification
• Created a centralized checkpoint (Passport) in a decentralized system

A high-stakes experiment in delegated quadratic voting. While innovative, its retroactive airdrop-based distribution of voting power created a massive, low-cost attack surface. The protocol now spends significant resources on sybil investigation bounties and manual review, a tax on governance overhead.

• First round awarded ~$40M in OP tokens to unverified identities
• Ongoing forensic costs divert funds from actual grants
• Demonstrates the impossibility of pure algorithmic detection post-facto

Chose extreme Sybil resistance via small, known-member cohorts, sacrificing scalability and inclusivity. This created a governance bottleneck and centralization of power among early insiders, limiting the protocol's growth and innovation capacity.

• Capped at ~100 members despite $100M+ treasury
• High barrier to entry stifles new ideas and diversity
• Proves that over-correction can be as costly as the attack itself

A governance failure where low-cost Sybil attacks on token-weighted voting enabled a hostile takeover of the project's direction. The community was forced to execute a contentious hard fork, fracturing the ecosystem and destroying network value.

• Attack cost was trivial relative to treasury size
• Resulted in a chain split and brand dilution
• Case study in ignoring game theory at protocol design

Attempted Sybil resistance via vote-locking (veCRV) inadvertently created a financialized oligopoly. Large holders ("whales") and protocols like Convex capture disproportionate power, distorting emission incentives away from community goals.

• Top 10 addresses control >60% of voting power
• Bribe market volume exceeds $100M annually, a direct Sybil tax
• Security through capital concentration sacrifices decentralization

Emerging solution via ZK proofs of personhood (e.g., Worldcoin, Polygon ID). The compromise is a privacy-security-usability trilemma and significant verification overhead, adding latency and cost to every vote.

• Hardware/Orb dependency creates new centralization vectors
• Per-verification cost adds a ~$0.01-$0.10 tax per governance action
• The necessary evil for scalable Sybil resistance remains unproven at scale

A Sybil attacker can split a $10k stake into 10,000 wallets, gaining 10,000x the voting power of a single honest voter for the same cost. This makes governance capture cheaper than the value it controls.

• Attack Cost: Minimal gas fees for wallet creation.
• Impact: Renders the "one person, one voice" principle of QV meaningless.
• Outcome: Protocol direction auctioned to the highest bidder.

Anchor voting power to verified human identities, not wallets. Systems like Worldcoin, BrightID, or Proof of Humanity create a cost-prohibitive barrier to Sybil attacks.

• Key Benefit: Raises attack cost from gas fees to the cost of forging a unique human identity.
• Trade-off: Introduces privacy concerns and centralization risk in the verification layer.
• Architect's Note: Must be paired with robust revocation mechanisms.

Use Gitcoin Passport or Ethereum Attestation Service to score wallets based on on-chain history. Weight votes by a reputation score derived from age, diversity of activity, and stake duration.

• Key Benefit: Attacks require long-term, costly on-chain behavior instead of instant wallet creation.
• Mechanism: Filters out low-stake, high-volume Sybil clusters algorithmically.
• Implementation: Can be combined with a bonding curve to make spam exponentially expensive.

Most DAOs default to token-weighted voting because it's simple and sybil-resistant for whales. QV aims for legitimacy but opens a new attack vector. The architect's choice is a trilemma:

• Speed: Token voting (fast, capital-centric).
• Security: Proof-of-Personhood (slow, identity-centric).
• Decentralization: Pure QV (vulnerable, idealistic). You can only optimize for two.