Interoperability leader LayerZero’s recent self-reporting effort to mitigate Sybil attacks has identified over 800,000 addresses implicated in an airdrop scheme.
LayerZero collaborated with risk management platform Chaos Labs and blockchain analytics firm Nansen for a meticulous analysis. The investigation revealed 803,093 addresses as potential Sybil actors, defined as users creating multiple fake accounts to maximize airdrop rewards.
In early May, LayerZero announced a snapshot for its forthcoming ZRO token airdrop, initially unveiled in December 2023. Subsequently, co-founder and CEO Bryan Pellegrino addressed concerns about employee participation in the airdrop. On May 7, Pellegrino declared on X that employee participation in the airdrop would be a “fireable offense.”
Following the May 1 snapshot, LayerZero intensified its efforts to identify Sybil actors by implementing a self-reporting mechanism. This initiative allowed suspected addresses to come forward, with self-reported addresses receiving 15% of their intended token allocation. The remaining 85% would be redistributed to qualified users, encouraging honest reporting and protecting the ecosystem from abuse.
Initially, over 2 million addresses were flagged as potential Sybils. However, after applying stricter criteria to enhance accuracy and reduce false positives, the list was refined to 803,093 addresses.
LayerZero emphasized that these preliminary results aim to exclude large clusters of addresses from eligibility for bounty hunting. The findings are not final, and as the methodology evolves, some addresses may be reassessed and potentially removed from the Sybil list.
The next phase, termed Sybil Bounty Hunting, begins on May 18. LayerZero will engage the community in identifying Sybil addresses, requiring bounty hunters to report at least 20 addresses with a transparent and robust methodology. Successful reports will earn participants 10% of the Sybil’s intended token allocation, awarded exclusively to the first eligible reporter of each address.
To ensure clarity and consistency, LayerZero stated that the initial list from the self-reporting phase would remain unchanged during the bounty-hunting process.