SybilShield-Core is an open-source, modular framework that detects and isolates Sybil identities in permissionless peer-to-peer blockchain networks. A Composite Trust Score fuses behavioral telemetry, peer-graph topology, and economic commitment, no Proof-of-Work tax, no centralized identity authority, just observable evidence governing each peer's influence on consensus.
Sybil resistance is not a niche blockchain concern, it is the structural assumption that "one peer, one vote" depends on. The same identity-spoofing pattern underwrites attacks on decentralized federated learning, oracle price feeds, and any system that trusts the apparent diversity of its participants. A framework that closes this gap without reintroducing a central authority strengthens the integrity of decentralized infrastructure that increasingly underpins finance, identity, and shared AI training.
Three independently maintained sub-scores combine into one Composite Trust Score (CTS) per peer, which then governs quorum weight, connection acceptance, and (optionally) federated learning aggregation weight.
Continuously updated from block relay timing, mempool propagation, and voting deviations. Decays toward neutral with a 24-hour half-life, so static whitelisting is impossible: inactive peers must keep demonstrating good behavior.
Derived from local clustering coefficient, SybilRank propagation from high-stake seed nodes, and subnet diversity. Penalizes the tight-cluster topology characteristic of Sybil subgraphs without requiring a certified honest seed set.
Captures stake age and capital lockup. Used as a contributing signal rather than the primary defense, since well-capitalized adversaries can offset pure economic penalties through identity rotation.
A sigmoid mapping turns the composite score into quorum weight. Four response tiers, monitoring, throttling, peer-list removal, and full quarantine, apply escalating but reversible pressure as the score drops.
Evaluated across four adversarial scenarios on synthetic P2P networks of 50 to 2,000 nodes, with adversary fractions from 10% to 45%.
| Attack class | SybilShield-Core defense |
|---|---|
| Consensus masking | Behavioral + graph score drift triggers quorum weight reduction before false views can dominate a target's local chain |
| Eclipse partitioning | IsolationGuard subnet-diversity and per-subnet connection limits reject monopolizing connection attempts independent of the CTS |
| DFL gradient poisoning | CTS-weighted FedAvg attenuates the aggregation weight of peers whose gradients deviate statistically from honest submissions |
| Mempool / bandwidth exhaustion | Behavioral score penalizes flooding and GETDATA cycling, escalating to connection throttling and quarantine |
Python 3.10+ is the only prerequisite.
git clone https://github.com/sunilgentyala/SybilShield-Core.git
cd SybilShield-Core
pip install -e ".[dev]"
# Run a Sybil simulation (50-node network, 30% adversary ratio)
python scripts/run_simulation.py --nodes 50 --sybil-ratio 0.30 --scenario eclipse
# Run unit tests
pytest tests/unit/ -v