My off-hand mention of deep fake technology being a potential tool to aid Sybil attackers against the EdenOS governance process caused some back and forth discussion about the viability of deep fakes being used in a live Zoom meeting.

I already made some comments within that thread about that topic but I didn’t want to distract from the main topic of that thread which was about the proposed roadmap of EdenOS.

So I created this topic so that we can go into details about not only how viable deep fakes are as a tool for Sybil attacking the governance processes of EdenOS but also more generally about other techniques that we foresee might be used by attackers, how credible we think they might be, and what processes we think are needed in EdenOS to counter the attacks.

From the other thread:

My concern isn’t them transforming their appearance to something completely different but rather that the ability to do that allows them to repeat that for multiple sockpuppet identities. The main protection against this in Eden governance processes seems to be:

1. relying on existing (hopefully honest) members to invite and endorse new members;
2. scheduling the governance meetings at the same time so that it is difficult for one person to participate in more than one;
3. and, recording and sharing the meetings so that people can cross-reference to see if some person appeared to be in more than the one meeting they were intended to be in.

Item 3 is undermined a lot by deep fake technology. Item 2 remains mostly (but not entirely) resistant to deep fake technology, but item 2 protections would be weakened as well if we allow the meetings to be at different times for the convenience of the members involved (especially if these meetings need to take a much longer time). One trade-off that can be made between the Sybil protections of item 2 and the convenience of working around people’s busy schedules is to break up the meetings into a short introductory phase that happens simultaneously for everyone, and the longer deliberation stage that can be scheduled among members of the group in a more flexible way.

Item 1 is still remains there to protect against Sybil attacks but if an attacker can get three members in (or can convince three members to collude) they can easily keep adding more and more members (granted at some minimal cost) to try to improve and maintain their Sybil attack capabilities. There would be dispute resolution processes to hopefully catch bad actors, but I wonder how effective they would be in practice and whether it would be a game of whac-a-mole once the bad actors have already infiltrated the community.

another threat is an army of low-wage workers doing what the boss says. They will take part in zoom calls and say whatever they are told to. After infiltrating deeply enough, they can influence the voting in their employer’s favor.

I agree that there is no way to track the reputation of strange and confirming EOS members. It is risky to allocate funding to low level representatives.

I suggest that Eden should enhance some sort of simple and temporary reputation system before the final Eden member election. For example, let’s say each representative candidate has an EOS account, those candidates could attach their EOS accounts to their forum name or telegram account so that those group voters can quickly track back what they are doing in the EOS community before the election started.
When election start, representative candidate should use their EOS account to sign something to proof “he” is “he” so that no one can impersonate some community leaders.

i.e. When “Group 30” starting Level 1 representative election, “Group 30” members should sign a transaction with memo say “I am participating Group 30 Eden Community Level 1 representative election”. This solution is not elegant but practical. At least provide some sort of lowest level security.

Some extra step should also be enhance before representative election to let some highly skilled technician but not often show up in the forum or telegram participating the election. Before the election, it should give some time to group members to introduce themselves and show what they have done (i.e. their working experience, portfolio, participated projects) before.