IOTA has introduced a system to mitigate the problems related to a possible Sybil attack. The company announced this in a blog post.
A Sybil attack, the name of which comes from a person who really existed, Sybil Dorsett, consists in creating different accounts or nodes or machines, made by a person, in order to control the network, which in the blockchain environment results in a 51% attack.
As can be imagined, it is necessary to integrate a system that allows counteracting fake identities. For this type of solution, it was decided to use resource testing, i.e. a mechanism that allows demonstrating that the node has the relative collateral, for example, the computing power in PoW (Proof of Work) and so on.
Considering that IOTA allows interacting with different IoT devices, introducing a system related to computational power would only restrict access to those devices which by their very nature would not have enough power to pass the test, hence they introduced mana, which is the main component for protecting against Sybil attacks.
Mana is nothing more than a shadow token that accompanies the main transfer and that is sent to a particular node, and the amount corresponds to that of the transferred token. This system can be found and applied to the following components:
Auto peering: nodes with similar mana will peer with each other to reduce the possibility of node isolation (eclipse attacks);
Rate control: network access is guaranteed according to the mana owned;
Consensus protocol: in voting protocols, votes are weighted according to the mana.
Mana is simply an indicator of the reputation of the node and therefore if the node has a lot of Mana then it can do more transactions compared to those who have small amounts of it.
The system will also be enhanced with rewards for those who have a good reputation, without anyone being penalised, this will be very useful to encourage a virtuous system that in the future will also be implemented in the GoShimmer.
