# Protection Against Sybil Attack In the blockchain context, a Sybil attack is one in which an attacker subverts a system by creating myriad identities to run nodes, and applies them to gain a disproportionately large influence over the network. Alternatively, the attacker may run one node but attempt to operate that under multiple identities. Blockchains such as Bitcoin's PoW are theoretically vulnerable to the variant of a Sybil attack, a 51% attack aka Double Spending. Such blockchains’ susceptibility to attack is proportional to the hashing power. Any agent that can hold 51% of the hashing power of the network, can overcome the security of that network. However, Blockchains such as Bitcoin are essentially protected from attack, because, to be economically viable, the market cap of the currency must be both sufficiently valuable to justify the cost of obtaining that hashing power, and affordable to the attacker. In a double-spend attack, a malicious actor attempts to spend their funds twice. Say Bob has 10 tokens and attempts to send 5 tokens to Alice and 6 tokens to Jill. While Bob → Alice and Bob → Jill are both valid transactions initially, this validity depends upon the status of the other transaction. It might be that both of these transactions of equal nonce both succeed in being entered as events – which is unlikely due to internal procedures – however, both transactions can not be confirmed thanks to the aBFT consensus algorithm. aBFT determines the event’s order, which is equal on all the nodes unless more than 1/3rd of nodes are malicious. First, the order of events is determined, and only then are the transactions executed. This means that there must be an agreement that Bob sent tokens to Alice first or to Jill first. Whichever the agreement falls upon, let’s say the 5 tokens sent to Alice for this example, this event will undergo a successful transaction. The Bob → Jill transaction attempt will be rejected because its nonce was already "occupied" by the Bob → Alice transaction. Agreement on timing is everything. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.netdex.io/netdex-solutions/battle-tested-security/protection-against-sybil-attack.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.