Possible attack / bug though using the distance rule

Hi all,
is it right, that 4 members could attack the web of trust, so that nobody else could join or renew his account?

For example: One attacker who is a member has certified 3 other members that are also part of the attack.
These other 3 members do not have further certifications.

If these 4 members do not certify other members, nobody could join anymore, because no one could fulfill the distance rule to the attacker.

Even worse, if the attackers newly joined or renewed their account, all other members would have to renew before the attacker, but could not renew, because they cannot fulfill the distance rule to the attacking account.

On the end only the attacking accounts would be valid accounts, so they could fulfill the distance rule for their accounts.

One solution for this attack would be to use the following rule instead of the current distance rule.

To become a new member, one must fulfill the distance rule to X percent (lets say 90%) oft the current members who have at least 3 certifications.

What do you think?

1 Like

Yes this attack works. And your solution is probably a better one :slight_smile:

Added an issue on github:


1 Like

just thought about, that the above outlined attack scenario could also happen through not aware newcomers that make only / mainly trust relationships to other newcomers.

even with the above suggestion of the 90% rule, we could sooner then later end up with having more then 11% newcomers that mainly certified other newcomers.

some thoughts to these problem:
the first thing we could do is to recommend to certify people that certified you (of course you still should verify them)

a further solution could be to count only both way certifications / trust lines for the web of trust

another solution could be to count only members for the distance rule that reach x% (lets say 66%) of the members with the distance rule settings.

of course also an combination of all 3 would be possible.


Good idea, which seems enough to me. We don’t need the 2 other rules. It can even repace efficiently the current rule using sigWoT and its inherent problems.

Good :+1:

which one you mean? one was just an suggestion for best practice not a rule, I think still its good to encourage both way certifications, because they make the wot stronger, and so or so if you verify one, the other one can verify you also easily at the same time :smile:

yea the sigWot rule we would not need any longer :smile:

the question is how to implement the new rule efficiently? is the calculation efficient enough to calculate it on the fly, or should it be reevaluated every time frame similar to how currently memberships are handled?

I think it would be good to make also somehow visible in the client(s) which members are currently fulfilling this rule and through that take active part in securing the WOT

I meant we don’t need your initial “90%” rule neither the rule of counting only the 2 ways certifications.

We could add the 4) recommandation, maybe under the form of a:

It is a good practice to certify the people who certify you, both for courtesy and web of trust security.

Or something alike. :slight_smile:

Yes it would be handled a similar way: each time frame (i.e. when a new valid block is received) we compute for each member if he is a sentry1 or not.

It would not be that costly because we do not need to make the complete computation of the WoT each time, we just need to do it on members impacted by:

  • broken links (just expired certifications)
  • new links (new certifications)
  • new members
  • gone members

[1] that’s how I call the members against which we test the WoT rule


nice name :smile:

not sure yet if we dont need the original lets call it 90% rule.
the original attack would not be possible with the new sentry rule.
but it could be very very hard to reach 100% of all the sentries if you want to join or renew your membership.

hmm, maybe time will show :smile:

Oh yes right, maybe we still need the 90% rule.

1 Like