The Problem: Nostr’s decentralized identity, while enabling permissionless access, makes the network highly vulnerable to social manipulation and coordinated attacks. The ease of creating infinite identities (Sybil attacks) allows for the corruption of trust mechanisms (Web of Trust), reputation systems, and content discovery.

The Data: Academic research demonstrates that Sybil attacks on Nostr are practical and affordable. One study successfully simulated an attack using a modest computer cluster (80 cores), creating over 11,000 Sybil identities per day at an estimated cost of $5.43 per day. These fake profiles can be used to influence recommendation algorithms, manipulate reputation scores, launch spam campaigns, or isolate target users. Reputation systems based on metrics like “Likes” or “zaps” are particularly vulnerable to this type of automated manipulation.

Practical Implication: Nostr’s social layer can be easily “hacked” by actors with modest resources. This erodes trust, distorts the perception of popularity or authority, and can be weaponized to silence dissent or promote narratives. Defense requires complex graph analysis systems or entry barriers (like paid relays), which in turn centralize power or exclude users.