Skip to content

80.5 Abuse Prevention & Moderation Tools

Maintaining fairness and preventing exploitation is critical.

  • Automated detection:
  • IP limits, bot activity, duplicate submissions
  • Rate limiting per wallet/IP
  • Manual flagging:
  • Users can report suspicious quests or accounts
  • Admin queue for review
  • Penalties:
  • Temporary bans, Fame/Point rollbacks, blacklist
  • Transparency:
  • Rules are public and abuse triggers are logged

Anti-Sybil Mechanics and Abuse Prevention

  • Wallet Uniqueness and Cost to Entry: Each AdaVoyager account is tied to a unique Cardano wallet address. While technically someone could create many wallets, AdaVoyager introduces friction:

    • Full Game NFT Requirement: The biggest deterrent is that to fully benefit (earn full rewards), an account needs an NFT avatar or pass. If that NFT costs something (even a modest amount), then mass-creating accounts becomes expensive. For example, if an avatar NFT costs say $20, a malicious actor making 50 fake accounts would need to spend $1000 – likely more than any reward he could farm. This is similar to how some airdrop strategies assume the cost of creating many wallets (funding them, managing keys, etc.) deters large-scale sybil exploits . Even AdaVoyager’s free accounts have limited reward potential, reducing incentive to farm them.
    • Wallet Staking Requirement: AdaVoyager could require that any participating wallet must have at least X ADA staked to a stake pool (like DripDropz requires 10 ADA delegated ). This ensures wallets are real and have some skin in the game (10 ADA is not much, but hundreds of wallets with 10 ADA each becomes costly).

  • Identity Verification (Optional but Encouraged): For additional proof of uniqueness, we can leverage identity tools:

    • Social Account Link: Users might be asked to link a Discord or Twitter. If one Discord is found linked to multiple AdaVoyager accounts, that’s suspicious. AdaVoyager may restrict one Discord account to one AdaVoyager account. (Though savvy sybils can make multiple socials too, it adds work.)
    • BotBasher / Humanity Check: As an advanced measure, AdaVoyager could integrate solutions like Humanode’s BotBasher for Discord, which verifies unique human users via biometric without storing personal data . If AdaVoyager has an associated Discord community, verifying users there can grant them a “Verified Human” status in AdaVoyager, possibly required for big rewards. This would make it extremely hard to have many verified accounts because each needs a unique human biometric. QuestN (a similar quest platform) used such approaches to enforce one human = one reward .
    • Email/Phone verification: Perhaps a lighter approach is requiring a unique email or phone for account verification. However, these can be bypassed by determined farmers, so they’re supplementary.

  • Quest Design to Thwart Bots: Quests themselves can be structured to be hard for bots:

    • Use CAPTCHAs or human verification steps for quest submissions.
    • Require creative input (like writing a short message, or taking a photo at a location for IRL events) which bots cannot easily mass-produce uniquely.
    • Manual review for quests: if a quest is high-value (e.g. rewards a lot of tokens), the AdaVoyager or partner team might manually verify submissions. For instance, if 1000 people submit the same screenshot or tweet text, it will be obvious and duplicates can be disqualified.
    • Spread out reward distribution in time so that someone trying to script it will have to keep their bots running and undetected for long durations.

  • Rate Limiting and Monitoring: The system monitors unusual activity:

    • If one IP address or device is creating many accounts or completing quests at an inhuman speed, flags go up.
    • Quest completion times and patterns are analyzed. If a cluster of accounts complete a series of quests in the exact same timestamps or order, they might be bots.
    • Perhaps limit how many quests a brand-new account can do in the first hour/day (to prevent automated spamming of easy quests). Legit users rarely complete 50 quests in one hour, for example.

  • Referral and Invite Abuse: If there’s a referral system, impose checks like: referred accounts must actually do meaningful activity before counting, and limit how many referrals from one source count. Otherwise, someone could refer themselves repeatedly.

  • Community Reporting: Provide tools for users to report suspicious behavior. Often the community can spot cheaters (like someone bragging about bots, or noticing multiple accounts with similar names). AdaVoyager moderators can investigate reports.

  • Penalties: Clearly outline in the Terms and wiki that cheating will result in penalties:

    • Removing illegitimate points or rewards.
    • Banning accounts involved (and possibly their associated wallets/NFTs being blacklisted from future participation).
    • If guilds collude in cheating, the guild can be disqualified.

  • Sybil-resistant Reward Allocation: In some cases, AdaVoyager might choose to reward by tiers or lottery rather than per account. For example, instead of “every account that does X gets 10 tokens” (which encourages 100 fake accounts to get 100_10 tokens), they might do “10 tokens for first account, but diminishing for more from same user” or better, “we’ll randomly pick 100 winners out of those who did X to get 100 tokens each.” A sybil attacker with 10 accounts has 10 tickets out of many, rather than guaranteed 10_ reward. However, that also reduces honest user rewards predictability, so it’s used selectively.

  • Transparency and Sybil Hunting: Projects can use on-chain data to spot sybils as well. For instance, if all suspicious accounts send their earnings to the same main wallet, that can be tracked. Or if they were funded from the same source, etc. There are “sybil hunter” techniques used in airdrops . AdaVoyager and partners might analyze winners to exclude obvious farms. While not foolproof, it raises the bar for attackers.

  • Example of Measures: To illustrate, consider an attempted abuse:

    • Mallory sets up 20 new Cardano wallets, trying to farm AdaVoyager’s free quests. She doesn’t buy avatar NFTs because that would cost too much. She completes some social tasks on each (copy-pasting same content). AdaVoyager’s systems notice that those 20 accounts all use very similar Twitter handles and their posts look identical – they get flagged. Even if not immediately, when reviewing quest submissions, moderators deny the duplicates.
    • Also, those accounts hit a wall: as free accounts, they can’t withdraw Gold and have a low earning cap. Meanwhile, a real dedicated user Alice, who has one account and bought an avatar NFT, is earning at a higher rate and with trust. Mallory’s effort yields little, and eventually her accounts get banned, wasting her time.

  • Leveraging Community for Verification: Some tasks (like creative contests) are inherently sybil-resistant because quality matters more than quantity. If you need to, say, make a meme and the community upvotes the best, one person with 50 accounts can submit 50 low-effort memes, but likely none will win if others make better ones. And the community would notice a bunch of similar entries.