Stopping Sybil Attacks at Scale
Mugshot increases fraud detection by 22x and cuts costs by 20% with Guardian. Mugshot suffered sybil attacks in the web3 industry.
Mugshot is a Web3-native sustainability platform that gamifies the circular economy. By rewarding users with crypto tokens for choosing reusable cups over disposables, Mugshot incentivizes positive environmental habits.
With a direct financial incentive attached to every scanned cup, the platform became an immediate target for sophisticated actors looking to "farm" rewards without actually participating in the ecosystem.
Challenge: The "Crypto Farmer" Problem
As a rewards-based Web3 application, Mugshot faced a unique set of challenges that traditional Web2 apps rarely encounter.
Sybil Attacks: Sophisticated "farmers" used emulators and scripted bots to create thousands of fake accounts (Sybil identities) to drain the reward pool.
Wallet Churn: Attackers would constantly rotate crypto wallets to bypass basic identity checks.
Vendor Fatigue: Mugshot initially deployed a well-known enterprise fingerprinting solution. While effective, the pricing model became prohibitive as the user base scaled.
We were paying enterprise rates for a solution that was great for e-commerce but didn't fully grasp the nuance of crypto-farming. We were bleeding budget on identity checks while sophisticated bots still slipped through.
Why GuardianStack was the fix
Mugshot needed a solution that offered higher entropy (accuracy) at a sustainable price point. After evaluating several vendors, they switched to Guardian.
The decision drivers were:
Cost Efficiency: Guardian offered a transparent pricing model that reduced their monthly bill by over 20% compared to their previous vendor.
Web3-Ready Signals: The ability to detect specific browser anomalies common in "farming" setups (headless browsers, injected wallet scripts, and automation tools).
Privacy-First: As a Web3 company, Mugshot values user privacy. Guardian's hashing architecture allowed them to stop fraud without intrusive PII collection.
Mugshot saw an immediate 22x increase in the detection of fraudulent signals compared to their previous legacy provider.
How Mugshot uses Guardian
Mugshot integrated the GuardianStack SDK directly into their Reward Claim and Wallet Connection flows.
Instead of banning users immediately, they used GuardianStack's Visitor ID to flag suspicious devices for "Soft Challenges", requiring additional verification only for high-risk users.
Turning signals into intelligence
Mugshot utilized Guardian's raw device signals to identify "clusters" of fraud. When one bad actor was caught, Guardian allowed the team to look back and retroactively ban hundreds of associated wallets that shared the same deep-device parameters, even if they used different IP addresses or VPNs.
It wasn't just about stopping one bot. Guardian gave us the data to map out entire farming rings. We realized 22x more accounts were fraudulent than we thought.
The Impact
Since switching to Guardian, Mugshot has secured their token economy, ensuring rewards go to real humans saving the planet, not bot farms.
22x Increase in Fraud Detection: Uncovered hidden bot rings the previous vendor missed.
>20% Cost Reduction: Lowered operational costs, allowing funds to be reinvested into user rewards.
Industry leading low false positives: Legitimate eco-conscious users experienced no friction.
Ready to stop fraud without breaking the bank?
Get the high-entropy signals Mugshot uses to block farmers and save 20%.
Last updated
Was this helpful?