# Stopping Sybil Attacks at Scale

<div data-with-frame="true"><figure><img src="/files/ijnEfvQdm5orOz6rG3Kj" alt=""><figcaption></figcaption></figure></div>

Mugshot is a Web3-native sustainability platform that gamifies the circular economy. By rewarding users with crypto tokens for choosing reusable cups over disposables, Mugshot incentivizes positive environmental habits.

{% hint style="danger" %}
With a direct financial incentive attached to every scanned cup, the platform became an immediate target for sophisticated actors looking to "farm" rewards without actually participating in the ecosystem.
{% endhint %}

### Challenge: The "Crypto Farmer" Problem

As a rewards-based Web3 application, Mugshot faced a unique set of challenges that traditional Web2 apps rarely encounter.

1. Sybil Attacks: Sophisticated "farmers" used emulators and scripted bots to create thousands of fake accounts (Sybil identities) to drain the reward pool.
2. Wallet Churn: Attackers would constantly rotate crypto wallets to bypass basic identity checks.
3. Vendor Fatigue: Mugshot initially deployed a well-known enterprise fingerprinting solution. While effective, the pricing model became prohibitive as the user base scaled.

> We were paying enterprise rates for a solution that was great for e-commerce but didn't fully grasp the nuance of crypto-farming. We were bleeding budget on identity checks while sophisticated bots still slipped through.

### Why GuardianStack was the fix

Mugshot needed a solution that offered higher entropy (accuracy) at a sustainable price point. After evaluating several vendors, they switched to Guardian.

The decision drivers were:

* **Cost Efficiency:** Guardian offered a transparent pricing model that reduced their monthly bill by over 20% compared to their previous vendor.
* **Web3-Ready Signals:** The ability to detect specific browser anomalies common in "farming" setups (headless browsers, injected wallet scripts, and automation tools).
* **Privacy-First:** As a Web3 company, Mugshot values user privacy. Guardian's hashing architecture allowed them to stop fraud without intrusive PII collection.

{% hint style="success" %}
Mugshot saw an immediate **22x increase** in the detection of fraudulent signals compared to their previous legacy provider.
{% endhint %}

### How Mugshot uses Guardian

Mugshot integrated the GuardianStack SDK directly into their Reward Claim and Wallet Connection flows.

Instead of banning users immediately, they used GuardianStack's Visitor ID to flag suspicious devices for "Soft Challenges", requiring additional verification only for high-risk users.

#### Turning signals into intelligence

Mugshot utilized Guardian's raw device signals to identify "clusters" of fraud. When one bad actor was caught, Guardian allowed the team to look back and retroactively ban hundreds of associated wallets that shared the same deep-device parameters, even if they used different IP addresses or VPNs.

> It wasn't just about stopping one bot. Guardian gave us the data to map out entire farming rings. We realized 22x more accounts were fraudulent than we thought.

### The Impact

Since switching to Guardian, Mugshot has secured their token economy, ensuring rewards go to real humans saving the planet, not bot farms.

* **22x Increase in Fraud Detection**: Uncovered hidden bot rings the previous vendor missed.
* **>20% Cost Reduction:** Lowered operational costs, allowing funds to be reinvested into user rewards.
* **Industry leading low false positives**: Legitimate eco-conscious users experienced no friction.

{% hint style="info" %}

#### Ready to stop fraud without breaking the bank?

Get the high-entropy signals Mugshot uses to block farmers and save 20%.

[Get your API Key →](https://www.google.com/search?q=https://dashboard.guardianstack.ai)
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.guardianstack.ai/documentation/case-studies/stopping-sybil-attacks-at-scale.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.