sybil-detection
Installation
SKILL.md
Sybil Detection — Coordinated Wallet & Fake Activity Analysis
Sybil attacks in Solana token markets involve a single entity operating many wallets to create the illusion of organic activity. This skill covers detecting coordinated wallet clusters, wash trading, bundled transactions, and fake holder inflation — critical for evaluating whether a token's metrics reflect real demand or manufactured signals.
Why Sybil Detection Matters
Token markets on Solana are rife with manufactured signals:
- Inflated holder counts: 500 "holders" that are really 10 entities with 50 wallets each
- Fake volume: Wash trading between self-controlled wallets to simulate demand
- Artificial social proof: Many wallets holding small amounts to appear broadly distributed
- Rug preparation: Creator distributes supply across many wallets, then sells coordinated
- Bundled launches: PumpFun tokens where creator buys via Jito bundle in first slot
A token showing 1,000 holders with 80% funded from 3 wallets is fundamentally different from one with 1,000 independently-funded holders. Sybil detection separates real demand from theater.