AI Agents Defeat Sybil Defenses, Identity Moves Online

Paolo D’Amico, senior staff product engineer at Tools for Humanity, says artificial-intelligence agents are defeating traditional defenses against Sybil attacks and shifting identity to the center of online security. He predicts that within five years systems such as World ID, Agentkit and the x402 protocol will be used to verify humans and authorize agents for online transactions.

Sybil attacks involve one actor creating many fake accounts to manipulate platforms. Defenders historically detected clusters of accounts by matching timing, repeated scripts or identical behaviors. D’Amico noted AI allows attackers to generate varied social posts, different on-chain transactions and human-like timing, making those legacy signals less reliable. “AI makes that automation both easier to deploy and more convincing in practice,” he added.

Simple puzzles and CAPTCHAs are becoming easier for AI to solve, D’Amico says, so new protections must show that a real person is present in stronger ways. Tools for Humanity is developing systems that aim to prove a user is unique without revealing personal data. World ID uses zero-knowledge cryptography and a piece of trusted hardware called the Orb to verify that a credential represents a distinct person while keeping identifying information private. D’Amico expects World ID to be broadly used by 2026 to limit mass-created identities.

Agentkit is a software development kit that can grant an autonomous agent a limited authorization to present a person’s proof-of-human credential. The x402 protocol handles payments and resource access for agents. D’Amico described the setup as a modern power-of-attorney model: an agent acting on behalf of a person would carry a cryptographic signature proving it was authorized by a verified human and would be limited to the permissions the person granted.

One practical use is rate limiting tied to unique humans. A website could allow a fixed number of requests per verified person over a given time, reducing the advantage of mass-produced accounts. World ID’s zero-knowledge proofs are designed to let systems confirm someone is a distinct human without learning their identity details.

D’Amico expects regulation to evolve alongside these technologies, affecting how identity and privacy are managed. He warns that changing rules will create new design requirements and potential risks for identity systems.

Industry responses to agent-driven interactions include cryptographic proofs, hardware trust anchors and protocols that link payments and actions to authorized keys. These technical measures are intended to limit the ability of a single actor to control large numbers of effective online identities while preserving user privacy.