[notriddle]

> because they're based on voting

All voting systems require protection against Sybil attacks. The best methods to protect against Sybil attacks are centralized. The not-best methods use proof of work, which has extreme downsides and only makes Sybil attacks expensive, not impossible.

[AnthonyMouse]

> All voting systems require protection against Sybil attacks.

The voting system is the protection against Sybil attacks. A successful Sybil attack would allow you to add your own TLDs, but if you can't already do that then you can't do a Sybil attack.

The real issue with that kind of system is deciding on the initial group of voters.

[notriddle]

How do the existing group of voters prove to themselves that the to-be-added voter is actually a unique person, and not a sockpuppet? If it’s something like a government ID, then they’ve outsourced the Sybil protection, and not actually gotten rid of it.

[immibis]

What stops me adding 10000000000 fake users and having them all vote for my new TLD?

[guerrilla]

Sybil attacks aren't possible in what was just described though since it requires a vote to create a new voter.