[syzygyhack]

It's an interesting problem and one that many decentralized applications will be forced to contend with, beyond simple airdrops. Many on-chain protocols and primitives simply don't need to differentiate between human user and program, but the ones that do are usually crippled if they fail to adequately do so. Quadratic funding mechanisms, for example.

I believe we're still very early on this front, there's lots of opportunity for innovation in terms of Sybil defense. Dox Your Customer is the easiest and naturally the most at odds with the Web3 paradigm, but there are others that make fewer compromises which have been tried with varying levels of success. Vouch networks/social graphs, attestation or reputation systems, video identity registries, recurring cost, time-coordinated Turing tests, etc.

I am certain novel approaches will continue to emerge until we land on something robust without sacrificing decentralization or the right to privacy.