There is a well known decentralized system that scales called email. It has proven difficult to keep clear of spam, but that isn't an issue on a closed/authenticated email network.

A Sybil attack can be seen as either a censorship problem, or a trust problem. As long as you are careful how you add new members, such a system wouldn't be at all vulnerable to a sybil attack.

Sockpuppeting is easy, careful is impossible.

Sockpuppet on my corporate network where every account has a real person verified by HR...