The first round of innovations in Web3 focused on two points: using blockchain tokens to represent asset value (i.e. tokenization); and using tokens for smart contract applications (i.e. dApps). This gave rise to functional, governance, and asset-collateralized tokens, and dApps can use, trade, lend, and earn tokens in various commercial and social application scenarios.
Web3 has brought many benefits to society, lowering capital barriers, improving application transparency and cryptographic security, and providing permissionless financial services to the public. Despite its success, Web3 faces the risk of hyper-financialization. Once hyper-financialization occurs, those with the most financial resources will have excessive influence on core areas such as ecosystem development, governance, and culture. Currently, Web3 users know nothing about each other except their on-chain addresses.
In order to unlock more innovative application scenarios, Web3 needs to build a technology stack that operates based on the economic and social attributes of users. In this way, the on-chain relationship is not limited to transactions, but can be extended to personal relationships, culture, reputation, identity, and trust.
Integrating social capital into Web3 requires creating an on-chain identity layer that expands the use of on-chain addresses to not only show account balances, but also user characteristics, social relationships, reputation, and other information. Combining these identity information together, Web3 users can have a "soul." E. Glen Weyl, Puja Ohlhaver, and Vitalik Buterin elaborated on this concept in a research paper titled "Decentralized Society: Finding Web3's Soul."
This article will discuss the topic of Web3 identity from a macro perspective, focusing on how to combine blockchain, identity proofs, and oracles to create a feature-rich on-chain identity layer that meets various application scenarios and user trust assumptions.
Why does Web3 need to create an identity layer?
The core of Web3 is to achieve trust minimization, and the process can be almost 100% guaranteed to proceed as expected by the participants. The reason why blockchain adopts decentralization, economic incentives and encryption technology is to achieve trust minimization and ensure the accuracy, timeliness, anti-manipulation and non-tamperability of calculations for users. Executing code and storing data in a trust-minimized manner on the blockchain is also called "cryptographic facts."
CryptoFacts combines cryptography and decentralized consensus to reach consensus across a distributed network, create unified records, and perform computations for applications in a deterministic manner.
Crypto facts are primarily created based on game theory, which is to incentivize the rational behavior of most nodes in a decentralized network by rewarding the right behavior and punishing the wrong behavior. For example, most blockchain game theory assumes that if the network is completely transparent, decentralized, and economically incentivized, it will be difficult for attackers to succeed because they must pay a certain economic cost to launch an attack (such as computing resources in PoW networks and staking tokens in PoS networks). The ultimate goal of this game mechanism is to create deterministic software, that is, input x will always output result y.
The problem is, however, that economic incentives alone are not enough to build a framework for end users to conduct social and economic activities. First, the penalty mechanism established to achieve trust minimization in some use cases may be too strict for users, with the penalty greater than the reward, and thus the loss outweighs the gain. What if you are fined due to an accident or misunderstanding? In many use cases, users do not want to be influenced by economic factors, or at least do not want to take risks by staking a large amount of assets in their interactions (such as governance, public goods, and social clubs).
Web3 protocols may also face many other challenges, such as legal compliance, verifying off-chain behavior, or resolving disputes. This is especially true for protocols that provide pseudo-anonymity to users. While pseudo-anonymity is a valuable feature in some application scenarios (such as protection against manipulation risks), for many applications, it is necessary to know certain personal information of the end user in order to ensure normal operation.
Therefore, we urgently need to create an on-chain identity layer for Web3, which can prove the user's social identity to blockchain applications while protecting the privacy of personalized data such as user reputation, KYC/AML, characteristics, etc., and retain the trust-minimizing characteristics of blockchain to a certain extent or completely. Identity solutions can help users and applications understand other information besides user account balances and transaction history, and conduct on-chain interactions based on various types of social information.
For example, money markets can lower loan rates for users with good credit records; DAOs can airdrop memberships to users who support a cause; and companies can conduct KYC/KYB verification before establishing a business relationship. Ultimately, adding an identity layer on the chain will break the bottleneck of the existing Web3 technology stack and give rise to a range of innovative applications.
The underlying technology of Web3 identity solutions
To better understand identity information, let’s first look at the following three types of identity information:
Official Status – refers to an individual’s achievements and facts that are officially certified or legally recognized in a jurisdiction.
Social identity – refers to the unofficial attributes, achievements, or statements that an individual acquires from others.
Self-identity – refers to the attributes, achievements, or claims that an individual creates for himself or herself.
How these three types of identity information are applied to the Web3 field depends on the specific value orientation and business needs of developers, users or decentralized communities. For example, some companies may prefer official privacy identity information due to their own operating mechanisms. Some Web3 native applications may prefer transparent social identity solutions, and decentralized communities can verify the information of users on the chain through consensus. Each type of identity information has its own advantages and disadvantages, which need to be fully considered before adoption.
Web3's identity solutions are mainly divided into three categories, which can be used individually or in combination to meet different needs.
Blockchain: Identity Database
Blockchain is a public database. Technically, the data stored by users cannot be tampered with. Anyone in the world can access this data and it can be easily applied to various scenarios. However, storing raw personally identifiable information (PII) on a public chain may cause serious privacy issues because the public chain is essentially open and transparent.
Fortunately, there are other ways to access identity data and assertions on the blockchain. Users can store hashes of personal identity information data on the blockchain, while the data is stored in an off-chain database; they can also turn personal identity information or claims about data into tokens on the blockchain. Alternatively, an external entity (i.e., the blockchain) can be used to verify the user's off-chain identity information, and then the proof can be published on the chain for reference by smart contracts (i.e., publish a yes or no proof to prove whether Alice is over 21 years old).
Identification: Identity information and proof
Identity proof refers to a claim about an individual’s qualifications, achievements, characteristics, or any background information. Identity solutions use proof to verify whether an individual is qualified to perform certain actions, such as only a person with a driver’s license can drive a car, or only a person with relevant professional certification can practice in a certain industry.
The fundamental purpose of Web3 is to establish digital relationships, so the key to developing Web3 identity solutions is to have access to digital proofs. The two most common features of Web3 identity are verifiable credentials and decentralized identity identifiers (DIDs). Verifiable credentials are an unalterable statement about the user's identity, cryptographically signed by the issuer. The verifier can verify this identity through the DID, such as using a public-private key pair on the blockchain to verify that the hashed identity belongs to a certain user.
In addition, identity data or proof can be turned into tokens. For example, Soul Bound Tokens (SBTs) are non-transferable non-fungible tokens (NFTs) that represent the token owner's commitment, qualifications, membership, affiliation, or statement. SBTs can be issued by one user to another or by an institution. In addition, users can also issue them to themselves. SBTs contain a variety of information, which can be a degree certificate issued by a university or a statement that the user wants to be publicly accountable. SBTs are non-transferable, making them very reliable unique identifiers for on-chain addresses, but they are inherently transparent, making them difficult to use in scenarios that require privacy. POAPs are another type of tokenized identity solution, where event organizers can issue NFTs to participants to prove that they participated in the event.
The combination of tokenized and non-tokenized identities that users can control will lay the foundation for decentralized identity or self-sovereign identity (SSI). The essence of this concept is that users can own and manage their own identities and share them with applications as they wish.
Oracle: Verifier and transmitter of identity proof
Oracles can verify user identity information originally stored or generated off-chain and upload it to the chain. Oracles can directly transmit raw data from off-chain APIs or transmit data between different blockchains. Oracles can also perform operations on raw data before transmitting data to the chain and triggering on-chain execution (Note: For example, triggering on-chain token minting based on personal identity data stored off-chain).
One of the most novel use cases of oracles is that users can request data themselves, such as obtaining a degree certificate from a university or a legal certificate from a government website, and verify the source of the data. Users do not need to expose their data privacy to the oracle, but can prove it through zero-knowledge claims. Ultimately, the oracle can verify the validity of the user's off-chain identity information while ensuring data privacy.
Web3 identity solutions enable new application scenarios
The following are seven unique on-chain identity solutions that can unlock a variety of innovative Web3 application scenarios. These solutions use on-chain data, identity proofs, and oracles to verify various dimensions of user identity to enable different types of economic or social scenarios.
Legal ID – “You are someone”
If a company or project needs to comply with regulatory requirements in a certain jurisdiction or follow up with users after a contract dispute, identity information such as legal name, date of birth, and place of residence are very important.
There are several ways to prove a person's legal identity. One way is for an official ID issuer (such as a government or bank) to issue a verifiable ID. However, there is a problem with this, that is, most ID issuers do not currently want to build a verifiable ID system from scratch, nor can they invest in new technologies to improve existing IT systems.
Therefore, a more practical approach is to use DECO. DECO is a privacy-preserving oracle protocol currently under development. It uses zero-knowledge proof technology to allow users to prove data about their identity to applications without disclosing personal privacy data to the public or even oracles. DECO can connect to existing APIs without requiring any modifications by the API data provider, even if end-user verification is required.
Burrata participated in the DECO proof-of-concept project, where Web3 users can use Chainlink to access off-chain API data providers in the Burrata ecosystem to prove their Web2 identity to on-chain applications. This proof-of-concept project can access identity authentication platforms and document signing services through DECO without disclosing any private data on the chain or to the oracle, only needing to publish claims about private data. At SmartCon 2022, Burrata demonstrated a prototype for house rentals. Users need to verify their identity and sign a temporary rental agreement before renting a house.
Social proof of identity — “You have an online account”
Many applications will want to leverage already created social identities (such as Facebook and Twitter) in Web3-related services. Therefore, for security reasons, users must first verify the Web2 social identity associated with their Web3 address in order to interact with other users of the Web3 platform.
The PhotoChromic project has successfully completed the DECO proof-of-concept project, using DECO to bind Web3 users to their Twitter or Discord social accounts without exposing the underlying personal identity data in the process. Photochromic can bind users' Web2 and Web3 identities very well, allowing users to add more social attributes to their wallets and make social attributes into NFTs to ensure the authenticity and portability of the identity. Ultimately, we can combine users' on-chain and off-chain identities together and avoid wasting time on repeated KYC. Applications only need to be open to users based on certain criteria, without knowing the user's real-world identity or their social media accounts.
Proof of Creation – “You created something”
Many use cases do not require KYC, but do require proof of the origin of a statement or artwork. By tracing the creator of a text or item, users can prove the authenticity of their artwork or luxury goods, or verify the authenticity of a video or statement.
One way to establish a proof-of-creation mechanism is to issue SBT. As described in the paper "Decentralized Society: Finding Web3's Soul", an artist can issue an NFT from his soul (address), and others can verify that the NFT is indeed from this artist. The artist can also issue a statement, which is an SBT associated with an NFT and stored in his "soul" address, to prove that the NFT belongs to a certain series and the scarcity of the NFT. In addition, photographers can also issue photos and videos associated with SBT to prevent their works from being forged. Social critics can also issue SBTs associated with a statement (note: the statement can be about finance, politics or any other hot topic) and establish a personal reputation system based on the accuracy and ethics of his past comments.
These use cases all fit into the concept of the “Ledger of Record”, a concept proposed by Balaji Srinivasan. The “Ledger of Record” uses a decentralized protocol to cryptographically sign data on the chain, including social media data, data API interfaces, event streaming, newsletters, and RSS feeds. The concept of the record ledger aims to provide a single source of truth for official information.
Proof of Funds – “How much money do you have?”
Another important thing is to prove how much assets someone owns, which cannot be done with blockchain alone, because the assets may be stored off-chain or on other blockchains. In financial transactions, proof of funds is very important for assessing risks, because the more funds a counterparty has, the more reliable it is usually.
Teller is a DiFi protocol that provides a market for digital asset lending and supports low-collateralized loans. Teller used the DECO protocol in its proof-of-concept project to prove that the user's asset balance in the off-chain bank account exceeds the dynamic minimum threshold required for the loan. If the user's account balance exceeds the minimum threshold, then their risk as a lender will be reduced, so the loan collateral conditions will be greatly reduced. For example, if a lender needs to borrow $5,000, then they must prove that the balance in the bank account is at least more than $5,000 to prove their repayment ability.
For more details, please check out the blog post "How DECO enables low-collateral DeFi loans: Teller's proof-of-concept project"
DECO allows lenders to prove that their off-chain bank account balance exceeds a certain threshold.
Proof of social reputation - how much social reputation you have
Social reputation is an emerging identity segment that refers to the use of decentralized communities to verify certain actions or characteristics of users. Social reputation can also be extracted from the user's on-chain transaction history or SBT.
For example, if a user's on-chain transaction history can prove that their repayment record is good, then the lending protocol can lower the user's collateral threshold. Weyl, Ohlhaver, and Buterin mentioned in the paper that users can pledge SBT (reputation) to obtain better loan terms. Once the loan is repaid, the SBT will be destroyed or replaced with a new SBT, indicating that the user has repaid the loan. If the loan is overdue, an SBT will be automatically issued to represent the user's default, which is a bit like a bad review. However, it is worth mentioning that if you can give others a bad review SBT at will without any permission, it may cause some problems, such as personal information being disclosed, cyberbullying, or content manipulation.
The paper also talks about how the social reputation of SBT can be used to cold-start a Web3 community, specifically by airdropping tokens to soul addresses that meet certain conditions. For example, if a DAO wants to build a strong developer community, it can airdrop tokens to developers who hold three of the SBTs issued at five conferences, or other tokens that prove they attended the conference, such as POAP. The SBT portfolio can also be comprehensively evaluated to adjust the airdrop weight. For example, if a soul address holds environmental protection SBT, gardening SBT, and carbon sequestration tokens at the same time, it is eligible to receive governance tokens airdropped by a reforestation NGO.
Personality Proof - "Who Are You"
If applications can learn key information about users, i.e. whether they are bots or real people who cannot be copied, they can greatly improve functionality. Non-transferable and non-reusable proof of personhood can be effectively used in various applications as long as it can protect the privacy of users' personal data. For example, social media platforms can use proof of personhood to prevent bots from sending spam or malicious links to users, and to prevent false social consensus through Sybil attacks.
DAOs can use proof of personality to resist Sybil attacks and prevent a user from gaining huge control by manipulating multiple different accounts. One method is to calculate a series of SBTs in the soul address. If there is a certain number of SBTs with a high reputation in the address (especially SBTs issued by multiple different institutions or soul accounts), then the account owner is more likely to be a real person rather than a bot. However, resisting Sybil attacks is very difficult to do because verifying the uniqueness of personal identity proofs requires access to a database to verify whether there is duplicate information.
Proof of interaction — who you have interacted with
If an application can prove that a user has interacted with an object in some way, it will have the potential to realize a variety of innovative application scenarios. Proof of interaction is particularly applicable in marketing activities, where users are financially incentivized to perform certain specific actions in order to receive rewards. Certain interactions will even trigger the issuance of SBTs, such as donating to charity or providing community services, which can earn social welfare SBTs. In addition, this trigger mode also applies to recurring operations, such as in the x-to-earn application, where each interaction can trigger an airdrop.
Clique launched the DECO proof-of-concept project and developed a fan proof solution. This solution allows users to prove that they have interacted with a certain artist or creator's Twitter, or that they follow a content creator on Twitter. In the whole process, users do not need to reveal their Twitter account to the application to protect their privacy. This mechanism can prove that you are a fan of a certain creator and receive various tokens/NFT rewards, reputation or privileges. In addition, Clique can also obtain better data through DECO to ensure the authenticity of user follower numbers and content views.
The next phase of Web3 development
There is no doubt that identity is a key link in the expansion of Web3 applications and services. However, it is very difficult to implement identity proof on the blockchain. We need to protect user privacy, prevent fraud in the process of issuing identity proof, and strike a balance between data immutability and proof efficiency. Despite the difficulties, Web3 identity can indeed bring unprecedented value to users, allowing users to share only the information they want to share with applications. Users can even prove their identity information without revealing their privacy, which can be achieved through DECO technology.
It is through these technological innovations that social capital will become an indispensable part of the chain, preventing Web3 from falling into the vortex of excessive financialization, and realizing a series of innovative application scenarios, attracting both enterprises and mature institutions to Web3. Ultimately, identity solutions will minimize the trust of Web3 and integrate it into our daily lives, better protecting the privacy, transparency and ownership of sensitive data for users.
