Welcome back to ‘The rise of web3 social’! 𓀔
In the past few weeks I’ve been learning about web3 identity and the stack of projects that, combined together, may help us solve painful web3 issues like drophunters and sybil attackers, while setting the foundations for a frictionless internet UX where we go from app to app with our social graph and benefit from a highly customized service without ever having to log in / sign off and at the same time preserve data privacy. Even maybe earn some returns on the value we create by doing things online. ㋡
So i did what I know how to do and created a quick mapping of this emerging space. Please keep in mind that projects on this mapping might fit into multiple categories at once.
This article is a more exhaustive coverage of all projects on this mapping. If you want the more entertaining version you can watch (and obviously mint) this video.
Please note that you should do your own research to double check the things that I report in this article. Most often I’ve taken information from the various project’s documentation and websites, sometimes podcasts and articles.
Proof of Personhood
Proof of Personhood is a direct method to combat drop hunters and Sybil attacks. It enables individuals to demonstrate their unique human identity using a verified on-chain identifier. This process helps ensure that each participant in the network is a real person, thereby enhancing the integrity and fairness of the system.
Worldcoin employs biometric technology to identify users, similar to the use of fingerprints in passports. It uniquely identifies individuals by scanning their iris using a specialized device, creating a blockchain identifier called WorldID. However, Worldcoin has faced significant criticism due to privacy concerns surrounding the use of highly sensitive biometric data. A data breach or any security loophole in this context could have severe implications. Additionally, a major challenge for Worldcoin is the operational complexity and the associated costs of scanning the entire global population individually with their specialized hardware.
BrightID also focuses on identifying unique individuals, but it takes a different approach from hardware-based solutions. Instead, it uses a process known as 'social graph-based verification.' This method involves users verifying each other through live video calls (BrightID) and a peer-to-peer rating system (Aura). However, this approach presents its own set of challenges. Building a verification social graph from the ground up is a complex task, and there are privacy concerns, especially since individuals involved in the verification process can identify each other during live calls.
Anima, a project developed by Synaps—a KYC provider for cryptocurrency companies—utilizes facial authentication -facegraph- technology as a biometric mean to generate proof of personhood credentials. It is also possible to use traditional ID proofs like passports to generate these credentials. All proofs of personhood are stored in a personal safe, accessible only using the user's keys.
Absinthe Labs takes a lightweight approach, addressing the Sybil problem with on-chain CAPTCHAs. This method helps protect smart contracts from bot interference. Absinthe Labs' system ensures that each CAPTCHA challenge is unique and directly sent by the account needing to resolve it. Once they’ve completed a challenge once, users can continuously login for a period of time.
In a recent paper discussing proof of personhood, Vitalik Buterin proposed a hybrid approach that combines biometric and social graph-based methods. He suggests initially establishing the network using biometric data and hardware, creating a foundation of trust. Following this, the network can be expanded through social-graph based verification.
However, resolving the Sybil issue isn't likely to be achieved through a single solution. Instead, the entire identity space is addressing it from various perspectives, employing multiple methods and strategies to effectively tackle the challenge.
Reputation (1): credentials & attestation tools
nft://undefined/undefined/undefined?showBuying=true&showMeta=true
Establishing trust in the on-chain world isn't limited to proving one's uniqueness as a human. A more nuanced approach may involve creating an on-chain web of trust, which could emerge from accumulating a record of on-chain credentials linked to an identity. Unlike proof of personhood, these credentials can be issued by various entities and hold different meanings for different people. As our wallets gather a diverse range of credentials, they begin to build a rich tapestry of data. This accumulation enables the formation of identity and reputation systems that more closely mirror the intuitive ways we establish trust in the real world, both as individuals and institutions.
Here are three credential technologies in use today:
-
Attestations: These function as a simple yet effective system where any entity can make a statement about another, sign it, and record it on the blockchain. Attestations are distinct from tokens or NFTs. They are essentially digital signatures on structured data known as Schemas. These Schemas define the data's structure and type, ensuring uniformity and clarity in attestations.
-
Verifiable Credentials (VCs): VCs represent a standardized format for attestations. They are digital claims made and cryptographically signed by one entity about another, verifying their authenticity and integrity. VCs are linked to Digital Identifiers (DIDs), which are unique identifiers managed by the individual or entity they represent. DIDs are recorded on blockchain registries.
-
Soulbound Tokens (SBTs): SBTs are non-transferable, publicly-verifiable digital tokens that signify an entity's credentials. However, there are certain challenges with this model. Presently, there are no established methods for recovering SBTs, and their non-transferable nature could lead to other complications, such as their potential use in spam activities
Let's explore how various projects are utilizing different technologies to enable credentials in users' wallets.
Ethereum Attestation Service (EAS) is setting the foundational standards for issuing attestations on the Ethereum blockchain. It's a tool for creating on-chain or off-chain attestations, centered around two primary functions: registering a schema and making attestations. EAS is gaining popularity and is being adopted by projects like Optimism, Coinbase, and Arbitrum as the default attestation service.
Verax is a shared, public attestation registry deployable on EVM chains, Verax is a community-maintained public good. Developed in collaboration with organizations like Clique, Consensys, and Gitcoin, it serves as a framework for attestations, allowing dApps to store and access data.
Clique is creating identity oracles to bring private web2 data onto the blockchain in a trust-minimized manner. This includes personal identity, private financial data, AI results, and more. They utilize a modular oracle stack with Zero-Knowledge Proofs (ZKP), Trusted Execution Environments (TEE), and Multi-Party Computation (MPC) to ensure anonymity, data confidentiality, and integrity. Clique's oracles support the creation of on-chain attestations and off-chain DIDs.
Intuition is a protocol for creating identities and issuing attestations for any digital entity: individuals, organizations, smart contracts and so on... It aims to establish a foundational layer for attestations which could eventually lead to reputation and trust networks, identifying reliable and unreliable actors in the space.
Coinbase Verifications offers a set of on-chain attestations verified by Coinbase, facilitating access to apps and other on-chain benefits. It leverages the Ethereum Attestation Service (EAS), an open-source public good included in the OP Stack."
Rabbithole has developed the Quest Protocol, a system that allows crypto protocols to reward users with credentials and compensation for completing tasks on the blockchain. Using this protocol, projects can incentivize user interactions with their smart contracts by offering ERC20 tokens. They can set specific criteria for these tasks, including the duration, reward amount, and the number of eligible participants. Once users successfully complete a Quest, they gain the ability to mint a 'Receipt' into their wallet. This Receipt not only allows them to claim their rewards in the future but also offers potential additional uses.
POAP, or Proof of Attendance Protocol, is a system that allows for the issuance of NFTs verifying the presence of attendees at specific events defined in terms of time and location. The type of events can be pretty broad and some use POAPs as personal business cards during conferences. These proofs are created as NFTs (Non-Fungible Tokens) and can be distributed through various methods like QR codes, claim links, or secret words, making them versatile and accessible.
Layer3, on the other hand, has developed into an interactive platform primarily focused on educational quests. Users are rewarded with NFTs and experience points (XP) as they complete various quests.
Galxe provides the necessary infrastructure to enable community members to curate and contribute to a growing library of digital credentials, further enriching the platform's educational value.
Reputation (2): passports and score generation
Beyond traditional credentials like VCs, attestations, and SBTs, there's a category of projects aimed at leveraging identity data for practical uses, such as generating passports or scores.
Gitcoin Passport provides 'stamps' based on the data in your wallet, such as ENS domains, Snapshot votes, Guild memberships, and web2 accounts. These stamps help in creating a more comprehensive digital identity.
Nomis.cc offers a scoring system for your wallets, based on their activity in various blockchain ecosystems or crypto sectors like DeFi. The scoring criteria include factors like the age of the wallet, average transaction time, and total number of transactions.
Degenscore initially concentrated on evaluating the wallet activities of DeFi enthusiasts, commonly known as 'degens.' It enables users to mint Soulbound Tokens (SBTs) that reflect and highlight their skills and competencies, drawing from both on-chain and off-chain data. Users holding these SBTs, or 'beacons,' can gain access to unique experiences crafted by Degenscore and other collaborative projects. This approach showcases a user's expertise and participation in the DeFi space, creating opportunities based on their proven track record.
0xScore is a more recent project doing a similar job by scoring your wallet and granting achievements based on wallet activity. It is positioned as a reputation and sybil resistance tool. The score is based on various parameters of a wallet's on-chain activity, including transactions, DeFi participation, the wallet’s social capital, etc.
Etherscore is a badge system to reward actions made on the Ethereum blockchain. Web3 users can claim EtherScore badges based on their usage of blockchains and Dapps. Badges are NFTs representing achievements that compose users' on-chain reputation. Badges are curated by the Etherscore DAO through a 1 badge 1 vote mechanism.
Regenscore is a simple reputation scoring for one wallet’s specific actions like participation in governance, donation to public goods funding, and contributing to events or projects mostly in the Ethereum and optimism ecosystem.
Orange protocol is a reputation and trust minting protocol that aggregates data and Web3 reputation models to generate comprehensive reputation proofs in the form of Verifiable Credentials and NFTs. It can be used to objectively calculate and assess the "reputation" for a Decentralized Identifier (DID), and associated wallet addresses. It takes multiple data points from both on-chain and offchain sources. The platform data providers from various onchain ecosystems as well as various model providers to compute reputation in various ways for different usecases.
Karma3 Labs is developing a ranking and reputation infrastructure based on the EigenTrust algorithm. This protocol enables developers to design robust recommendation systems and Sybil-resistant frameworks specifically for web3 social graph protocols. It also allows for the integration of on-chain reputation scoring within various communities. Additionally, developers can leverage this technology to enhance search and discovery functionalities in marketplaces and consumer applications, offering a more tailored and reliable user experience in the web3 space.
Philand allows users to build personalized Web3 worlds, where items reflect their onchain activity, achievements, and social graph. Items can be either bought on the Philand marketplace or earned through the completion of quests and campaigns created with partner projects.
Ampy is developing a digital music passport drawing from both on-chain and off-chain data sources. This dynamic, evolving NFT serves as a comprehensive record of a user's music-related activities, encompassing streaming, album sales, concert attendance, merchandising, social engagement, and newer elements like music NFTs and song shares. Users enhance their passport by engaging with and consuming music, earning points and rewards that improve their rank and the visual appeal of their passport. Data is stored on Ceramic
Receipts.xyz is designed to authenticate and map your peronal accomplishments directly to your wallet, starting with and integration with Strava, the web2 sports and social network app. The process begins by connecting your wallet to Receipts and authenticating your web2 account via OAUTH. This allows Receipts to automatically display your available accomplishments. You then have the option to select which achievements you wish to attest to and bring into your wallet. When an attestation is made by Receipts, the metadata of these accomplishments, drawn from the web2 account, is published to IPFS, making it publicly queryable. These attestations are facilitated using the Ethereum Attestation Service.
Relinkd adopts a similar concept but targets a more consumer-oriented audience with a gamified touch. Their focus is on building a reliable digital identity layer, making the process engaging for users.
Newcoin introduces a novel concept with its 'Proof of Creativity' protocol. It recognizes the value created by individuals on different platforms. By linking your platforms to Newcoin's website, you receive WATT tokens, which can lead to earning NCO tokens. Powering up other creators and inviting new ones can increase your WATT earnings.
Privacy
As we accumulate more on-chain data, the benefits are clear: Sybils are deterred, and we can build trust and reputation online. However, the transparency of crypto poses a challenge to privacy. When we connect our wallets to services, there's a risk of exposing all our wallet information. Advanced AI algorithms could even correlate separate wallets by analyzing transaction behaviors. This total transparency, while beneficial in some aspects, has major drawbacks, especially regarding sensitive information like transaction history, held NFTs, and KYC credentials.
This is where privacy technologies like Zero-Knowledge Proofs (ZKPs) and Stealth addresses become crucial:
Sismo allows users to consolidate all their on-chain accounts into a data vault and generate one-time ZK proofs using Sismo Connect. This enables users to authenticate into services while maintaining full privacy. Sismo's key feature is its ability to let users leverage their entire on-chain identity without risking exposure of their complete on-chain activities.
Holo enables users to prove various statements without disclosing their identity. This includes compliance requirements, establishing Sybil resistance, and wallet recovery. For instance, a user can prove residency in a specific country, offering a privacy-preserving method for KYC and combating Sybils.
Semaphore operates on a similar principle, emphasizing privacy in identity and transaction verification thanks to ZK proofs.
Polygon ID empowers users to establish trusted and secure interactions between themselves and decentralized applications (dApps), adhering to self-sovereign identity principles and prioritizing privacy. It facilitates connections between trust issuers and verifiers. Users can store claims, such as KYC verifications, in their personal wallets and utilize zero-knowledge proofs for private verification. Polygon ID enables secure, privacy-focused interactions with smart contracts and other identities without disclosing personal data.
Data aggregation and portability
Alongside the capability to maintain data as either fully or partially private, there's also the potential to aggregate all aspects of a user's identity data. This comprehensive data collection can then be selectively shared by the user for purposes such as authentication, authorization, and gaining access to various services or applications.
Disco This decentralized identity platform allows end-users to create their own 'data backpack,' essentially a decentralized identifier (DID), and manage verifiable credentials attached to it through the Disco app. The data is stored on Ceramic, a decentralized data management layer. Users can selectively share their credentials with services or access control systems. Disco is increasingly aiding credential issuers in issuing, tracking, and managing verifiable credentials and is exploring the use of claim links for these credentials.
Rarimo serves as an interoperability layer, enabling the transfer of identity data between different blockchains while preserving privacy. This is achieved through an independent system of oracles and validators. Rarimo also incorporates W3C standards for verifiable credentials and employs Zero-Knowledge Proofs (ZKP) technology to ensure secure and private data replication across chains.
UX and onboarding
This category highlights projects aimed at addressing the challenges in onboarding users onto applications. Their focus is on progressively transitioning users to become custodial owners of their assets. This approach is designed to reduce churn and enhance the overall user experience.
Privy is a simple toolkit for progressive user authentication and user management. Privy builds authentication, authorization and data control tooling is currently enabling embedded wallets enabling a gradual onboarding experience. Users can sign in to your app with a crypto wallet, an email address, their phone number, or even a social profile (e.g., Twitter or Discord). If they need to users can access their private key and port their wallet elswhere if they need to.
Dynamic is also working on providing smooth onboarding for dapp users through embedded wallets, from onboarding to authentication and user management through helping builders capture information bout their user during onboarding and creating user profiles.
Lit Protocol is distributed cryptography for encryption, compute, and programmable signing. As a generalizable key management layer, Lit provides developers with a comprehensive toolkit for managing sovereign identities on the open Web, enabling things like Seed-phraseless authentication, decentralized access control. Lit’s Programmable Key Pairs (PKPs) product can be utilized by app developers to build a white-label MPC wallet solution that delivers a more flexible and seamless onboarding experience to their end users.
Sign-In with Ethereum (SIWE) outlines a method for Ethereum accounts to authenticate with off-chain services. This is done by signing a standard message that includes scope, session details, and security features like a nonce. The aim is to offer a self-custodied alternative to centralized identity providers, enhance interoperability for Ethereum-based authentication across various services, and provide wallet vendors with a uniform format for better user experience and consent management. Unlike traditional wallet connections, SIWE enables dApps to remember and utilize users' past interactions for a more personalized experience.
Namespaces
Namespaces are a crucial component of web3 identity, often seen on platforms like Twitter and frequently used during interactions with other web3 identities. They primarily serve as human-readable identifiers, linking to various blockchain addresses. Additionally, namespaces can symbolize a user's affiliation with specific communities, making them both functional and representative in the web3 ecosystem.
ENS simplifies the process of mapping human-readable names like 'alice.eth' to machine-readable identifiers, including Ethereum addresses and other cryptocurrency addresses, content hashes, and metadata. Unlike the centralized traditional DNS system managed by ICANN, ENS operates on the Ethereum blockchain as a decentralized system and is governed by the ENS DAO.
Unstoppable domains is another, similar namespace provider. It provides a few addtional services like messaging and profiles. It isn’t governed by a DAO.
Everynames helps devs navigate the somewhat fragmented namespace providers landscape (ENS, Lens, Farcaster, and Unstoppable Domains) by allowing them to resolve data from every web3 name service with a single query.
Lens protocol also has its own .lens namespace that is coupled with Lens profile NFTs and since Lens v2 decoupled from Lens handles.
Data & APIs
The data layer forms an essential part of the web3 identity stack. Developers often depend on third-party services to access web3 social data. Ceramic is a well-established player in this space, whereas newer entrants like Neynar, Airstack, and Jomo have begun to emerge over the past year.
Ceramic offers a user data storage solution, powering projects like Disco or Gitcoin Passport. On Ceramic users have decentralized identifiers (DIDs) and cryptographically sign their activity data which is then organized into data ‘streams’ stored on IPFS, accessible by dApps with user authorization.
Neynar provides access to data from the Farcaster social graph through their API. They also provide developers with Farcaster infrastructure like Hubs. It's a key resource for developers building on the Farcaster social graph.
Airstack is a web3 development platform that provides powerful GraphQL APIs for integrating on-chain and off-chain data into any application. With Airstack, you can easily connect your applications to any web3 ecosystem.
Jomo provides developers with the tools to easily access verified self-sovereign user data from various sources, empowering them to create personalized experiences that cater to the user. With Jomo, users can own and manage their own data across the different applications. Their trading activities on an exchange, which wallets did they use, where have they travelled to, what tv series are their favorite, which university did they graduate from, the list goes on and on.
Thank you for reading issue #5 of The Rise of Web3 Social! Feel free to DM me with feedback or inquieries here. And don’t forget to mint the video!