Over the past few weeks, I've been learning about Web3 Identity and a series of projects that come together to help us solve painful Web3 problems like airdrop hunters and sybil attackers, while giving us a way to start with applications Lay the foundation for a frictionless internet user experience Use our social graph app to enjoy highly customized services without the need for login/logout while protecting data privacy. Maybe even get some reward from the value we create by doing things online. ㋡
So I did what I knew and created a quick map of this emerging space. Keep in mind that items on this map may fit into more than one category at the same time.
Please note that you should do your own research to double-check what I report in this article. Mostly, I get information from individual projects' documentation and websites (and sometimes podcasts and articles).
personal I.D
Proof of Character is a straightforward way to combat drop hunter and witch attacks. It enables individuals to demonstrate their unique human identity using verified on-chain identifiers. This process helps ensure that every participant in the network is a real person, thereby enhancing the integrity and fairness of the system.
Worldcoin uses biometric technology to identify users, similar to fingerprints in a passport. It uniquely identifies individuals by scanning their iris using a specialized device, creating a blockchain identifier called WorldID. However, due to privacy concerns over using highly sensitive biometric data, Worldcoin faced serious criticism. In this case, a data breach or any security breach can have serious repercussions. In addition, Worldcoin The main challenge is the operational complexity and associated costs of individually scanning a global population using specialized hardware.
BrightID also focuses on identifying unique individuals, but it takes a different approach than hardware-based solutions. Instead, it uses a process called "social graph-based verification." This method involves users authenticating each other through live video calls (BrightID) and a peer-to-peer rating system (Aura). However, this approach also faces its own set of challenges. Building a verified social graph from scratch is a complex task and has privacy concerns, especially since individuals involved in the verification process can identify each other in real-time calls.
Anima is a project developed by Synaps, a KYC provider for cryptocurrency companies, that uses facegraph technology as a biometric means to generate proof of personality credentials. These credentials can also be generated using traditional identification such as a passport. All identification is stored in a personal safe and can only be accessed using the user's key.
Absinthe Labs adopts a lightweight approach to solve the Sybil attack problem through on-chain verification codes. This approach helps protect smart contracts from bot interference. Absinthe Labs' system ensures that each CAPTCHA challenge is unique and sent directly by the account that needs resolution. After users complete a challenge, they can log in continuously for a period of time.
In a recent paper discussing personality attestation, Vitalik Buterin proposed a hybrid approach that combines biometric and sociograph-based methods. He recommends setting up a network first using biometric data and hardware to establish a foundation of trust. Thereafter, the network can be expanded through social graph-based verification.
However, solving the Sybil attack problem is unlikely to come with a single solution. Instead, the identity space as a whole is approaching the problem from different angles, employing a variety of methods and strategies to effectively address this challenge.
Reputation (1): Credentials and Attestation Tools
nft://undefined/undefined/undefined?showBuying=true&showMeta=true
Building trust in the on-chain world isn’t limited to proving one’s uniqueness as a human being. A more nuanced approach might involve creating an on-chain trust network, which could be achieved by accumulating on-chain credential records related to identities. Unlike proof of identity, these credentials can be issued by different entities and mean different things to different people. As our wallets collect various credentials, they begin to build a rich tapestry of data. This accumulation enables the formation of identity and reputation systems that more closely reflect the intuitive ways in which we, as individuals and institutions, build trust in the real world.
Here are three credential technologies in use today:
- Proof : These functions are a simple yet effective system where any entity can make a claim against another entity, sign it and record it on the blockchain. Proofs are different from tokens or NFTs. They are essentially digital signatures of structured data (called schemas). These schemas define the structure and type of data, ensuring consistency and clarity of proofs.
- Verifiable Credential ( VC ) : VC represents a standardized format for certification. They are digital claims made and cryptographically signed by one entity to another, verifying their authenticity and integrity. VCs are associated with digital identifiers (DIDs), which are unique identifiers managed by the person or entity they represent. DIDs are recorded in the blockchain registry.
- Soul-Bound Token (SBT) : SBT is a non-transferable, publicly verifiable digital token that represents an entity’s credentials. However, there are certain challenges with this model. Currently, there is no established method for recovering SBTs, and their non-transferable nature may lead to other complications, such as their potential use in spam campaigns
Let’s explore how different projects leverage different technologies to enable credentials in user wallets.
The Ethereum Attestation Service (EAS) is developing basic standards for issuing proofs on the Ethereum blockchain. It is a tool for creating on-chain or off-chain proofs, centered around two main functions: registering a schema and making proofs. EAS is growing in popularity and is adopted as the default attestation service by projects such as Optimism, Coinbase, and Arbitrum.
Verax is a shared public certificate registry that can be deployed on the EVM chain. Verax is a public product maintained by the community. Developed in partnership with organizations such as Clique, Consensys, and Gitcoin, it serves as a proof-of-concept framework that allows dApps to store and access data.
Clique is creating identity oracles to bring private Web2 data to the blockchain in a trust-minimized manner. This includes personal identities, private financial data, AI results, and more. They utilize a modular oracle stack with Zero-Knowledge Proofs (ZKP), Trusted Execution Environment (TEE), and Multi-Party Computation (MPC) to ensure anonymity, data confidentiality, and integrity. Clique's oracle supports the creation of on-chain proofs and off-chain DIDs.
Intuition is a protocol for creating identities and issuing proofs for any digital entity: individuals, organizations, smart contracts, etc... It aims to build a base layer of proofs that could eventually lead to a network of reputation and trust, identifying reliable and unreliable Actors in reliable spaces.
Coinbase Verifications provides a set of on-chain proofs verified by Coinbase to facilitate access to applications and other on-chain interests. It leverages the Ethereum Attestation Service (EAS), an open source public product included in the OP Stack.
Rabbithole developed the Quest Protocol, a system that allows cryptographic protocols to reward users with credentials and rewards for completing blockchain tasks. Using this protocol, projects can incentivize user interaction with their smart contracts by providing ERC20 tokens. They can set specific criteria for these tasks, including duration, reward amount, and number of eligible participants. Once the user successfully completes the task, they can deposit the "receipt" into their wallet. Not only does this receipt allow them to claim rewards in the future, but it also provides potential additional uses.
POAP (Proof of Attendance Protocol) is a system that allows the issuance of NFTs to verify that attendees attended a specific event defined by time and location. Event types can be quite broad, and some use POAP as a personal business card during meetings. These proofs are created in the form of NFTs (non-fungible tokens) and can be distributed through various methods such as QR codes, claim links or secret words, making them versatile and accessible.
Layer3, on the other hand, has evolved into an interactive platform focused primarily on educational tasks. Users will be rewarded with NFT and experience points (XP) when completing various tasks.
Galxe provides the necessary infrastructure to enable community members to manage and contribute to a growing library of digital certificates, further enriching the educational value of the platform.
Reputation (2): Passport and Score Generation
In addition to traditional credentials such as VC, attestation and SBT, there is a class of projects that aim to leverage identity data for practical purposes, such as generating passports or scores.
Gitcoin Passport provides "tokens" based on data in your wallet, such as ENS domains, snapshot votes, Guild memberships, and web2 accounts. These seals help create a more comprehensive digital identity.
Nomis.cc provides a scoring system for your wallet based on its activity in various blockchain ecosystems or crypto fields such as DeFi. Scoring criteria include factors such as wallet age, average transaction time and total number of transactions.
Degenscore initially focused on measuring the wallet activity of DeFi enthusiasts (commonly known as “degens”). It enables users to mint Soul Bound Tokens (SBT) from on-chain and off-chain data to reflect and highlight their skills and abilities. Users who hold these SBTs, or "beacons," have access to unique experiences created by Degenscore and other collaborative projects. This approach demonstrates a user’s expertise and engagement in the DeFi space and creates opportunities based on their proven track record.
0xScore is a newer project that does a similar job by scoring your wallet and awarding achievements based on wallet activity. It is positioned as a tool for reputation and resistance to Sybil attacks. The score is based on various parameters of the wallet’s on-chain activity, including transactions, DeFi participation, the wallet’s social capital, and more.
Etherscore is a badge system used to reward actions performed on the Ethereum blockchain. Web3 users can claim EtherScore badges based on their usage of blockchain and Dapps. Badges are NFTs that represent achievements and constitute a user’s on-chain reputation. Badges are managed by the Etherscore DAO via a 1-badge-1 voting mechanism.
Regenscore is a simple reputation score for a wallet’s specific behaviors, such as participating in governance, donating public goods funds, and contributing to activities or projects primarily in the Ethereum and Optimistic ecosystems.
Orange Protocol is a reputation and trust minting protocol that aggregates data and Web3 reputation models to generate comprehensive proof of reputation in the form of verifiable credentials and NFTs . It can be used to objectively calculate and assess the “reputation” of decentralized identifiers (DIDs) and associated wallet addresses. It takes multiple data points from both on-chain and off-chain sources. Platform data providers from various on-chain ecosystems, as well as various model providers, calculate reputation in various ways for different use cases.
Karma3 Labs is developing ranking and reputation infrastructure based on the EigenTrust algorithm. This protocol enables developers to design powerful recommendation systems and Sybil-resistant frameworks specifically for the Web3 social graph protocol. It also allows for the integration of on-chain reputation scores within various communities. In addition, developers can leverage this technology to enhance search and discovery capabilities in marketplace and consumer applications, providing a more customized and reliable user experience in the Web3 world.
Philand allows users to build personalized Web3 worlds with projects that reflect their on-chain activities, achievements, and social graphs. Items can be purchased on the Philand Market or earned by completing tasks and activities created with partner projects.
Ampy is developing a digital music passport that leverages on-chain and off-chain data sources. This dynamic, ever-evolving NFT can comprehensively record a user’s music-related activities, including streaming, album sales, concert attendance, merchandising, social engagement, and new elements such as music NFTs and song sharing. Users enhance their Passport by participating and consuming music, earning points and rewards that improve their rankings and the visual appeal of their Passport. Data is stored on Ceramic .
Receipts.xyz is designed to verify your personal achievements and map them directly to your wallet, starting with and integrating with Strava (Web2 sports and social networking application). The process starts by connecting your wallet to Receipts and verifying your Web2 account via OAUTH. This allows receipts to automatically display your available achievements. You can then choose which achievements you want to prove and put in your wallet. When Receipts are attested, the metadata for these achievements extracted from the Web2 account is published to IPFS, making it publicly queryable. These proofs can be facilitated using the Ethereum proof service.
Relinkd uses a similar concept but uses a gamified approach to target a more consumer-oriented audience. Their focus is on building a reliable digital identity layer that makes the process attractive to users.
Newcoin introduces a novel concept with its “Proof of Creativity” protocol. It recognizes the value created by individuals across different platforms. By linking your platform to Newcoin's website, you will receive WATT tokens, which can earn NCO tokens. Supporting other creators and inviting new creators can increase your WATT income.
privacy
As we accumulate more on-chain data, the benefits are clear: witches are frightened and we can build trust and reputation online. However, the transparency of cryptocurrencies poses privacy challenges. When we connect a wallet to a service, there is a risk of exposing all wallet information. Advanced artificial intelligence algorithms can even correlate individual wallets by analyzing trading behavior. This complete transparency, while beneficial in some ways, also has significant drawbacks, especially when it comes to sensitive information such as transaction history, NFTs held, and KYC credentials.
This is where privacy technologies like zero-knowledge proofs (ZKP) and stealth addresses become crucial:
Sismo allows users to consolidate all on-chain accounts into a single database and generate one-time ZK proofs using Sismo Connect. This enables users to authenticate within the service while maintaining complete privacy. Sismo’s primary feature is the ability for users to leverage their entire on-chain identity without risking exposing their complete on-chain activity.
Holo enables users to prove various statements without revealing their identity. This includes compliance requirements, building Sybil resistance, and wallet recovery. For example, users can prove residence in a specific country, providing privacy protection methods for KYC and combating Sybils.
Semaphore follows a similar principle, emphasizing privacy in identity and transaction verification through ZK proof.
Polygon ID enables users to establish trusted and secure interactions between themselves and decentralized applications (dApps), adhering to self-sovereign identity principles and prioritizing privacy. It facilitates the connection between trusted issuers and validators. Users can store claims such as KYC verification in their personal wallets and leverage zero-knowledge proofs for private verification. Polygon ID enables secure, privacy-focused interactions with smart contracts and other identities without revealing personal data.
Data aggregation and portability
In addition to being able to keep data fully or partially private, there is also the possibility to aggregate all aspects of a user's identity data. Users can then optionally share this comprehensive collection of data for purposes such as authentication, authorization, and access to various services or applications.
Disco is a decentralized identity platform that allows end users to create their own “data backpack,” essentially a decentralized identifier (DID), and manage the verifiable credentials attached to it through the Disco application. Data is stored on the decentralized data management layer Ceramic. Users can optionally share their credentials with services or access control systems. Disco increasingly helps credential issuers issue, track and manage verifiable credentials and is exploring claims linking using these credentials.
Rarimo acts as an interoperability layer, enabling the transfer of identity data between different blockchains while protecting privacy. This is achieved through a separate system of oracles and validators. Rarimo also incorporates the W3C standard for verifiable credentials and uses zero-knowledge proof (ZKP) technology to ensure secure and private data replication across chains.
User experience and onboarding
This category highlights projects designed to solve user challenges in using applications. Their focus is on gradually turning users into custodial owners of assets. This approach aims to reduce customer churn and enhance the overall user experience.
Privy is a simple toolkit for progressive user authentication and user management. Privy builds authentication, authorization, and data control tools and is now supporting embedded wallets, enabling a progressive onboarding experience. Users can log in to your app using a crypto wallet, email address, phone number, or even a social profile such as Twitter or Discord. Users can access their private keys and move their wallets elsewhere if desired.
Dynamic is also committed to providing smooth onboarding services for dapp users through embedded wallets, from onboarding to authentication and user management, helping developers capture information about users during onboarding and creating user profiles.
Lit Protocol is a distributed cryptographic technology for encryption, computation, and programmable signatures. As a universal key management layer, Lit provides developers with a comprehensive toolkit for managing sovereign identities on the open web, enabling seedless phrase authentication, decentralized access control, and more. Application developers can leverage Lit's Programmable Key Pair (PKP) product to build white-label MPC wallet solutions, providing a more flexible and seamless onboarding experience for end users.
Sign-In with Ethereum (SIWE) outlines a method for Ethereum accounts to be authenticated through off-chain services. This is done by signing a standard message that includes security features such as scopes, session details, and nonces. Its purpose is to provide a self-hosted alternative to centralized identity providers, enhance the interoperability of Ethereum-based authentication across various services, and provide a unified format for wallet providers to enable a better user experience and consent management. Unlike traditional wallet connections, SIWE enables dApps to remember and leverage users’ past interactions for a more personalized experience.
domain name space
Namespaces are an important part of Web3 identities, frequently seen on platforms such as Twitter, and used frequently when interacting with other Web3 identities. They are primarily used as human-readable identifiers linked to various blockchain addresses. Additionally, namespaces can symbolize a user's affiliation with a specific community, making them both functional and representative within the web3 ecosystem.
ENS simplifies the process of mapping human-readable names (such as "alice.eth") to machine-readable identifiers (including Ethereum and other cryptocurrency addresses, content hashes, and metadata). Unlike the centralized traditional DNS system managed by ICANN, ENS runs on the Ethereum blockchain as a decentralized system and is managed by the ENS DAO.
Unstoppable fields is another similar namespace provider. It provides some additional services such as messaging and configuration files. It is not governed by the DAO.
Everynames helps developers navigate the somewhat fragmented environment of namespace providers (ENS, Lens, Farcaster and Unstoppable Domains) by allowing them to parse data from each web3 name service with a single query.
The Lens protocol also has its own .lens namespace, which is coupled to the Lens configuration file NFT and, since Lens v2, decoupled from Lens handles.
Data and API
The data layer forms an important part of the Web3 identity stack. Developers often rely on third-party services to access web3 social data. Ceramic is an established player in this space, but new entrants such as Neynar, Airstack and Jomo have begun to emerge in the past year.
Ceramic provides user data storage solutions, powering projects such as Disco or Gitcoin Passport. On Ceramic, users own decentralized identifiers (DIDs) and cryptographically sign their activity data, which is then organized into data "streams" stored on IPFS and accessible to dApps authorized by the user.
Neynar provides access to Farcaster social graph data through its API. They also provide developers with Farcaster infrastructure such as Hubs. It is a key resource for developers building on the Farcaster social graph.
Airstack is a Web3 development platform that provides a powerful GraphQL API for integrating on-chain and off-chain data into any application. With Airstack, you can easily connect your application to any web3 ecosystem.
Jomo provides developers with the tools to easily access verified, self-sovereign user data from a variety of sources, allowing them to create personalized experiences that cater to their users. With Jomo, users can own and manage their data across different applications. Their trading activity on exchanges, which wallets they use, where they travel, what their favorite TV series are, what university they graduated from, the list goes on.
