The Feasibility of On-Chain Identity
A Dive into the Benefits and Consequences of Soulbound Tokens
Written by Austin Yao and Laura Li
Introduction
Identity, at its basic level, is one of the few things that is well-defined in life. From the most obvious standpoint, Alice can look at Bob and recognize Bob based on his appearance with a very high level of confidence — this is the visual aspect of identity that we use every day. But we’ve also extended identity to names, addresses, and nationalities, which provide means for storing data about humans and a method of communication. These applications capitalized on the ability to distinguish and associate between different people, and without this notion of identity, it would be very difficult to enforce an organized society of different interactions effectively.
The advent of Web3 unleashed a new ethos of interactions between users. Built on the concept of decentralization, Web3 eliminated the power and inefficiencies of middlemen and facilitated the ability for users to interact trustlessly with one another. Although initially rooted in fundamental
transactions of money (e.g. Bitcoin), Web3 has come to take advantage of more powerful advantages of decentralized technology, beginning with the rise of Ethereum. Since this new era of “Blockchain 2.0”, Web3 has led to more holistic applications and a wider demographic of users. As the community continues to scale, a growing question is that of on-chain identity.
Currently, there is no consensus on the notion of identity other than a user’s wallet address. Such a challenge is different in Web3 than in Web2. Web2 is widely accepted as an “un-trustless” network, meaning the onus is on the user to conduct due diligence on who they rely on to facilitate transactions. Since Web3 is built so that users can trust the integrity of the blockchain, we need a more robust concept of identity than what suffices in Web2.
Identity empowers more complex and efficient interactions in the real world. Likewise, in Web3, establishing a prominent notion of on-chain identity would unlock the ability for interactions such as undercollateralized lending. Such implementations would give more power to the potential of Web3, but the specifics of what identity looks like on-chain remain in question. In this piece, we will be sharing two sides of the debate on issues such as whether or not identity should be public or private, how identity affects the future outcomes of Web3 and vice versa, and the fundamental question of what identity’s role should be in Web3.
What do we see the future of Web3 to be? How is this intrinsically intertwined with identity and design principles?
Laura’s Opinion
With the development of Web3, new functionalities and applications will constantly emerge. Today, most NFTs are ownership certificates for digital art or collectibles, and most of the applications are limited to a financial context. However, Web3 can be way more than this.
With so many possibilities awaiting for us to explore, it is really hard if not impossible to clearly picture the future of web3 at this early stage, but it must be a shared hope to make Web3 a digital parallel to the real world that is more transparent, private, and decentralized. Thus, when talking
about identity and design principles, we shouldn’t constrain the potentials of Web3 by tailoring our solutions towards some narrow use cases and applications. Rather, we should focus on defining the fundamental principles and standards that set a baseline for the space.
One of the biggest underlying dangers of decentralization lies in the lack of moral binding which results from an absence of regulations enforced by central authoritative organizations. It is human nature that people will only have a sense of moral constraints when there is a clear 1 on 1 identity and reputation binding. Otherwise, with complete anonymity and no identity tracking, people doing whatever they want regardless of the consequences could become a huge destructive force. To ensure security and morality in the Web3 space, a robust identity system is a must.
Austin’s Opinion
The only thing that is certain about the future of Web3 is that it will see more users, likely with more complex interactions. Most people can agree that this is a good thing: in general, more users yield more innovation which yields richer applications and rapid growth, benefitting all users of the network.
Beyond that, however, it’s difficult to speculate about the environment that Web3 will be best situated to fit. Even today, it seems that Web3 is a diverse ecosystem of small, novel applications with some stratified groups like DeFi and GameFi. It may be the case that Web3 never gains the traction to onboard the average user from Web2 and pivots to be a platform used for niche decentralized finance applications, which is its biggest use case today. But it is also possible that Web3 will become a core aspect of everybody’s lives, in the same way that Instagram and Google have dominated Web2.
It’s important to bring up these different possibilities because they reveal the unpredictability of the adoption of new technology. We shouldn’t tailor our design principles off of what we “think” Web3 will be or what it should be, but instead, we should build it to the general use case without
making any particular assumptions. Even if it seems like Web3 is trending towards a culture dominated by financial applications and DeFi enthusiasts, we would be selling the potential of Web3 short by making user experience recommendations suitable for finance but unintuitive for a general application.
A centerpiece of this philosophy, and something that will be elaborated on more by me and Laura, is the discussion surrounding permanent public identity, representing details such as reputation scores, provenance, and user interactions. As a quick introduction, public identity allows any other users to see tokens measuring reputation, level of interaction, or any other metrics associated with another user. For DeFi, such a mechanism would bring positive changes by enabling the ability to undercollateralize a loan and keep protocols more secure by whitelisting certain reputation scores.
If we zoom out from the DeFi microcosm though, permanently public identity bodes a dystopian future. In particular, Web3 would become a graph of users, contracts, and mappings of their complex interactions. We would be able to easily connect any address to their real-world identity, reveal secrets about users that they may not want to be shared, and swiftly isolate or “cancel” a group of users from interacting with Web3. The ethical implications of such a user infrastructure would choke the onboarding of new users onto Web3—no one wants to make themselves vulnerable to such a ruthless network.
Thus, by conforming ourselves to a view of what we think Web3 “will” be, we effectively disbar future use cases of Web3 that offer equally as much promise. We shouldn’t incorporate a concept of identity that, for example, enables undercollateralized lending but blockades all sorts of other
applications with new users. This may be reasonable when governing a “mature” chain, but Web3 is certainly still growing at a fast pace. On a separate note, I would argue that the reason why DeFi dominates is that money is the most obvious use of decentralization and was directly proposed in the original Bitcoin whitepaper. We often see that as there is more volume and users, innovators gain a better understanding of the underlying technology and its potential, leading to a Cambrian explosion of growth as the network branches out. We have not yet reached that stage in Web3, and we shouldn’t cut ourselves off from doing so.
Over time, there will naturally be mechanisms that keep track of identity in Web3. Should identity be publicly held (visible to anyone and everyone), private (user has full discretion over who sees what), or hybrid?
Laura’s Opinion
Allowing users to own their data is one of the most crucial advances from Web2 to Web3. In line with the fundamental principle of Web3, I totally agree that users should have control over their personal information and have the right to determine who can see what information. However, trust is one of the main challenges affecting the Web3 industry. How can you trust a person’s reputation in a system designed to be trustless? In order to maintain a healthy ecosystem and ensure safety in the space, I think a hybrid model would be more appropriate, where indelible
stains in a user’s reputation history, for example, should be permanently marked and exposed to the public, while other benign or neutral identity information should be kept private to the users.
Privacy has been the center of controversy surrounding SBTs as some would argue that making users’ identities visible to the public challenges the principles of Web3. But is it really impossible to find a balance between exposing enough information to make reputation staking and mapping social circles possible without compromising individuals' privacy? Perhaps not.
As Vitalik Buterin proposed in his research article, there are some possible implementations of private storage of SBT data through on-chain and off-chain storage.
The first method is to store data on-chain but hash the address. We could store the data item in an address that is a hash of the following data: (1) the index, (2) the recipient address, and (3) the recipient-specific secret. You can reveal your secrets to an interface and it will search all possible data items that belong to you, but no one will know which specific items are yours unless you leak it yourself. The secret provided by the user will allow the platform to find all data related to the user’s SBT. This approach allows for easy interoperability with the protocol, as all we need are the secrets, indexes, and addresses needed to retrieve the data item. However, deploying data items to specific addresses is cumbersome and consumes a lot of gas. Also, it doesn’t make sense to store all SBT-related data on-chain, as some data may be more suitable to be stored off-chain. More importantly, the project party has access to the user's secret, and continued use could result in leaks.
Another approach is to store the data off-chain on a third-party platform such as IPFS or other cloud services. Transferring secrets off-chain can expose users to vulnerabilities and various attacks. Once the security of the third party handling the SBT retrieval is compromised, the individual’s secrets are made public. Furthermore, the only way to prove that a user has a certain attribute is to disclose the secret. However, in order to create the anonymous compositionality of SBT so that different protocols can retrieve SBT data, users should expose the necessary minimum amount of data.
Thus, we need to consider another approach where the project is able to verify that the user has a certain property without the user revealing their secret. One possible solution is using ZK technology such as zk-SNARKs to help reduce the amount of secret sharing of users to keep their SBT data truly private and hidden from various means of attack.
Austin’s Opinion
Identity should always be private in Web3. It should always be the discretion of the wallet holder whether or not they would like to show a particular person an asset.
I disagree with Soulbound Tokens for a few reasons. The SoulBound Token (SBT) whitepaper proposes SBTs as a bottom-up system where users can authenticate each other and form their own communities. However, in order for an SBT to have utility in general use cases, it must first be issued from a recognizable entity/protocol. If you are actively involved in some obscure protocol, then most people will not recognize and accept your SBT. They also can’t verify anything about you from such an SBT—there are plenty of sketchy protocols out there on the mainnet.
These two conclusions, that the general community should be able to recognize and trust your SBT, lead to a scenario where only SBTs generated by large protocols have any kind of utility—think common trading protocols and games. This wouldn’t be a problem if sectors in Web3 are dominated relatively evenly by many protocols (i.e. many different communities hold competitive market share), but that’s not what we see today.
In DeFi, more than half of all unique user interactions belong to Uniswap, which is over 4x more than the 2nd and 3rd largest protocols. The disparity is even more pronounced in NFT marketplaces. OpenSea holds over 90% of all unique user interactions in this space and is roughly 60x larger than the second-largest NFT marketplace. You can visualize the power pyramid of web3 below.
What does this mean for identity in the way proposed by the SBT whitepaper? It means that what will happen may be completely opposite of what they envisioned; rather than a bottom-up, user-led system of verifying trust in Web3, we will see a top-down approach dominated by protocols like Uniswap and OpenSea. This is concerning because identity becomes centralized to a small handful of protocols. Even if the protocols themselves are decentralized, any mistakes they make are highly influential and widely propagated throughout the Web3 community. For example, if algorithms for issuing SBTs based on some metric of interaction are unintentionally biased against a specific demographic, many users on Web3 may be temporarily blacklisted from participating.
Other applications of SBTs have been proposed as ways to weigh users' votes to normalize the distribution of voters among different backgrounds or give priority to less represented users. Yet, while these applications realize a level of equity difficult to achieve in web2, they also create an interesting game theory scenario. If users know they may be implicitly penalized (equivalent to shadowbanning in web2 applications) by their primary communities for exploring niche or controversial interests, they won’t do so. This makes it really challenging to convince new users to embrace Web3. People should be able to be curious without facing consequences for doing so, and nobody wants to be perpetually tracked by some algorithm that publishes their standing for everyone to see from the moment they begin exploring the web.
With that said, I do believe that some forms of on-chain identity are valuable for the community, but they should always be issued to be private. With private identity, users can store Personal Identifiable Information (PII) without fear of being doxxed or tracked easily for everyone to see, but we preserve the ability for protocols to verify the humanity and reputation of users in a quick
way if the user elects to present their credentials to them. Privately held identity also gives the user granular control over how they are visible to other users on-chain. For instance, by using Zero-Knowledge (ZK) proofs, users can attest their right to vote without giving away details such as their gender, exact date of birth, and address like we would by presenting physical identification. Such a schema provides more ownership and power to the users, which is what the ethos of Web3 is arguably all about, while still maintaining the benefits offered by currently proposed SBTs albeit at a less efficient level.
Identity is exciting for Web3 because it unlocks interactions such as undercollateralized lending, sybil-defensible protocols, and more efficient methods of voting in DAOs. Do we think that these are viable applications of identity in Web3, and should we take these into account when building the design principles of Web3?
Laura Opinion
Holding zero monetary value and cannot be traded once issued to someone’s wallet, SBTs aim to turn the NFT concept into something beyond money and bragging rights, a token that is both one-of-a-kind and non-transferable.
As Ohlhaver et al suggests, a combination of SBTs and governance could eventually function as a bulwark against the hyper-financialization of Web3 (warned against by Nathan Schneider). As described in our shared vision, Web 3 shouldn’t be limited to narrow applications in a particular field such as finance. Building a trusted layer is the first and critical step toward reaching the full
potential and functionality of the space.
SBTs provide an instant solution to the token voting system which many Web3 entities and DAOs currently rely on. By issuing SBTs for participation, attendance, regular voting, more involved individuals are given higher weighted votes. This eliminates the problems of vote
manipulation by whales, whose financial status does not give them instant power. It also reduces the effectiveness of sybil attacks. The current DAO structure is very vulnerable to Sybil attacks where a single user can have multiple wallets and hoard tokens to reach 51% voting power and thus be able to manipulate decisions. SBTs can mitigate such risk by differentiating between unique Souls and probable bots. To do so, SBTs leverage multiple dimensions of information, such as educational credentials, licenses, or certifications, to form a comprehensive image of a Web3 user. As a result, bots can be instantly identified due to the lack of richness in their Souls.
Many issues surrounding the crypto gaming industry are based on high value in-game assets being transferable, enabling wealthy speculators to buy into the game at a high level and begin to profit immediately. This idea that the top level of a game can be bought into creates an unsustainable P2E economy. Through turning the highest value/best in game assets into soulbound items, there would be some assurance that people who play the game will earn the
most. This would prevent “whales” with capital coming in and running the economic loops faster than anyone else can.
Besides, SBTs have the potential of empowering uncollateralized lending with a credit score system. Currently, the Web3 ecosystem hasn’t been able to support credit and uncollateralized lending because there is no mechanism to gauge borrowers’ credibility and their ability to pay. SBTs can serve as a persistent record of credit-relevant history, allowing Souls to stake meaningful reputation to secure a loan. Specifically, such tokens can represent education credentials, work history, rental contracts, and other documentation that back a person’s credibility.
Austin Opinion
At its core, I believe on-chain identity is simply a mechanism to speed up Know Your Customer (KYC) verification and give users full discretion over their personal data to others. This is a great, fundamental application of decentralization and zero-knowledge proofs since current web2 KYC workflows are bureaucratic and incur lots of cost and labor overhead. Current KYC workflows also make it difficult for displaced consumers (e.g. refugees) to be re-onboarded to KYC-required platforms or organizations (e.g. banks, universities, countries). In contrast, decentralized identity allows near-instantaneous verification of a user’s PII by verifying the signature of the issuer and the contents of the credential the user holds. This fast finality makes blockchain and KYC more accessible to users around the globe.
Proposals such as SBTs or verified addresses are extraneous from the core functionality described above. The key issue is that while decentralized identity can increase speed and trust, identity on chain cannot be viewed analogously to identity in real life, so they can not be adequate or fully rigorous solutions to many of Web3’s security challenges. Crucially, while a person can only have one life that is well defined with a birth and death date in real life, this isn’t true on Web3. Users on Web3 can create multiple accounts like the Hydra and even transfer wallets from one person to another (i.e. trading identity and reputation).
This is a problem since many Sybil-resistant solutions assume an ability to map identity to wallets in a one-to-one (bijective) or immutable (nontransferrable) correspondence. Although there are protocols that attempt to bridge this gap, they all rely on a third-party, usually the government, to verify the authenticity of a user’s credentials. This centralized step in onboarding being determined by a very political entity is moderately concerning. For this reason, I am against relying on such protocols as an if and only-if verifier for on-chain KYC; that is, we shouldn’t accept or verify users solely based on a third-party verified credential.
If we can’t ensure bijectiveness without sacrificing decentralization, then it doesn’t seem like a lone-standing identity will be a viable solution for many of Web3’s security challenges. I bring this up because, at times, the ambitious philosophy around what identity ought to solve on-chain
compromises the ability of identity to provide its core functionality. If we can’t ensure that identity will properly solve many issues with full confidence, then there’s an argument to be made that we should throw away all notions of identity tokens and focus on making identity strongest for its core ideals.
Without identity, it is still possible to develop rigorous security measures such as Sybil attack prevention. I’m a fan of staking and using non-fungible liquidity tokens to lessen the financial impact on users. Other interesting ideas are tracking the time a user has held a token belonging to the protocol, or we could borrow ideas from distributed systems in real life. For instance, in signals processing, you could theoretically map the CPU power of a device to a node to see if they correspond (e.g. a node having a small percentage of the total CPU power may imply the device is being used for a Sybil attack). These possibilities should be explored as complements to traditional notions of identity for quick KYC, allowing developers to focus on developing a key that unlocks one door at a time.
Conclusion
The notion of on-chain identity has the power to propel user experiences on Web3 to a reimagined level, but we need to carefully consider the nuances of how protocols and new users alike will interact with an infrastructure of identity. As the future of Web3 continues to be built out, we should consider new implementations from the perspectives of users (new and onboarded alike), adversaries, and ultra-capitalists. Fundamentally, we need to figure out: what issues do we hope for identity to solve, and which issues should we prioritize at the expense of others? Though there isn’t a clear answer, especially when the future of what Web3 will look like remains murky, we feel that it is important for the Web3 community to come to a consensus and recognize the risks and rewards that our decisions will have.