Every 6-12 months in crypto sees the emergence of a new TLA (Three Letter Acronym) that is enormously hyped before it peters out when people become excited by the next. The latest TLA however, so called Soul-Bound Tokens (SBTs), have prompted me to at last write about the challenges of decentralised identity and reputation: an area which, despite the considerable research behind it, seems to have once again seemingly been ignored by the TLA creators.
Identity-on-the-blockchain is nothing new, and people in the industry have been seriously working on such concepts since roughly 2016. Broader digital identity research goes back to the 90s, or perhaps earlier by some definitions. I was working on it from 2016 to 2018 in varying capacities. In doing so, I saw first-hand the fundamental challenges not only of building a decentralised identity solution, but of the idea of even defining the concept of decentralised identity.
Before all this, I was optimistic about the concept myself.
So it’s worth walking through the various challenges faced in building decentralised identity, and why it’s not simply a matter of creating a “Soul-Bound Token”.
1. You can’t just create a digital representation of a philosophical concept.
One of my biggest qualms of the idea of SBTs is the very name - and the description as has been provided to me by several advocates - seems to imply a difference between “soul” and “identity”. There was a running joke we had when I was working on digital identity that the first 25% of any digital identity workshop would involve attempting to define exactly what we mean by identity.
“Identity” is a philosophical concept, and the definition is something over which multiple philosophers over the years have debated. And yes, it often includes “soul”. Consequently, I can’t help but feel that the fact that parts of the crypto community in determining that an implementation of a “soul-bound token” will be different to an “identity-bound token” did so without being aware of any of the long-held discussions around defining “identity” in the realm of digital identity the first place.
Consequently, if “soul” and “identity” are indeed different and the differentiation is justified, we should really have some philosophical argument conclusively demonstrating that so we can all agree on it. Good luck, I guess.
So let’s just say that “soul-bound token” and “identity token” are the same. Let’s dive into the issues there.
2. It’s unclear how this will be different, let alone better, than current identity standards and products.
The digital identity community has been working for quite some time, and a good rule of thumb before you dive into any new area is to look into what work has been done in that area before you. For example, the W3C Credentials Community group has been developing standards for Decentralised Identifiers for several years . These standards themselves have come after several other global identity schemes, going back to the 1980s.
If we look at just DID standards, there are “103 experimental DID Method specifications, 32 experimental DID Method driver implementations, a test that determines whether or not a given implementation is conformant with this specification and 46 implementations submitted to the conformance test suite.”
So compared to these various specifications, standards, and implementations, what is the specific value that a new identity token will provide? What will be the architecture?
So let’s just say that a new identity token is simply an implementation of a DID standard. “Sure, we’ve called it a “Soul-Bound Token” which is really just an identity token, and that identity token is simply implementing a standard that has already been developed. Isn’t that fine?”
I mean, it’s a fair implementation, but it’s not going to achieve everything that people claim “decentralised identity” token can achieve. For a start, you need verified credentials.
3. Establishing identity credentials requires a central authority.
DIDs are the greater framework within which decentralised identity credentials fit. Your name, date of birth, or anything else which as an attribute may be unique to you and compose part of what you what to provide in an identity object would be stored as a “verified credential”, which itself has a different standard. Verified credentials require someone, somewhere, to verify that that credential is applicable to you. The value of this credential therefore is really only as good as the authority that provided it, and it’s unlikely that any authority would provide such a credential without conducting some form of KYC.
Consequently, a DID can be held without dependency on a central party, and can be used to identify oneself or provide verified credentials as needed, however said credentials will ultimately require one or more central authorities and a KYC process: exactly what many Twitter proponents of “a simple decentralised identity” is meant to address.
“But what if instead of a central authority, people could vote on other people’s credentials to establish their credentials without relying on one party?”
Wow. Crazy you mention that very specific idea, because you’re now talking about decentralised reputation, which I did quite a bit of work on. And where I got to was:
4. Decentralised reputation is all but impossible
At least, that is, in the form where you are looking to achieve one single, globally applicable true value with the knowledge and technology we currently have.
Some years ago I thought I had had a breakthrough when I architected a system that would allow anyone to provide verified credentials to others in a fully decentralised manner. Using homomorphic encryption, out-of-band communication to verify credentials, and a blockchain (of course) to time-anchor credentials and provide a reward-and-punishment mechanism, it had everything it needed to provide everyone in the world a secure, truly decentralised identity. I’ve linked to the white paper here. (Note: I never published this, so this is the first time it’s made public. For historical integrity, I have not altered it at all other than to add a disclaimer.)
Problem is, that’s not how reputation systems work.
Designing reputation systems themselves is a complete area of study in itself, and for anyone interested I would highly recommend “Building Web Reputation Systems” by F Randall Farmer and Bryce Glass. The short story, however, is that reputation systems are not stable, and they naturally form feedback loops: the results they provide in themselves impact the data they may be given in the future.
When anyone has the ability to provide a ranking of something, and that ranking has value, that ranking will be manipulated. Not only are you talking about preventing Sybil attacks to reduce the same person ranking something more than once, but you also need to prevent people from coordinating abuse of the system. How do you determine thresholds for quality? How do you ensure those quality thresholds aren’t filtering out valuable information as the system dynamics change over time? Consequently, reputation systems such as those created by Google, Yelp, and TripAdvisor have their algorithms adjusted on sometimes a weekly basis to maintain their integrity.
So if centralised reputation systems need tuning every week, how was I going to create a system that, once deployed, would never need updating from a central party?
Consequently, when someone is able to build a centralised reputation system that works perfectly and never needs updating, at that point we can discuss the building of a decentralised one and how we might be able to address Sybil attacks: but to my knowledge, none exists.
Defining the philosophical concept of identity is hard: creating digital identity is harder. It needs more people working on solving these issues, but they will never be solved if people don’t appreciate the gradient of the mountain they are looking to climb.
One thing that will certainly not fix this litany of challenges in one go is a token.