In the world of Web3, how we maintain a unified identity in a decentralized environment and how to use our identity is what Coincu wants to discuss in this article.
What is DID decentralized identity?
DID is the abbreviation of Decentralized Identifiers, that is, decentralized identity. The focus of DID is decentralization and then identity.
Traditional Centralized Identity
In the centralized platform of Web2, every sentence, every transaction, and every behavior are collected and recorded by the platform to analyze our preferences and habits to form user portraits. For the Web2 platform, this is their tool for harvesting traffic. Fine user portraits plus big data algorithms push articles, videos, and even the next product you may like to your face so that users can stay on this platform, while the centralized platform has how to control and the way to realize the traffic. This means:
Control of platform content: For any creator who wants to provide content for platform users, when their content is deemed to be illegal or does not meet platform standards, they lose the opportunity to share their views.
Control user data: All data generated on the platform is essentially the content written into the platform’s database, which is owned by the centralized platform. That is to say; the platform can modify or even delete the user’s personal information and account at any time. For example, Gmail once deleted the user’s account and emails due to manual review errors, and the user lost everyone’s contact information overnight.
Classification of Decentralized Identity
DID provides new possibilities; users have complete control over the generation of identities and the use of identities. Since the introduction of DID to the crazy discussion in the market, we have seen different solutions based on the understanding of DID-based decentralized identities. The data type angle division includes:
- VC is the abbreviation of Verifiable Credential, which is a standard proposed by W3C in March 2022, and verifiers can prove its authenticity.
In the process of using VC, there will be three roles. The claimer holds the certificate, and the data in it needs to meet the requirements of fields, data types, and data sorting that match the certificate type. The notary Attester checks the data and confirms it is valid. Then use the private key to sign the VC, and then the verifier can verify the authenticity of the certificate without touching the notary and only needs to see the signed data.
VC itself is a standard that provides standards for different subjects to verify data. Although a certain degree of decentralization has been achieved, VC data does not necessarily need to be uploaded to the chain, so it does not guarantee the user’s data ownership. At the same time, what VC describes is not the identity of the user, but only a certificate that meets a certain standard, such as education, or medical insurance, so in the long run, VC may become the standard for Internet verification, but it is not a decentralized identity.
- Soulbound NFT does not support on-chain transfer, which means that SBT only belongs to a specific on-chain address
Based on the Soulbound NFT proposed by Vitalik, the data, and information carried by NFT are “soul-bound” in the user’s wallet address, which adds non-transferable attributes and solves the illusion that users themselves have achievements or experience by purchasing NFT or achievements. , which binds the unity of user behavior and identity
But the other side of soul binding is that it cannot be untied with NFT and user identity. In addition to the user’s active display of POAP or NFT, the user’s address can be maliciously airdropped NFT or maliciously labeled. Under such circumstances, the user can only be forced to accept and will be publicly displayed on the chain, causing the user’s reputation loss or even transaction failure, etc.
- The onchain reputation of the chain reflects the identity of the user through the interactive behavior on the chain
A successful transaction means that it is written into the block on the chain and can be viewed and verified publicly. Of course, ZKP provides a way to directly verify the transaction result without publishing the specific transaction content.
But every transaction and interaction of users on the chain can be recorded and analyzed. Whale alert itself is based on publicly visible data on the chain to track the behavior of large households.
Nansen’s Smart Money label can be said to vividly display what Black Swan author Nassim Taleb said: “Don’t tell me what you think, show me your portfolio.” The Degen score goes one step further by analyzing the data on the chain, extracting the score as proof of the user’s Degen, and providing a new identity label.
However, these labels themselves lack reasonable context and background introduction. For example, the address marked by smart money may only be one of the wallet addresses of the institution, and the selling or purchasing behavior of a single address may not fully infer the institution’s strategy. Maybe this is just one leg of the delta neutra strategy.
The act of an address alone is not enough to form a complete identity. Moreover, the reputation on the chain may be deceptive because the user can compensate for the interaction after the event or the illusion of reputation formed by purchasing in the secondary market. Of course, it is also possible to judge whether it is an ex-post compensation through the timeline and NFT transaction records, but this kind of on-chain data itself is lag-proof.
- The decentralized domain name, the decentralized domain name opened by ENS, can be said to be a kind of decentralized identity itself, and ENS’s name positioning based on ETH and its huge wealth effect has become a symbol of identity
ENS can directly reflect the identity through the name of the address by converting the seemingly garbled wallet address into a readable address. At the same time, the first launch effect and brand influence of ENS have basically become the domain name with the most application scenarios. At the same time, ENS can edit the content of websites and subdomain names, providing opportunities for customizing identities.
At the same time, ENS is composable as a contract on the chain, and different applications can be combined on the chain. For example, Philand generates a metaverse unique to the user through the relevant information of ENS, and Kola lab generates music NFT based on the user’s ENS. The visualization of information can be said to be representative of the composability of DID.
However, the transaction attribute of ENS can untie user identity and domain name identity, losing the continuity of identity. And the interaction based on the wallet address is still limited to the transaction information on the chain.
ENS is also currently only based on the Ethereum main network. Facing the current Layer 2, Layer 3, and other multi-level networks and multi-chain environments, it may not be comprehensive and may not be accurate. A complete description of a user’s identity; see the discussion of the wallet for details.
- Wallet address, as the entrance for users to interact with dapps on the chain, it can be said that for DAPPs and other wallet addresses are users, and the transaction records on the chain are the portraits of users.
Taking the wallet on the chain as the identity, such as Nansen smart wallet, can also be understood as the DID of the user in the transaction scenario. But in fact, a user may have multiple wallet accounts, and the transaction behavior of each account is different.
For example, one of the wallets of an institution is doing a unilateral strategy, and the other wallet is only doing delta neutra arbitrage behavior, so a single wallet cannot fully represent the actual behavior of a user. Moreover, in a multi-chain environment, each wallet is also an independent account, and users may have different transaction behaviors on different chains, so a single wallet on a certain chain cannot completely represent the users DID
At the same time, Lens, Galxe, etc. have also derived social graphs and Profile NFT social portraits through on-chain behaviors. However, most of the interactive behaviors on the chain are transactions.
Currently, there is a lack of social application scenarios to provide social behaviors on the chain. Of course, we think that when the data infrastructure is perfect, and the cost of on-chain is reduced, we can see a lot of social data in the future so as to obtain more valuable social relationships.
- Stealth address, Vitalik’s latest stealth address can separate the right to use and view the wallet address, ensuring the isolation of user identity and assets
The characteristic of the blockchain is openness and transparency. For users, the identity of the user can be deduced through asset information and behavior on the chain. In the latest article, Vitalik Buterin proposed a new stealth address, which is temporarily generated by the user who initiates the transfer through elliptic curve encryption.
The public key and private key, and then combined with the address of the receiving account to generate a secret address and transfer to this address; the receiving user can use his own private key combined with the temporary public key to see the assets of the secret address and receive money later Talent has the right to control this asset. It is equivalent to cutting off the connection with the user’s identity with a one-time new address.
But as Vitalik said, every time a new address is generated, it faces the problem of Gas payment. Although only the payee can control the account assets, the new address does not have enough Gas to pay the transfer fee. At the same time, the privacy of the secret address is only the privacy of the payee on one side, and it is still a transparent operation on the chain for the payer.
The problem of Gas can be paid by abstract wallet management or relayer, and Vitalik proposes to use ZKP to prove the ownership of users and secret accounts and even imagines that different addresses can be used for different dApps, allowing users to manage dApps. Visible information and assets. Of course, it is still difficult to implement ZKP, cross-chain, and wallet design. We look forward to seeing new projects put forward implementation plans.
- Cross-platform Avatar, the three-dimensional character image is more in line with our imagination of identity, and cross-platform Avatar can ensure the unity of identity
Although flat PFP NFT is also used as an avatar and a representative of identity, NFT itself is tradable, and it is difficult to form a binding relationship between identity and NFT. The 3D properties of Avatar provide a visual image, and at the same time, as the incarnation of our metaverse, it has a unique identity.
Like Ready Player Me and Lifeform’s Avatar, NFT can support users to edit appearance and image and can be used across platforms. In Lifeform’s Avatar, NFT itself is an NFT on the chain, which can be directly compatible with the metaverse on the chain, and even off-chain meetings, including Zoom, Google, etc., ensure the unity of identity. Afterward, we can even look forward to a personalized metaverse, which will display more information about one’s own identity in a customized personal metaverse.
Although Avatar NFT is a more three-dimensional identity, currently, Avatar NFT shows more about appearance and appearance, it is just a single identity image and does not include more behaviors or other information that define identity. After that, we can expect Avatar NFT combines metadata or composability to display more information.
Key attributes of DIDs
In fact, DID can be more than an identity; just like our identity may consist of an ID card, driver’s license, education, etc., a single certificate and product form may not be enough to describe our complete identity, but a combination of products applicable to different scenarios form our full identity.
The difference is that the identity information under the chain cannot communicate with each other due to the fragmentation of different central communication systems. After the data is uploaded to the chain, it has fluidity and can support different arrangements and combinations, showing the user’s identity in a more three-dimensional image, such as imagining various games.
The achievements of SBT can be displayed in the user’s personal Avatar NFT as a wearable medal, or the assets and transactions on the chain based on the wallet address can obtain a lower interest in the lending agreement, which can include the composability of data sources, the composability of different application scenarios, and even the composability between different DIDs.
Privacy and security of identity data
At the same time, because the environment on the chain is publicly visible data, we need to pay attention to
- Privacy: In the dark forest on the chain, it is very unsafe to disclose identities and related bound accounts and asset information, especially for the information on the chain that mainly focuses on financial transaction scenarios; exposing wallet addresses and transaction behaviors is very dangerous. Very dangerous, so DID privacy for associated asset information should be a necessity. At the same time, maintaining anonymity is one of the needs of many encryption-native users. At present, we have seen open-source plug-ins such as semaphore and DIDs that provide privacy, such as Firstbatch.
- Security: including information security and asset security. Information security mainly refers to the security of personal information, which may include information such as identity, address, and educational background under the chain, as well as wallet addresses and transaction behaviors on the chain. It is possible to expose this information It brings about personal safety issues, and at the same time, the authorization behavior on the chain is often prone to the possibility of being hacked or maliciously attacked.
Therefore, proper data processing and security must be ensured for the collection, storage, and use of personal information data. Although most project parties now save locally or use AWS, relying on the management capabilities of the team, the downtime of AWS and the endless problems of team management capabilities make us hope that these sensitive personal data can be stored in a more decentralized The modernized database guarantees the user’s data security.
- Review risk: mainly for the potential risks that may exist in centralized storage and management data. Although it is not a common risk of DID decentralized identity that we have seen, we still need to be reminded of possible review risks in the collection process.
Although the decentralized identity space is still in its infancy, it is obvious that it has the potential to improve the identity management system that is now in place.
The world is increasingly heading toward Web3, the subsequent internet generation. More and more individuals are regaining control over their data thanks to decentralization and blockchain technology.
The decentralized identity using blockchain technology has the ability to make identity management decentralized, simple, and seamless, fundamentally changing the landscape, even if the digital identity field is still in its infancy.
Decentralized identity will soon be accessible to the general public in the thriving Web3 ecosystem, which will boom in the ensuing years, thanks to the advancement of avatars in the form of nonfungible tokens serving as users’ digital identities within virtual spaces, soulbound tokens, blockchain, biometrics, and related cutting-edge technologies.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu