Hey there,
In 1996, Pierre Omidiyar had a strange problem. His platform (eBay) allowed buyers and sellers from all walks of life to meet one another and trade at the click of a button. It mostly worked, except occasionally, people did prank sales or, worse, outright fraud. How do you stop a network of people conducting trade with one another from cheating? eBay's founder set up a forum where people could leave reviews about the seller, resulting in the web's earliest identity networks.
Until then, not delivering a good or overcharging for something had little to no consequence. Twenty years later, the cost of losing one's reputation is one of the most potent detractors preventing brands and sellers on the web from engaging in fraud. The internet's transition from an unknown cluster of IP addresses to one with layers of identity has fascinated us. Siddharth spent the past few months studying identification mechanisms in Web3.
We will take it live on Thursday, but for today, I wanted to lay a precursor for the article. In our Friday issue, we explored how advertisement networks could emerge on-chain. But for an ad network to work, you need effective identifiers. I suggested that wallet addresses are the primary identifiers of a person in the blockchain ecosystem. There's only one problem with that assumption – as noted in our piece on airdrops, a person can spin up hundreds of millions of wallets in one day.
Unless you can meaningfully identify and target users, you have a problem. You may presume you have a large user base when you have a band of airdrop farmers. This is a structural problem with the crypto ecosystem today, much like it was with the internet in 1996. Vitalik Buterin proposed an alternative model in his paper on Soulbound Tokens.
Can’t Sell Your Soul
Tokens and NFTs can be transferred at will – enabling a free market for these assets. In comparison, Soulbound Tokens (SBT) cannot be transferred from one wallet to another. This means that once a user acquires an SBT, the only way to sell it to a third party is by handing over the wallet's private keys, referred to as a Soul in the model. Issuers like universities, employers or product teams could issue soul-bound tokens to eligible wallets. Other individuals holding similar SBTs could attest to a wallet's reputation.
This is similar to your university's issuing a certificate. Instead of the certificates being physical and open to being forged, an SBT system enables third parties (like employers) to verify claims of identity being made. Much like simply checking a token's smart contract address to verify if you are interacting with the right asset – a person could verify the smart contract address of institutions to which a person claims affiliation.
Why does this matter? Think of a platform like LinkedIn. Your identity is the summation of all the organisations you can draw affiliations with. The problem? Nobody quite knows how to validate these affiliations. The entities issuing the affiliations don't have a choice as to who can claim what on the platform.
For instance, I could claim I designed the SR-71 (a beautiful machine) with the Skunk Works team, and the organisation could do nothing to stop me. SBTs offer a mechanism for multiple issuers to directly establish relationships with a single entity. The entity could be a person or an institution.
What would this look like in practice? Binance offers some clues. They issued a series of BABT (Binance Account Bound Tokens) to create a network of verified accounts. Users who had done AML/KYC on the exchange could mint BABTs to their wallet addresses through the exchange. Over 855k wallets have minted account-bound tokens through Binance as of this writing. Why would users bother with tying on-chain wallets to their identities?
As with most things in crypto, it boils down to incentives. Users with verified accounts were given additional staking rewards and free in-game items.
For products, enabling additional perks for BABT holders is not an expense. They are receiving access to a network of verified users with exchange accounts. The incentives drive enough attention to have these users (potentially) trade their native tokens. At the very least, they'd know they are not being Sybil attacked by a single person spinning up wallets. The data on BABT shows some other intriguing features of how users on-chain behave when they have their 'real' identities linked to a wallet.
For instance, close to 11% of all BABT holders have 'revoked' their tokens at some point. These are wallets that lost access to their tokens. If that happens, Binance offers a mechanism for users to re-issue their tokens to a new wallet. It is quite evident that expecting users to tie all their identity-linked data to a single wallet is a terrible idea if you do not design mechanisms to retrieve the wallet.
Additionally, two-thirds of all wallets that issued a BABT token after validating their details used a new wallet. Users are paranoid about their on-chain privacy even when willing to give their details to a provider like Binance.
The whole exercise is quite interesting. If you have the numbers for what percentage of a dApp's userbase are verified, real users, you can more or less assess the 'human'-ness of a dApp. Historically, the argument with most dApps has been that bots primarily run them. According to data from @David_C on Dune, 5.5% of the total user base on Metamask interacting with Binance Smart Chain had a verified BABT account. Galxe – a platform that allows users to find new products and do quests to receive rewards – had over 13.5% of their users verifying their humanness.
Scaling Your Soul
What is the point of all this? Earlier today, Visa announced its collaboration with Solana on stablecoins. This comes a few weeks after their work on account abstraction. A new generation of fintech apps will use blockchain infrastructure to enable global-scale finance.
In such an instance, users will be 'verified' – like they do today with on-ramps before they can access the complete suite of products a fintech app offers. Metamask announced a feature that allows users to sell to their banks directly. Such use cases would require increasing amounts of gathering information on users.
An SBT lets platforms know that users have done their AML/KYC at a third-party platform like Synaps.
A user could give their real-life documents (like their passport) to a service provider (like Binance or Synapse) to have a token minted that ties their real-life identity to their wallet. The service provider may not have to pass on the personal identification documents to a fintech app until the law requires it.
However, they could curate and enable a small subset of users to trade, purchase or transfer with one another. The fintech platform will only have to check if the user holds an SBT issued by the identity verification service instead of capturing the user's personal details. You replace an API call with a blockchain query in such an instance.
This curated subset of users could be buyers of instruments that have historically been kept on the periphery. Applications like income-sharing agreements, DAOs that offer dividends, or purchases of real-world assets could be enabled once user identification is activated on products.
It may seem far-fetched, but products like Gitcoin Passport enable users to tie their real-life identity to a wallet address. They do not pass your identification to an app but instead, give a score that factors in the amount of identification you provide the platform. The score could involve attributes like connecting your Twitter, Google and Facebook profiles to your wallet address on Trusta Labs to run proprietary algorithms that verify the probability of your wallet being fake.
In other words, the mechanisms for users to verify their activity on-chain really exist here and now. SBTs could be crucial in enabling the next generation of fintech applications as they drastically reduce the barrier for AML/KYC. Assuming that platforms emerge that take on the liability of validating a user's identity, developers would soon be able to create use cases that do not involve complex on-chain gambling. Instead, things like remittance and reputation-based lending could emerge.
One of the use cases Vitalik's original paper points towards is using an on-chain reputation for venture capital. He argues that on-chain credentials could soon make it possible to offer lower, preferential interest rates depending on a person's background and probability of repayment. I believe the primitive would be used for alumni-based investment pools. This might sound a bit erratic – but hear me out.
(Or read the graphic below in the order of numbers mentioned. The blue lines indicate the flow of data, the green lines indicate the flow of capital.)
At its core, venture capital is about building a pool of money to fund talent that ticks off specific requirements. It has become common to bet on the alumni of firms like Stripe, Spotify and Paypal. A simple use case for a DAO and SBTs would be to set up a pool of money – in a smart contract, have users verify their wallets using SBTs, have a network of colleagues attest to their capabilities and receive a line of credit.
In such a model, you are betting on a single parameter – the user's work background. Surely, this already happens today. Close colleagues already dominate friends and family rounds in the market. In a DAO model, third-party capital allocators interested in co-investing could join along with much lower friction levels. Co-investing at the speed of transferring stablecoins.
Naturally, it is foolish to do this setup for a single organisation. Such models are effective only at scale. You would need former employees of multiple prominent startups to create a marketplace for such a model. The DAO’s responsibility would be to curate employees and match them with an increasing pool of capital.
(FWIW, this would require the same kind of checks as AngelList SPV. The critical difference is in the speed and transparency of such a system's capital and data flow.)
This could also play out in a different area – income share agreements. Present-day DeFi applications must go to great lengths to enable any RWA. However, employees could unlock 'liquidity' for their salaries (or ESOPs) by having employers issue them SBTs. An SBT could represent 20% of their income for six months in such an instance.
A third-party lender could verify the SBT's ownership in a person's wallet and offer undercollateralised loans. This already happens today with pay-day loans. The difference is that an SBT-based model allows multiple lenders to compete on the lowest interest rate a person must pay without requiring the employee to apply at multiple places.
The emergence of identity-related primitives in the industry represents a shift for all of crypto. They strengthen the interactions between the traditional world of finance and on-chain capital. Along the way, they also make security and privacy trade-offs. For instance, SBTs could target users working at specific organisations.
The industry often jokes about how the Bored Ape Yacht Club (BAYC) NFT owners must be relatively unsophisticated, considering how often they get phished. Inversely, they are subject to more attacks as their wealth on-chain is more evident.
The world of identity has privacy-preserving mechanisms that this piece has yet to explore. I'll be in your inbox on Thursday (or late Friday morning, given how deadlines work) with the long form on it.
Waiting for my Singapore visa,
Joel