Zero Knowledge in DiDs and Social Networks
Author: Ishanee, IOSG Ventures
Let’s start by establishing terminologies that will be referenced throughout this article.
- Decentralized Identity (DID) or self-sovereign identity (SSI) is an open standard based framework that uses identifiers verifiable credentials that are self-owned, independent and enable trusted data exchange.
- Credential / Attestation / Verifiable Credential (VC) / POAP / SBT is a piece of document in Web2 or on blockchain with details pointing at a qualification. These can be issued by an authority or self-issued.
- Issuers are entities, authorities or organizations issuing credentials, certifications, or qualifications.
- Verifiers are end-users who query credentials and conduct target marketing or engagement activities to the identity.
A quick example is “XYZ studio wants to airdrop their NFTs to all Uniswap V3 LPs”.
- Verifier is XYZ studio who will be engaging in targeted engagement activity i.e. airdrop.
- Credential is the Uniswap V3 NFT which is held only by Uniswap LPs.
- Issuers of the credential are Uniswap Labs.
- DID is the digital wallet participating in the Uniswap protocol.
The public wallet address is known to the verifier when they query all Uniswap V3 LP NFTs on the blockchain which is considered the “verifiable data registry”.
Now, we can focus on the article taking note of how much of the verifiable credential and identity stack exists on the internet / Web2 companies and whether web3 is even relevant.
Identities, VCs and Social Networks in Web2
Meta, Twitter, Instagram, Reddit, Quora, Weibo, TikTok are all social media platforms. They have coupled user identities, content and social networks in a clean pre-packaged platform which is easy to use and subsequently a great place to harvest user’s personal data such as their hobbies, activities, locations, interests etc.
The business model is simple — sell anonymized user data to advertisers who will use the information to conduct smarter campaigns. Meta Google also enable an auction model enabling marketers to bid on ad slots.
This has been a highly profitable business strategy for platforms — top social media companies in the States made an estimated US$181.1B via ads. 81% and 97.9% of Google Meta’s respective total 2021 revenues come from this channel.
When this volume of revenue is on stake, no company is incentivized to open source their identity database and make it more user-friendly. This is where Web3’ philosophy of decentralized, transparent, tamper-resistant and privacy preserving social solutions come into play.
Evolution on Web3 social infrastructure
Some main tenets of social infrastructure on blockchain are illustrated in the picture below. The data ownership of the utmost importance to end users who have full control over their digital identity.
Current state of social infrastructure in web3
The current on-chain social data market is divided into dStorage solutions, social graphs, credential issuers and a combination of issuers and social graphs.
The key challenge for the industry includes:
Lack of granularity of on-chain data
- on-chain data like wallet holdings (ERC20 NFTs), transactions, dApp interactions, frequency of trading, etc. is the main data that can be collected.
- There is no access to personal data except for analyzing the type of NFTs bought by the wallet.
Lack of privacy-preserving ways to bring off-chain data on blockchain
- Bringing off-chain data on chains like Ceramic can expose the user data to public blockchain querying.
Lack of user retention on social networks like due to lack of applications who will continue to propagate the social graphs.
Role of ZKP in social infrastructure
Key challenge in bringing user data from social media networks like Meta or Twitter to blockchain is the lack of privacy. Even with encrypted data — storing on multiple anonymous nodes — is risky and prone to hacks or decryption of data.
ZK-based applications enable:
- Trustless verification of user data
- Privacy preserving of user data
With the use of ZK verification in DID systems, users can introduce more granular social data to the blockchain in form of ZK attestations or credentials which can be verified trustlessly without too many data leaks or central databases.
Sismo
ZK attestations by Sismo is an interesting experiment in this direction. Based on the user / wallet interactions, Sismo allows users to claim ZK attestations. Using Sismo’ SDKs, developers can now use the Sismo attestations to target a user demographic.
The alpha launch (unaudited at the moment) enables users to mint their ZK badges on Polygon. However, the attestations are of the wallet’s Ethereum activity. Picture below is an example of Ethereum Power Users ZK Badges. Each attestation/badge is in non-transferable SBT (ERC1155).
First Batch
First Batch brings off-chain social data from Discord, Twitter, Reddit etc; on-chain. They use Twitter’s OAuth to index user’s off-chain data which is run through their AI system. The AI will tag the user’s profile with attestations such as “coffee lover” and “sports fan” with further tags like “Nespresso” and “Lakers Fan”.
The tags are turned into ZK attestations on-chain that dApp developers can interact with at a smart contract level without revealing the true identity of the end user.
Trinsic ID
Trinsic’s flagship products include credential API for issuers, provider API for customers and wallet API for users customers. To use Trinsic, end users must create a digital wallet and generate credentials in the wallet that are designed in the Trinsic Studio. Along with credentials, users must generate verification policies indicating several data points such as “user is over 21 years old”.
Provider APIs can access the VC and the wallet APIs to target their key user base and conduct on-chain engagements like airdrops.
Notebook Labs
Notebook enables users to set up a “notebook” with their personal data indicating they are human and other personal data like name, address, social security number (optional), country of residence etc. User notebook in its V1 is stored on an AWS server.
If a user wants to prove their personhood, they authenticate their wallet address and make a connection to their notebook. Client side generates a proof that they have a leaf in the merkle tree and sends the proof to the verification smart contract.
This application would be a great way to pre-approve KYC AML and integrate them easily into dApps in the future. Using ZK-based DIDs are great at preserving user privacy and allowing the user control to edit their data without storing the entire data on-chain.
Humannode
Human node is a sybil-resistant Layer 1 blockchain that uses proof of uniqueness and proof of existence as its base consensus layer. The blockchain is an EVM compatible substrate chain. Each node has equal voting rights and are blacklisted in case of malicious activity. According to the team, they have collected data of over 10,000 humans.
Human node team specializes in cryptobiometric authentication combination of cryptographically secure matching and liveness detection mechanisms to verify the uniqueness and existence of real human beings. They use ZKP to deliver proof of uniqueness and liveliness to the protocols.
Polygon ID
Polygon recently announced their polygon ID product and works similar to Sismo. They’re focusing on attestations for the wallet’s polygon chain activities and helping generate ZK proofs as the verification mechanism. The key product on user side is the Identity App as shown above and the ID client toolkit with relevant API and SDKs for developers / dApps / customers to integrate.
Worldcoin
Last but not the least is Worldcoin developed by Sam Altman, the CEO Co-Founder of Open AI. Worldcoin is positioned to provide privacy preserving proof of personhood protocol and is powered by Semaphores (a ZK implementation developed by AppliedZKP). They have integrated with an optimistic rollup called Hubble to implement their “airdrop to a billion people”.
They have created a product called the “Orb” that captures an image of a person’s eyes, which is converted into a short numeric code, making it possible to check whether the person has signed up already. If not, they receive their free share of Worldcoin .
Conclusion
Social infrastructures are key to building any form of sustainable social network or application on web3. Privacy, security and data ownership are key to the infrastructure space and there are multiple companies working on solving this problem. Almost all companies that focus on privacy in the context of identity, work with zero knowledge proofs as the source of verification.
As the industry develops, the key challenge for the companies would be to capture the market — this is predominantly user data which can only be scaled via social applications requiring users to “sign up”. Worldcoin is an exception in their go-to-market but besides them; all companies are actively competing for developer and dApp attention. Creating a functional SDK to onboard developers would be of the utmost importance to these infrastructure providers. They may have some gamifications on their own frontends but this has limited scale as mass user migrations occur for the concept of “entertainment”, “content” or “speculation” in crypto.
***END
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
USDC Treasury destroys 50 million USDCs on Ethereum chain
Worldcoin launches new World ID Passport credential
Japan's new Prime Minister reorganizes Web3 and cryptocurrency policy-making departments