Research DAO

Posted on Aug 10, 2022Read on Mirror.xyz

What does DID (Decentralized Identity) do exactly?

Author: @0x长安 | @RealResearchDAO

Foreword

In real life, people's identities consist of various ID cards and registered certificates.

In the Internet world of Web2, people's identities are composed of accounts in centralized applications. Users can submit their personal information to the server, and the server forms an account that belongs to the user.

In the crypto world of Web3, users have countless DIDs, and their composition is also diverse. It can be a certificate obtained by the user's on-chain behaviors, known as the Soul Binding Token (SBT), or it can be the ENS domain name on the Ethereum network. Users can control their own DID and can control when and where the DID is, and to whom they show it.

According to the W3C's definition of DIDs, this is a new type of identifier that supports verifiable, decentralized digital identities. First, it is an identifier, and second, it is a proof of identity. The reason is that there are many types and a large number of DIDs, and there is no restriction on who the issuer is. Therefore, for some unknown issuers, the role of DIDs is more as an identifier, and only after more people use it, will they truly become a symbol of status.

To talk about what a DID does, let's first explain the importance of DID.

1. The importance of DID

At present, not only in the real world but also in the Internet world, there are risks of data competition and information leakage.

In the Internet era, major Internet companies are collecting more user data, because in the era when data is everything, whoever has more user data can create conditions for profit. When using mobile apps, users often have to allow access to the mobile phone's album, microphone, location, and other data to fully unlock the functions. Not only that, some online shopping apps even read the content of the user's pasteboards, recommending some of the products you intend to buy. Such incidents seriously compromise the privacy of users.

In fact, not only the Internet but also the medical system. Some time ago, I went to ask the doctor why can't hospitals be connected to each other and share patients’ cases, since the current physical medical cards and profiles are really inconvenient to carry, resulting in late consultation or the need for patients to undergo some unnecessary examinations. The doctor replied, "every hospital treats patients the same way, sharing patient information will lead to malicious competition between hospitals.''

I don't quite understand whether what the doctor said about malicious competition is the only answer, and I guess it is also possible that there is a risk of information leakage in sharing patient information or other reasons. But I always believe that information should be in your own hands, not in the hands of institutions/companies. 

Therefore, the emergence of DID is necessary. The reasons for the existence of DID are listed below:

Web3 lacks identity attributes and limitations

The current limitations of Web3 have been discussed in Vitalik Buterin's Decentralized Society: Finding Web3's Soul. Web3 lacks the basic elements representing social identity. At present, many projects need to borrow from Web2 applications for publicity and construction. This is an inevitable problem for the Web3 industry that wants to change the Web2 landscape in all aspects.

At present, the identity system of Web2 is relatively cumbersome

And for the identity of Web2, different accounts need to be created to log in to different apps. The more accounts created, the more troublesome it will be for users to manage. Different accounts need to be created in different software systems, the account needs to be remembered by the user, and the password needs to be recited. Of course, you can use the same password, but there is a risk of credential stuffing. Some time ago, the information of a learning app was leaked, resulting in the theft of many people's QQ (a social media in China).

The identity system of Web2 has the risk of information leakage

Later, there was a more convenient way - the one-click login, where users can authorize the data to the third-party platform with the account originally used on the larger platform. You can log in to some third-party platforms with just one click. For example, users can create a Huobi account and log in to Huobi Exchange with one click using an Apple account or Google account. But there is another risk - privacy breaches. For example, when a user logs into Cambridge Analytica using Facebook Connect, Facebook provides various social media profiles of the user to Cambridge Analytica, which later uses the data for political advertising in the 2016 US election.

The contradictions of the identity system of Web2 are increasingly prominent. With the emergence of blockchain technology, self-sovereign identity has found a new solution. Decentralized Identity (DID) is a distributed digital identity system based on blockchain. It has the advantages of decentralization, security, user self-control, and data authenticity and credibility.

In this distributed trust network, there are three components, namely, the issuer, the user, and the application. In this ecosystem, the issuing party creates and distributes DID to users. In this section, the issuing party is not a single organization to create and send to users. Any organization or unit can create DIDs for users.

For DID holders, users can manage their own DIDs with the DID Agent.

When the user needs to use his own DID, the user authorizes the DID to be given to a verifier, and the application can obtain the user's identity, thereby verifying the authenticity of the user.

https://did.baidu.com/did-concepts/#1

So, compared with Web2's identity system, what kind of changes does DID have? 

DID's portability makes it more convenient for users

When using different apps, the identity system of Web2 requires users to create multiple accounts in different applications, While in Web3, users only need a wallet address representing their own identity to access different apps. In this process, users only need to remember the private key of the wallet, and no longer need to remember different accounts and passwords.

DID can protect user privacy

In the real world, in order to go to the bank to approve a loan, you always need to show your transactions of the past half year to the bank to prove that you have a stable salary income. However, when going through the transactions, some of the user's spending is actually unnecessary, leading to a breach of more personal privacy. In DID, users only need to prove that they have a stable income and the ability to repay the loan, which reduces unnecessary information leaks.

DID is more secure

The biggest change between DID and Web2's identity system is that DID is distributed and stored in the hands of individual users. Data is stored on a distributed network, reducing the risk of user information breaches.

2. What are the current DID projects doing?

DID-related projects in the market are divided into several categories: off-chain identity verification, on-chain information aggregation, infrastructure, credential networks, DID applications, etc.

Off-chain identity verification

Similar to KYC, this type of off-chain identity verification is mainly to verify that a user is a real person, not a robot. In the case of BrightID, users need to participate in a Zoom meeting session for verification, and they will be asked during verification to ensure that you are not verifying for someone else. At present, some products of Web3 also use this to ensure that their users are real, such as Gitcoin, Rabbithole, etc.

At present, there are many such products, all of which have the same purpose, but there are obvious differences in the methods of verification. Worldcoin uses biometrics to capture an image of a person's eye, converting it into a short digital code. Jumio uses the ID and selfie method for authentication.

The Binance account binding method may be a better method. Centralized exchanges have natural access to users’ KYC data since users have to go through an identity verification process, which reduces the trust cost, time cost, and promotion cost of re-verification on-chain. Since the users won’t be asked for personal information again, and the existing data can be used directly, they don’t need to go through other verification DApps frequently, which reduces the information breaches caused by trust issues.

On-chain information aggregation

On-chain identity aggregation DID is to aggregate different decentralized identities together to form a centralized and relatively complete identity system. For example, the Solana network is not compatible with Ethereum EVM, but user data on Solana is just as important. Identity aggregation DApps are to centralize the data of users in various places, not limited to the information on-chain, to prevent incomplete identity information caused by a single access channel for identity information.

Next.ID creates an identity infrastructure that aggregates a user's identity into an Avatar, making it the primary touchpoint for interacting with any application or DApp. For example, this is what it looks like on a decentralized social network:

(Source: Next.ID)

Infrastructure

Such products belong to the facilities or systems that provide services for DID, and are usually digital identity applications represented by ENS domain names. The lengthy wallet addresses are difficult to identify, and the appearance of the domain names gives the wallet addresses an easily identifiable identity, which is convenient for users to communicate with each other, and interactions between various protocols and applications.

When we transfer money into the wallet, we usually copy and paste the other party's wallet address, but in fact, we don't know if there will be some unknown problems during the transfer. The way to check one by one is too troublesome and easy to draw mistakes on. Users only know if the address they entered is correct when they made the transfer. With the identity system of the domain names, when transferring money, you can expect the same as bank transfers. After entering the receiver address, the domain names will appear, so as to ensure the correctness of the transfer.

Credential networks (Soul Binding Token)

The credential network is to label the user's on-chain data, and use the credentials to represent the user's contribution, so as to outline the real on-chain image of the user.

Nansen is a blockchain data analysis platform. They also screen out smarter users in various fields by marking each wallet. For example, the first 200 people who provided LPs and those with higher absolute returns who provided liquidity to obtain income were labeled by Nansen; the platform can use each label to filter out some smart accounts worthy of reference. Nansen's label can serve as an example for SBT, and it also makes a big revolution for users to master their own information.

DID applications

The applications of DID are more extensive than some of the previous applications, and the purposes of various applications are also different. These products are all derivative products based on DID. There are DID-based DAO governance applications, DID-based social applications, DID-based retrieval tools, and more.

Let’s take DID-based social applications as an example. With the same SBT, users can enter the corresponding groups, and build a private channel for the contributors and holders of the project. Another example would be a governance management platform for DAO data. The emergence of DID can help some current applications with optimized performances, or provide different services.

3. The future use cases and prospects of DID

The current DID projects are in a relatively early stage. The facilities are not perfect and there are many irrationalities. Many projects need better solutions, so here are some ideas about the future use cases of DID.

3.1 Use cases in DeFi

This bear market can be described as a tragedy. Su zhu's Three Arrows Capital was liquidated by the market and was forced to apply for bankruptcy protection. The main reason is that Su Zhu frantically applied leverages on his managed assets during the bull market. The incident that led to the depeg of $UST seriously affected the asset status of Three Arrows Capital, which was forced to repay the loan. Therefore, customized lending is necessary. Various decentralized lending platforms should improve customized services according to the user's DID. Just like Alipay's Zhima Credits, the higher the on-chain credit score a user has, the more appropriate the loan amount can be increased, reducing the unhealthy impact of liquidation on the market.

The application of DID in DeFi also has a bolder attempt - credit loans. Regarding lending, there are many users who do not have asset collateral but need loans to cover their money shortage when emergencies come. This is currently impossible, since people's credit is not guaranteed, and the cost of default is too low. This is actually unavoidable in the real world. In some places, there is a situation of collective crime. Let’s say the residents of a village borrow money together and decide to breach the contract together. If someone comes to collect debts, they will gather people from the same village to drive away the outsiders. As for this kind of rascal, even if the credit report affects all aspects of life, they don't care. As long as they don't care, there is nothing that can threaten them. If the national level of regulations don’t work, not to mention the crypto world where there are no legal constraints and borders?

The emergence of DID has created preconditions for credit. In the real world, people's credit is difficult to measure, and the cost of fraud is very low. Decentralized identities are different. A DID can be composed of countless DIDs. Users will obtain different DIDs and SBTs when they complete different tasks. The identity system represented by DIDs will visualize and digitize people's identity data. The essence of credit is to use trust as a guarantee to lend funds, the value of credit > the value of lent assets. So with the help of SBT, people's credit will have a better form to measure, so as to realize the use of credit as a guarantee to complete the credit loans.

However, the realization of credit is not simple. It has no real enforcement measures, even if the credit value > loan value. Since the cost of crime is too low, it is easy to cause defaults. As for now, DID credit still has a long way to go.

3.2 DAO governance

In many DAOs, holding the native token of the DAO means having the governance right. The entry barrier for this type of governance method is relatively low, and token holders can vote according to the specific content. But there is another problem, how do we prove that these accounts are real people, not robots? At present, the on-chain user base is actually relatively small. Many users buy tokens in centralized exchanges and do not withdraw them to the blockchain. Therefore, the voting governance on-chain is actually vulnerable to being manipulated, and the protocol will easily suffer from governance attacks.

Increasing the cost of governance is a possible solution. Raising the requirements for voting will effectively prevent robots from exercising their voting rights. The emergence of DID increases the cost of robots and makes governance attacks more difficult. DAO governance will also become more democratic because of the reduction of robot accounts.

3.3 Prevent Sybil attacks

Project parties definitely hope that their users are real persons, not robots. Let’s take Axie Infinity, for example, a large number of robots will lead to false prosperity, leading to a large number of funds being looted. This is why many project parties take extra care of Sybil attacks during airdrop distribution events.

A few days ago, Binance announced that a soul-bound token - Binance Account Bound (BAB) is launching. Users can mint BAB in their accounts after passing KYC verification. The step by Binance provides a new possibility for future airdrop events, that is, after users’ addresses have gone through a KYC process, the future airdrop eligibility may be oriented to some people who have been verified to confirm whether the address belongs to a real person before it becomes eligible to receive airdrop rewards. In this way, the number of robots and fake accounts is effectively reduced.

3.4 In-real-life use cases

DID can not only serve Web3 users, but some practical uses in real life, since it can not only be used for human identification, but also for objects. For cars or food, DID can play a role in the identifying process. For example, the maintenance and accident records, and the number of trips, are all factors that measure the value of a car. But these data are often tampered with, such as odometer frauds, where people roll back the odometer to make the odometer appear lower than it actually is. In a 2002 odometer fraud study, NHTSA claimed that 450,000 vehicles with wrong odometer readings were sold annually to U.S. car buyers, bringing in more than $1 billion in costs.

DID creates its own ID card for each car. The blockchain makes it easy for consumers to access the real information of the car, and the anti-tampering feature makes it difficult to carry out frauds, and the consumer group will be more assured of the product.

4. The difficulties DID encounter

As mentioned above, DID is just an identifier, and it can only be used as a symbol for statuses if it is adopted by many people. The biggest difficulty DID encounters is the small user base. The current DID projects can only exist as an identifier and cannot form a trusted network of consensus.

Therefore, the current DID application sector still encounters many difficulties. At present, most projects and the largest capital volume on the blockchain belongs to DeFi. The decentralized credit system still has a long way to go. Strong regulation is needed to safeguard DeFi.

For the social sector of Web3 based on DID, neither the user's identity system is mature, nor there are many on-chain users. The user data has not been accumulated in social DApps, with just a little remaining in the application layer. Is difficult for users to retain in the ecology.

5. Conclusion

This big revolution brought by crypto has begun to change from financial aspects and games. The paradigm shift will eventually change all parts of the Internet, including the identity system in Web2. The emergence of DID has changed the current structure of the crypto industry, paving the way for the grand narrative of the metaverse.

Join Us Here:

https://docs.google.com/forms/d/e/1FAIpQLSel53Un2E3WrVPCm5Niq3GpHjaYuZ7LdyJECdx-9qUWMpY-FA/viewform

About Us:

Twitter: @RealResearchDAO

Medium: https://medium.com/@RealResearchDAO

Discord: discord.gg/ZSdgM7x6pc

DID

ARWEAVE TX

2jDFIox1VoKXEDcYgoKgHG8jUszHz6FqtVgy9K17TUc

ETHEREUM ADDRESS

0xed111Cf8C23AEafe12286Fd60EE670007457Bf87

CONTENT DIGEST

woKthaQOxYePX00MKN36oyo_kj8OXWBQkCIUfEDurGc

Related Posts
Buidler DAO 大咖夜谈:DID 将会如何改变 Web3?扑朔迷离的DID:是什么?怎么用?|预言家周报#177ACM 分析法详解 DID 赛道如何铸造你的 web3.0 护照:ULAS DIDDID十一个板块三十九个未发币项目整理总结详解38个Web3域名:DID基石,NFT新增长点SBT、DID、声誉/信用系统未发币潜力项目汇总ACM 分析法详解 DID 赛道Digital Ministry Launches Taiwan's Version of DID: No New Documents Issued! Constructing a De Facto Identity with Card Wallet深入Deso:混合Pow共识、社交图谱、DID和无限状态应用版图
Recommended Reading
🚀TrendX Financing Daily News 04/22/2024