Decentralized Identity Trilemma
Identity remains an unsolved problem for decentralized networks. None of the existing solutions are privacy-preserving, Sybil-resistant, and self-sovereign at the same time.
Self-sovereignty — anybody can create and control as many identities1 as they wish without 3rd party involvement.
Privacy-preserving — one can acquire and utilize an identifier without revealing their ‘real name’ or other personality identifying information.
Sybil-resistant — identity is subject to scarcity; i.e., creating more identifiers cannot be used to manipulate a system2.
There were many attempts at creating a self-sovereign identity3. I am not aware of any design that fulfills all three criteria.
A common approach is nesting an identity in the existing infrastructure, e.g., nation-state-issued identity cards. The user goes through a KYC process and proves his or her existence4 5. This serves as a source of scarcity.
This solution is Sybil-resistant, but it violates the requirement for preserving privacy and self-sovereignty. Proof-of-Authority shares this flaw6.
Another approach assumes providing a Proof-of-a-Unique-Human7. This methodology can, in theory, be independent of centralized 3rd parties. The identity is derived from a unique feature of the human body — its biometrics. The peer-to-peer process of human-driven checks is designed to ensure the correctness of provided information.
It is questionable whether this system can be secure. However, if this assumption is granted, it still falls shorts of the self-sovereignty and privacy-preservation requirements. It assumes a single identifier issued to each person and needs a verification process.
Finally, solutions are utilizing Web-of-Trust (WoT) approach8. In this scheme, anybody can create and control an identity. Anybody can also become an issuer of an identifier. Its validity is defined through the network of connections with other identities.
There is no source of scarcity here. This makes it susceptible to Sybil attacks.
Scarcity of human
The trilemma exists because we do not have a decentralized source of scarcity for human capital.
A potential solution could be derived from a decentralized organization system9. In this case, the scarcity stems from the organization's value and can be attributed to each contributor. Contributors can serve as attributes for an identity.
However, for this to serve as a basis for a universal identity system, these organizations would have first to become massively popular. Even when expanded through WoT.
Another approach could be based on a social graph of personal cryptocurrencies10. It is a similar idea to WoT. However, the value of social connections gets priced because each connection offers an upside but carries risk for both sides.
This idea is highly experimental and is yet to be tested. There are open questions about whether this approach would be possible to fulfill the privacy requirement. Even if this concern could be resolved, it’s a partial solution at best — it prices in trust between actors, not their expertise or contributions.
A universal design would be possible if a source of scarcity were available as an objective metric. Proof of Work introduced an abstraction of financial capital in the form of an objective metric.
A missing piece is a similar metric providing an abstraction of human capital.
This essay was also published on Twitter as a tweetstorm.
Read next: Attention as a Source of Scarcity for Decentralized Identity Systems.
Thanks for reading an early draft and/or providing feedback to Trent McConaghy, Remco Bloemen, Joe Andrieu, Phil Windley, Jack du Rose, Balázs Némethi.
Joe Andrieu, Kevin Gannon, Igor Kruiper, Ajit Tripathi, Gary Zimmerman, “Clearer Identity Through Correlation”: https://github.com/WebOfTrustInfo/ID2020DesignWorkshop/blob/master/draft-documents/identity-crisis.md
For instance, one cannot gain more voting power in a governance model using the identity system. One cannot claim more allocations in investment rounds divided to give equal participation to many participants.
Christopher Allen, “The Path to Self-Sovereign Identity” https://t.co/1gkrF2T9Xd
Telegram Passport https://telegram.org/blog/passport
POA Network: https://github.com/poanetwork/wiki/wiki/POA-Network-Whitepaper
Mohammad-Javad Hajialikhani, Mohammad-Mahdi Jahanara, “UniqueID: Decentralized Proof-of-Unique-Human”: https://arxiv.org/pdf/1806.07583.pdf
UBI Circles https://github.com/CirclesUBI/docs/blob/master/Circles.md