Connect with us

Tech

Is it possible to have a “acceptably nondystopian” sovereign identity?

Published

on

Is it possible to have a “acceptably nondystopian” sovereign identity?

by Molly White on


– Back to the collection

Trustlessness and anonymity are key to the crypto world. Crypto wallets don’t require people to have real-world identities. Communities also try to avoid trusting institutions such as governments and big tech companies. These limitations are being imposed by the crypto community, which is increasingly looking beyond NFT trades and simple payments.

DAOs often have a “one token and one vote” governance model, which gives power to the powerful. Although some DAOs believe that this model is ideal, others have adopted it as there aren’t many promising alternatives. Unlike in offline organizations and societies where centrally-controlled identifiers or even just in-person attendance are fairly successfully used to ensure one individual gets one vote, this has been a very difficult nut to crack in the crypto world, where one individual can trivially create endless new wallet addresses–known as a Sybil attack. 1

Cryptocurrency loans tend to be too collateralized. This means that users have to invest more in crypto than they get in loans. This works well for those who already have capital and wish to use it in another format (i.e. borrowing fiat currency against their crypto holdings), it doesn’t work well for the more standard reason people take out loans: because they don’t already have the money they need. This is not surprising in an ecosystem that boasts of helping the marginalized and “banking the unbanked”. These overcollateralized loans are necessary because there is no reliable indicator of a person’s reliability, like the ones used in traditional finance such as credit scores and banking records. Some anonymity-preserving loan platforms do not require know-your customer (KYC) so that overcollateralized crypto loans can be made. This is because anonymous users could borrow money and make off with it.

Increasingly, conversations are being had about how to verify statements about people (or crypto wallets) without having to rely on the state or any other centralized entity. How do we make sure that each wallet is unique?

Vitalik Buterin, co-founder of Ethereum, has been discussing “soulbound tokens”. 2 Jack Dorsey just launched “Web5”, a buzzwordy project focused on decentralized identity. 3 Projects like Proof of Humanity,4 BrightID,5 and WorldCoin6 are all tackling Sybil prevention in their own ways. Web3 companies like Spruce7 and Disco8 have emerged to try to tackle self-sovereign identity (that is, identifiers that are controlled by users rather than by central entities) in the blockchain world and elsewhere.


Contents


Some context

Self sovereignty isn’t a new concept. Nor are the challenges crypto faces in online identity. Some solutions discussed recently do not necessarily include blockchains. They are broad approaches to digital identities.

I have had concerns and opinions about online identity and credentials since before I began researching crypto. Most of my opinions on the topic are applicable regardless of whether or not blockchains are involved. This essay is motivated by a resurgence in interest in self-sovereign identities due to crypto and web3.

Self sovereignty is one of those concepts that looks great at first glance but becomes very bleak when you think about it. However, centrally-controlled identifiers that are left to corporations and governments have their own serious and obvious problems, particularly in relation to access, marginalized groups, oppressive government, and access. This essay does not attempt to define self-sovereignty and related topics as either universally bad or excellent, but to raise some issues that I believe are crucial to being considered by people working on these issues.

The technology industry and especially the crypto industry have long used a “move quickly, break things” approach for innovation. In the name of innovation, developers and companies have made sacrifices in quality, security and user safety, ignoring collateral damage to human beings. Considerations of ethics and user safety, privacy and security, as well as “is this even good to society”, are often overlooked. “Testing in production” is the standard. Legislators and regulators often lag behind, intervening only after great harm has been done (and sometimes not even then).

Self sovereignty is not an area where it is okay to “move fast and break things”. Already, people are talking about digitally capturing sensitive information, issuing attestations to other individuals with or without their consent, as well as recording these things to immutable Blockchains, where they could be stored indefinitely. This is what scares me.

Concepts

  • Decentralized identifiers (DIDs): a proposed recommendation9 for unique identifiers that provably belong to an individual or organization. These could represent many concepts. A person might have multiple DIDs that represent identifiers such as their Ethereum address or their driver’s licence number. DIDs can also be used to identify employees or their phone number. These DIDs can be issued by an individual or a third-party (for example, a government could issue a DID representing a national identification number). The identity of the issuer as well as the recipient can be cryptographically verified. These DIDs can be used to sign verifiable credentials.
  • Proof of personhood: a means of establishing that an identity like a wallet address corresponds to a unique individual in a network. Although this is sometimes called “proof-of-humanity”, it can also be used to refer to a specific organization that implements one method of PoP.
  • Self-sovereign identity: the general term for an approach to online identity that is controlled by the user, rather than maintained by a central party.
  • Soulbound tokens: Vitalik Buterin and a group of others have been recently working on the idea of “soulbound tokens”: non-transferable, unique tokens much like NFTs that are bound to “souls” belonging to unique individuals. These tokens are used to represent concepts such as college diplomas or birth certificates, and should not be transferred like NFTs.
  • Verifiable credentials: a recommendation10 describing how digital credentials can be issued and proven. A verifiable credential could be something that someone has. It might represent things we would normally associate with “credentials”, such as a college diploma, professional certification or security clearance. These can be used to certify other things, such as proof that someone has completed a course, earned a certain grade, attended an event, purchased an item or joined an organization. A credential could be issued to verify one’s identity. For example, someone could declare their favorite color via VC.

The trilemma of digital identity

A triangle, with the three points labeled 'decentralization', 'security', and 'scalability'.

The blockchain trilemma

Trilemmas refers to a group of three goals that are not all possible at once.

Some crypto-literate readers are already familiar with Vitalik Buterin’s blockchain trilemma: decentralization and scalability. The end result of blockchains is that they make tradeoffs for one goal in order to achieve the two others (although there are some who believe all three can be achieved but that’s another topic).

A triangle, with the three points labeled 'privacy', 'decentralization', and 'Sybil resistance'.

The digital identity trilemma11

Digital identity has its own trilemma. 11

Today, blockchain ecosystems almost universally sacrifice Sybil Resistance for decentralization or privacy. However, Sybil resistance is becoming a more pressing problem, and people are attempting to solve it. Organizations have to make compromises between privacy and decentralization or both.

Bitcoin and Ethereum don’t rely upon a central authority for identifying identities. Users don’t need to reveal any personal information when creating wallet addresses. However, Sybil attacks can be used to expose projects that use those addresses as their sole identifier.

Some crypto-projects that seek to avoid Sybil attacks may require additional KYC checks. Users must submit government-issued identification papers to prove their identity. Sybil resistance can be achieved, but this comes at the cost of privacy and requires users to submit government-issued identification documents.


Proof of personhood

Proofs of personhood are a broad term that covers a variety of attempts to prove that someone is unique in a network or the world. These projects are trying to solve Sybil’s problem but have so far sacrificed privacy and/or decentralization to various degrees of dystopianism.

Some people may be familiar with Worldcoin. It is a Sam Altman invention that promises universal basic income. MIT Technology Review6 and BuzzFeed News12 both published excellent investigative articles into the project nearly simultaneously in early April. For those who are not familiar, the project seeks to solve the Sybil problem by requiring users to provide retinal scans and various other biometric data by staring into a large chrome orb. Worldcoin claims that their alpha-stage product, or at most , is , privacy protecting, because they plan to store only hashes rather than actual data. It doesn’t matter if they delete biometric data, as they say they will (eventually. probably), but it is difficult to argue that anyone could be anonymous in a system in which an “orb operator”, interacts with them in person and gives them a crypto address. It is not decentralized as all data are stored in opaque Worldcoin systems. It would also be difficult to describe this approach as self-sovereign in any way–the user has no control over the identity that is created for them and stored on Worldcoin’s system (which certainly would seem to raise some concerns from a GDPR perspective as well). It is not difficult to see the dystopian nature that a company using a chrome orb to collect retinal scans and high-resolution images, as well “contactless Doppler radar detection [their] of heartbeat, breathing and other vital signs” as a company. 6

BrightID, another project that aims to verify “universal proofs of uniqueness”, is another. The social graph allows users to verify the identities of others they trust and know. It doesn’t depend on any central entity to manage the information store, which helps it achieve its decentralization goal. However, the entire web-of trust system depends on users revealing their identities. BrightID also shows a huge web of verifications between users, and the extent to which they have reported knowing each other. This type of privacy intrusion has become more common with the advent of Facebook, but it is still far from what users expect from blockchain systems. BrightID remains vulnerable to Sybil threats despite all of this. To verify new identities, one simply needs to locate disjoint groups. BrightID incorporates a dystopian, “social credit”-style system where users are not only penalized for bad behavior but also their connections. Their documentation states that “some algorithms might consider it a negative signal if your connections already know you as someone they have just met, or a suspicious connection.” Your already known connections’ bad behaviour might also negatively impact your verification.”

Proof Of Humanity is very similar to BrightID. This adds costs to the system. Users must make a deposit (or crowdfund) to verify their profile. Users who challenge false profiles can also receive a financial bonus. If anyone knows of a dystopian sci fi novel that is based on this premise, I would love to know. PoH, like Worldcoin seeks to implement universal minimum income.

There are many other systems that can reduce duplicate wallets or even prevent them altogether.

In some cases, standard bot prevention technology such as CAPTCHAs may be used. This is not to stop someone from creating multiple identities within a network, but to make it more annoying to do so at scale.

Other system collect massive amounts of data from NFT collection to determine if a wallet is a duplicate. Proof-of-attendance NFTs (sometimes called POAP NFTs) are used to show that someone attended an actual event. Therefore, two wallets with POAPs from the same event will be taken to indicate that they may not belong to the same person. The recipient must complete a “quest”, which is a level of participation or effort that is not trivial. These are used to signal uniqueness and make it impossible for anyone else to duplicate the effort across multiple wallets.

Some people dream of a future where all achievements can be represented on-chain. They can see a wallet that contains things such as a college degree and a mortgage loan and a history of attending real-world events, and assume that no one is duplicateing these things. This might seem Sybil-proof but it is not practical today. It also compromises privacy to an alarming degree.


Verifiable attestations

Much of the recent conversation around digital identity is not focused specifically on the Sybil problem, but instead on verifiable attestations: attestations from one verifiable party about another verifiable party that a statement is true. Although the term “credential” is often used in connection with W3C’s Verifiable Credentials proposal the concept could be described more as a “verifiable assertion” or “verifiable attestation”. There are many implementations, ranging from Vitalik Buterin’s “soulbound tokens” to W3C’s Verifiable credentials. For the moment, I’ll refer to both these implementations as “verifiable certifications”.

Proposed uses cases for verifiable certifications include what we think of today as “credentials”. For example, a university might attest that a student has earned a particular diploma. A government could attest that someone is a citizen. A state could attest that a driver obtained their driver’s licence. A company might verify that an employee works for them.

But other people have discussed the use of verifiable statements more broadly. An organizer might attest that concertgoers attended a particular concert. An individual might be a member of a church that attests to their membership. A game developer may attest that a person completed a level. A brand may attest to the fact that a customer purchased their product.

The one thing all these attestations have is that they shouldn’t be transferable. If an entity attests to your earning a diploma, driver’s licence or attending a concert, that attestation should not be transferred to anyone to claim it as if it was theirs.

These attestations, according to proponents, would allow for a more robust level of interaction in the crypto world. These attestations sound like a privacy nightmare, I believe.


Soulbound tokens and negative attestations

A recent episode of the Bankless podcast featured Vitalik Buterin and Evin McMullen discussing the pros and cons of Buterin’s brainchild, soulbound tokens, and McMullen’s preferred form of attestation, verifiable credentials.

The somewhat dramatic name, “soulbound tokens”, comes from the World of Warcraft concept of soulbound items that can’t be transferred between players. The May 2022 paper he co-wrote with E. Glen Weyl and Puja Ohlhaver describes how the broad idea simply needs to be “acceptably non-dystopian” to be worth pursuing, which seems both like an awfully low bar, and also makes me worry about the definition of “acceptably” they’re going with.

One reason soulbound tokens are preferred to verifiable credentials is that they allow for “negative attestations”. As an example, he uses loans. Even if you could verify based on someone’s positive attestations that a person met your threshold of trustworthiness to qualify for a $10,000 loan, you would probably also want to verify that they hadn’t already taken out 100 different $10,000 loans from other lenders. Buterin describes this as a “negative” attestation–something that a bad actor might wish to conceal in order to take advantage of a system. In his system, a lender providing a loan could issue an SBT representing the $10,000 debt, and the borrower wouldn’t be able to get rid of that token. The lender will issue a new SBT confirming that the loan has been repaid. The borrower, if they tried to go open a new loan, could be required to provide a zero-knowledge proof13 that traversed the set of attestations applying to them on the Ethereum chain, proving they had no open loans (or that they only had below a certain amount of debt outstanding, or some other claim that they could prove based on the tokens they held or didn’t hold).

There are obvious privacy implications: Not everyone wants their debts to be visible publicly on the Ethereum blockchain. Buterin brushes this off with the argument that such a system could use zk-SNARKs14 to encrypt the token contents as well as its sender and recipient. This scenario also has some potential edge cases, such as when a lender goes out of business or never records the repayment. This scenario, however, was much more benign than the one Buterin used. The borrower agreed to the “negative” acknowledgment being made when they took out the loan. Any new lenders will require proof that there are no outstanding loans. Fine.

Buterin then used a negative attestation regarding criminal records. Uh oh.

In the real world, just like the non-cryptoworld, there are situations where one side must know the other side is at most reasonably trustworthy. One thing they could do is show that the other side hasn’t had a criminal record. It’s a simple test to prove that the other side doesn’t have a criminal record. 15

Now, ignoring Buterin’s more-than-questionable conflation of the lack of a criminal record to trustworthiness, he’s also revealing here that his dreams for soulbound tokens involve police departments uploading criminal records to the blockchain. Not only that, but he’s envisioning a world in which every police department uploads criminal records to a blockchain, providing the level of data completeness required to prove a negative. And finally, he’s envisioning a world where every police department uploads criminal records to his blockchain, the Ethereum blockchain. Although he states elsewhere in the episode that digital identity frameworks would benefit from being system-agnostic and should not require anyone to use a given blockchain (or any blockchain at all), his own dreams for the future clearly don’t involve decentralization except as far as it can be achieved within his preferred blockchain.

His dream clearly includes people being able send soulbound tokens to others without their consent. This is because it’s unlikely that people will consent to police recording their crimes to be used against them later. This is perhaps an unsurprising vision of Buterin’s, given that the current state of the Ethereum blockchain enables people to send NFTs without the receiver’s consent, a horrifying state of affairs for anyone who’s given more than about ten seconds of thought to the enormous abuse potential. This already terrible state of affairs is made worse by the fact that these SBTs are not transferable, regardless of whether they contain content such as doxxing, revenge porn or child sexual abuse material.


Verifiable credentials

The system of verifiable credentials Disco’s Evin McMullen waxes poetic about on Bankless seems at least preferable to soulbound tokens. It is not stored on-chain. Consent is required before any party can issue tokens to you. Negative attestations are also required. It is almost like listening to someone perform the privacy paradox in front of you. 16 Web3 advocates, McMullen included, regularly speak of privacy, anonymity, and data ownership as a top priority. But she also says in an episode of Digitally Rare:

We can’t have fun in the metaverse together if all I know is how much money we have. We can have more fun together if we know each other’s friends, our interests, and the types of activities we enjoy. I also know what Jonathan and Matt like to do, how they are doing it, and even the type of music they listen to. If we want to create a song together, then we need to know who can write music. A song written by the most wealthy people might not be a great one. 17

Her descriptions about this future world where relationships are front-run rather than built more organically between people are a stark reminder of Philip Sheldrake’s concerns about the “SSI century”.

An acquaintance now quits those ‘old-fashioned’ relationship-building niceties and gets straight to the SSI point. Which college did you go to? What college did you attend? Which college were your parents at? Democrat or Republican? Which gender are you? Your ethnic origins? Which gene are you more likely to have?

If you don’t make the required verifiable claims, you will not be able to reach the SSI century’s first base for trust building. This is trust avoidance, not trust building. Then you are either ignored or rejected. It gets worse. It’s worse. The new social norm expects you and everyone to do the same examinations. And your agents should be doing the same as usual. Why not? It’s said to be beneficial, it builds trust, and that it’s the missing layer. It’s frictionless. It’s easy to use and works for individuals. Government services have already adopted it. 18


Data custody and security

Another promise of the world of verifiable certifications is the ability to control one’s data. A common refrain is that, instead of your data being stored in Facebook’s database, or in the dusty records at the town hall, or with your doctor’s office, you can instead take your data with you.

The details of this differ. Buterin and other people talk about recording this data to a public blockchain. They use various cryptographic techniques to ensure that your information is not outsourced to the rest of the world. Others, like McMullen, want you to use their databases. There are also projects such as Jack Dorsey’s “Web5” that suggest you can create your own “decentralized Web node” using all your credentials.

If crypto and blockchains can give us one thing it’s that they can provide insight into the inability of average people to secure their data. Although I don’t love big banks, large social media companies, or the company that my doctor uses to keep my medical records (or any other type of data storage), at least they have compliance requirements and security teams.

It’s enough to have a person mess up their crypto wallet security procedures and all their apes gone. I don’t believe that someone will blunder their security procedures and now an attacker can access every piece of information about them. This includes their address, social security number, criminal history, and medical history. I am also skeptical about the world in which average people will be expected to take care of this type of data. They are supposed to act as the source of truth, not their doctor or the local council. I’m a software engineer and computer nerd, and I don’t trust myself to self-custody this data.

A photo of a person holding a metal plate with 24 words stamped into it in all capitals.

A homemade metal record of a seed phrase from r/Bitcoin

If I was suddenly given the task of doing this, I would implement a complex and expensive system of backups. I know that there is no way to recover from a catastrophic loss if I am the source for truth on information that is essential for me to be able participate in society. Outsiders would think I was crazy, because I would likely become one of those crypto-people who hammer their keys into steel blocks and then bury them in my backyard.

This is not a reasonable thing for me, a technologically-savvy software engineer who can afford a spare hard drive, to have to do. This is not something anyone should have to do.


Let me be clear. I believe people should have greater control over the data they give and to whom. People should have a better understanding of what data companies store and how they are using it. They should also be able request that it be deleted. It is important to protect sensitive data with strict restrictions on access and sharing. Unauthorized sharing or selling of user data should result in severe penalties.

But as developers, companies and “blockchain visionaries”, seek to avoid centralization and trust in institutions and the state, it seems like their definition of “acceptable” when they refer to “acceptably nondystopian projects is very different than mine.

Acknowledgements

This blog post refers the following writings or podcast episodes:

Notes

Disclosures for my work and writing pertaining to cryptocurrencies and web3 can be found here.

Read More

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published.

Tech

FIFA 23 lets you turn off commentary pointing out how bad you are

Published

on

By

FIFA 23 lets you turn off commentary pointing out how bad you are
A player shouldering the ball



(Image credit: EA)

FIFA 23 might be the best game soccer game yet for terrible sports fans, as it lets you turn off commentary that criticizes your bad playing.

Now that the early access FIFA 23 release time has passed, EA Play and Xbox Game Pass Ultimate subscribers can hop into the game ahead of its full release. But as Eurogamer (opens in new tab) spotted, they’ll find a peculiar option waiting for them.

FIFA 23 includes a toggle to turn off ‘Critical Commentary’. The setting lets you silence all negative in-match comments made about your technique, so you can protect your precious ego even when you miss an open goal or commit an obvious foul. The more positive commentary won’t be affected. 

Spare your feelings

A player dribbling the ball in FIFA 23

(Image credit: EA)

The feature looks tailored toward children and new players, who don’t want to have their confidence wrecked within mere minutes of picking up the controller. But even experienced players who just so happen to be terrible at the game might benefit.

It’s not perfect, though. According to Eurogamer, the feature didn’t seem to work during a FIFA Ultimate Team Division Rivals match, with critical comments slipping through the filter. Still, who hasn’t benefited from a light grilling every now and then?

Polite commentary isn’t the only new addition in FIFA 23. It’s the first game in the series to include women’s club football teams, and fancy overhauled animations that take advantage of the PS5 and Xbox Series X|S’s new-gen hardware. EA will be hoping to end on a high, as FIFA 23 will be the last of its soccer games to release with the official FIFA licence.

If disabling critical commentary doesn’t improve your soccer skills, maybe building a squad of Marvel superheroes will. Although you might not do much better with Ted Lasso wandering the pitch.

FIFA 23 is set to fully release this Friday, September 30.

Callum is TechRadar Gaming’s News Writer. You’ll find him whipping up stories about all the latest happenings in the gaming world, as well as penning the odd feature and review. Before coming to TechRadar, he wrote freelance for various sites, including Clash, The Telegraph, and Gamesindustry.biz, and worked as a Staff Writer at Wargamer. Strategy games and RPGs are his bread and butter, but he’ll eat anything that spins a captivating narrative. He also loves tabletop games, and will happily chew your ear off about TTRPGs and board games. 

Read More

Continue Reading

Tech

Google Pixel 7 price leak suggests Google is totally out of touch

Published

on

By

Google Pixel 7 price leak suggests Google is totally out of touch
The backs of the Pixel 7 and the Pixel 7 Pro



(Image credit: Google)

We’re starting to hear more and more Google Pixel 7 leaks, with the launch of the phone just a week away, but tech fans might be getting a lot of déjà vu, with the leaks all listing near-identical specs to what we heard about the Pixel 6 a year ago.

It sounds like the new phones – a successor to the Pixel 6 Pro is also expected – could be very similar to their 2021 predecessors. And a new price leak has suggested that the phones’ costs could be the same too, as a Twitter user spotted the Pixel 7 briefly listed on Amazon (before being promptly taken down, of course).

Google pixel 7 on Amazon US. $599.99.It is still showing up in search cache but the listing gives an error if you click on it. We have the B0 number to keep track of though!#teampixel pic.twitter.com/w5Z09D28YESeptember 27, 2022

See more

According to these listings, the Pixel 7 will cost $599 while the Pixel 7 Pro will cost $899, both of which are identical to the Pixel 6 and Pixel 6 Pro starting prices. The leak doesn’t include any other region prices, but in the UK the current models cost £599 and £849, while in Australia they went for AU$999 and AU$1,299.

So it sounds like Google is planning on retaining the same prices for its new phones as it sold the old ones for, a move which doesn’t make much sense.


Analysis: same price, new world

Google’s choice to keep the same price points is a little curious when you consider that the specs leaks suggest these phones are virtually unchanged from their predecessors. You’re buying year-old tech for the same price as before.

Do bear in mind that the price of tech generally lowers over time, so you can readily pick up a cheaper Pixel 6 or 6 Pro right now, and after the launch of the new ones, the older models will very likely get even cheaper.

But there’s another key factor to consider in the price: $599 might be the same number in 2022 as it was in 2021, but with the changing global climate, like wars and flailing currencies and cost of living crises, it’s a very different amount of money.

Some people just won’t be willing to shell out the amount this year, that they may have been able to last year. But this speaks to a wider issue in consumer tech.

Google isn’t the only tech company to completely neglect the challenging global climate when pricing its gadgets: Samsung is still releasing super-pricey folding phones, and the iPhone 14 is, for some incomprehensible reason, even pricier than the iPhone 13 in some regions. 

Too few brands are actually catering to the tough economic times many are facing right now, with companies increasing the price of their premium offerings to counter rising costs, instead of just designing more affordable alternatives to flagships.

These high and rising prices suggest that companies are totally out of touch with their buyers, and don’t understand the economic hardship troubling many.

We’ll have to reach a breaking point sooner or later, either with brands finally clueing into the fact that they need to release cheaper phones, or with customers voting with their wallets by sticking to second-hand or refurbished devices. But until then, you can buy the best cheap phones to show that cost is important to you.

Tom’s role in the TechRadar team is to specialize in phones and tablets, but he also takes on other tech like electric scooters, smartwatches, fitness, mobile gaming and more. He is based in London, UK.

He graduated in American Literature and Creative Writing from the University of East Anglia. Prior to working in TechRadar freelanced in tech, gaming and entertainment, and also spent many years working as a mixologist. Outside of TechRadar he works in film as a screenwriter, director and producer.

Read More

Continue Reading

Tech

DisplayMate awards the “Best Smartphone Display” title to the iPhone 14 Pro Max

Published

on

By

DisplayMate awards the “Best Smartphone Display” title to the iPhone 14 Pro Max

, , , , , ,

search relation.

, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

 

Read More

Continue Reading

Trending

Copyright © 2022 Xanatan