introduce
The internet was created without a native authentication layer for people. As a result, the issue of digital identity is brought into the category of websites and applications. This approach may have worked in the early days of the internet, but with billions of people online now, the downsides are becoming more apparent. Usernames and passwords still dominate, although this has been repeatedly proven to be an insecure model. The average person has to repeat between 70 and 80 passwords, resulting in a significantly poorer user experience. After all, multi-million dollar businesses are built around helping businesses and individuals manage their decentralized accounts and passwords, like Okta, 1Password, and Dashlane. Most importantly, users don't actually own their online identities. Quite the contrary, it is rented from entities such as corporations. As such, they are vulnerable to the risk of their digital identities being hacked, manipulated, or completely lost.
The emergence of Web3 has re-emphasized this problem. Although Decentralized Identity (DID) is a largely overlooked topic compared to DeFi, NFTs and DAOs, we see it as a key technical foundation to support native Web3 applications. If we create a flexible, resilient authentication layer that opens up a wider design space, we can take great strides toward innovation.
In this report, we introduce key DID concepts and the current DID ecosystem, and delve into quality projects that are at the forefront of building the foundations of Web3 identity.
Decentralized Identity (DID)
The W3C's DID specification is a widely accepted standard that ensures that identity systems can interoperate across different networks and platforms.
An overview of the DID architecture is shown below. A DID is an address on the Internet that someone can directly own and control. It can be used to find and connect DID documents, which contain DID related information. DID documents contain information that can support use cases such as login, data encryption, communications, etc. And cryptographic proofs, such as digital signatures, allow the relevant entity to claim property rights.
Basic Components of the DID Architecture
In summary, DID acts as an identity hub. With user control, they can decide when, with whom, and under what conditions to reveal parts of their digital identity. With the widespread adoption of the DID standard, individuals will not be confined to a single ecology, or confined to small circles.
DID provides users with control, security, privacy and portability
The application of DID in new fields
In the real world, identity is an integral part of how well a society can function. Passports help governments identify citizens, driver's licenses allow citizens to legally hit the road, college degrees represent qualifications, and more.
Likewise, DID will facilitate higher-value Internet economic activity. Below, we highlight some of the current Web3 pain points that DID can address.
NFTs - Identity and Authenticity
The problem of scams and plagiarism also plagues artists or creators. For example, digital artist Derek Laufman, the designer of Marvel superhero stories, saw his work being auctioned on NFT platform Rarible without his knowledge. Stories like this are common.
NFT fraud plagues artists
And DID infrastructure can solve this problem. Applications can be built on DIDs to allow creators to prove that this NFT was created by them. Buyers and sellers will also be able to verify the provenance of digital artwork. DIDs can also strengthen the bond between artists and the community, such as limiting NFT ownership to community members to limit scalper speculation, or providing exclusive NFT content to specific holders.
More broadly, NFTs can serve as an anchor for decentralized identities. Some users now show themselves not only through usernames, but also the image of NFTs. For example, Manifold co-founder @richerd said he once turned down a $9.5 million cypherpunk NFT offer because he saw cypherpunks as his identity and brand.
NFTs as online identities
Unlocking the next phase of DeFi
Collateralized lending has been the backbone of DeFi growth so far. But because crypto-financial protocols are designed to be completely trustless and permissionless, they often require over-collateralization. For example, ETH loans on MakerDAO require a collateralization ratio between 130-170%. This has fueled growth in DeFi last year, but collateral requirements will limit most cryptocurrency traders looking to take advantage of leverage. For most people, the reason they want to borrow money is that they don't have the money they need.
Reducing or completely removing collateralization requirements is key to bringing DeFi to mass adoption. The DID layer can score “on-chain” credit, providing users with credit-based loans. In addition, because users directly control their own credit scores, they can better monitor and adjust their own lending behavior. Therefore, DIDs provide an opportunity to further democratize the decentralized financial system.
Additionally, providing a strong authentication layer for financial applications can solve other current problems in DeFi, such as:
- Improve the fair distribution of token airdrops by authenticating actual members to reduce the likelihood of bot dilution of airdrop events.
- Restrict access to DeFi pools using DIDs to reduce spam/sybil attacks.
- Directing trusted actors to behave in a positive-sum game, guiding users through the dark forest of Ethereum.
Decentralized Autonomous Organizations (DAOs)
DAOs typically use token-based governance for voting, governance, or prioritization. This usually makes sense - large token holders have the heaviest stake in the game - but it can preclude or de-prioritize active contributors who don't have a lot of capital. While members can build their reputation within the DAO, they may need to build it from scratch in a new environment.
DIDs can maintain a user's reputation across multiple DAOs. Porting credentials from one DAO to another avoids the pointless consumption of active contributors from scratch. In addition, in other Web3 application directions, such as participating in Gitcoin, publishing to Mirror, or contributing code to Radicle, it can further help DAO find qualified contributors and participants.
DID Ecosystem
The DID ecosystem can be divided into multiple layers, each of which is built on top of the underlying protocol. We leveraged and slightly modified DIF's 4-layer identity model to reflect current DID projects by their main focus, but it should be noted that this is a simplified model and most projects are more sophisticated than this.
Layered Decentralized Identity Ecosystem
Tier 1: Identifiers and Standards
Standards, identifiers, and namespaces create a common layer of trust, ensuring standardization, portability, and interoperability. They also allow the network to register and manage DID methods, providing developers and users with the rules for the network's ID system.
The Decentralized Identity Foundation (DIF) is a key player in this layer and the cornerstone of the ecosystem. It acts as a hub for developing, discussing and managing activities for the creation of the DID stack and for maintaining an interoperable and open ecosystem.
Tier 2: Infrastructure
The infrastructure and proxy framework allow direct interaction between applications and verifiable data registries. These solutions include communication, storage and key management. We list Ceramic and ENS as leading projects for building DID infrastructure (although the classification of ENS may be controversial, we place it at the infrastructure layer, as we anticipate building credentials and applications on top of ENS in the future).
Tier 3: Credentials
Credentials must be managed, updated and exchanged. This layer is designed to address how DIDs coordinate control proofs and authentication, including securely passing data between different identities.
BrightID is a well-known project in this field. It's a social identity network with over 30,000 users that allows people to prove to the app that they're not using multiple accounts, minimizing the chances of a sybil attack.
Vitalik Buterin on potential applications of BrightID
Layer 4: Applications, Wallets and Products
This layer is probably the most familiar to readers and is designed to provide consumers with real use value. Some projects, like Goldfinch (unsecured loans), use proprietary unique entity verification methods, but still want to leverage DID solutions when they mature. In contrast, other applications have leveraged existing DID technology, such as TrueFi (unsecured loans with on-chain credit scores), Gitcoin (funding for public goods), and Ethsign (decentralized electronic agreements).
Layer X: Landscape
These projects largely transcend any single dimension and have an impact on multiple levels. For example, Europe's GDPR data protection laws have implications for all areas in this system.
Token Valuation in the DID Ecosystem
Select DID item
Ethereum Name Service - Ethereum's Public Archives
The Ethereum Name Service (ENS) is an underlying tool that converts any Ethereum address into a public configuration file. Its main job is to map human-readable names into machine-readable states. Instead of using a long list of addresses that the human brain can't remember, you can use amberfin.eth for transactions. And because of the layered nature of ENS, anyone who owns the domain may also own subdomains. For example, because Amber Group owns "amberfin.eth", it can also create "pay.amberfin.eth".
ENS records for Amber Group
Users of ENS continue to grow. Full DNS integration with ENS launched this August, so you can send cryptocurrencies to "example.com" instead of "example.eth". Additionally, .eth domains can also be used to build decentralized websites. For example, Ethereum co-founder Vitalik Buterin leveraged this DNS integration along with IPFS to create a robust and censorship-resistant website at https://vitalik.eth/ .
ENS may play a key role in the future of decentralized identity. It is registered as a DID representation, allowing ENS names to be wrapped as DIDs to facilitate interoperability. Many Web3 users already use ENS as their identifier. A survey of about 300 Ethereum users found that about 64% already own ENS, and on-chain analysis shows that ENS users own an average of 2.5 domains. With the introduction of other features (such as NFT avatar support) and the increasing adoption of ENS by dApps, it is likely that Web3 users will increasingly use ENS as their status symbol on Ethereum.
ENS name on Uniswap
ENS Ecosystem
On November 2, ENS announced that it will complete decentralized governance by accepting applications from DAO members and airdropping $ENS governance tokens. Airdrops account for 25% of the total maximum supply; the balance will go to the community treasury and contributors. This distribution basically gives half of the tokens to the past (previous contributors and users) and half to the future (community treasury).
ENS token distribution
$ENS token holders only have DAO governance rights and will not receive additional benefits. Uniquely, $ENS token holders must sign the ENS Constitution, which emphasizes key principles—such as enforcing property rights, avoiding rent-seeking behavior, and integrating with global namespaces—before claiming their tokens. So the most exciting aspect of the $ENS token is that it is a great experiment in how markets price digital public goods.
ENS has generated nearly $20 million in revenue, mostly from the registration of new domain names, which will go into the DAO treasury.
ENS monthly income
ENS also saw an increase in revenue per transaction, suggesting that users are registering their domains longer, securing higher-value domains (i.e. shorter names), or both.
ENS revenue per transaction
After hitting an intraday high of around $8.4 billion, ENS's fully diluted market capitalization is now at $4.2 billion, implying a trailing 12-month price-to-earnings ratio of 236.
ENS market cap (fully diluted)
Metamask - the gateway to blockchain applications
In a new technology paradigm, the solutions that users interact with the most often have a huge impact on the future development of the industry. Similar to how browsers are a battleground for Web1 (Netscape, Internet Explorer, Google Chrome) and Web2 applications (Facebook, Instagram, Netflix, Spotify), wallets are likely to be a battleground for Web3.
If you've ever interacted with a Web3 application, chances are you've used Metamask. Launched by ConsenSys in 2016, it is a non-custodial cryptocurrency wallet that allows users to interact with the Ethereum blockchain and any Ethereum-compatible network (e.g. Polygon, Arbitrum, Avalanche).
Although not strictly focused on decentralized identity, Metamask is an application that more than 21 million monthly active users access to their Ethereum addresses. Parallel to the Web2 single sign-on (SSO) option, "Login with Metamask" is provided by almost all EVM-compatible Web3 applications.
Sign up and login options for Augur (left) and OpenSea (right)
Metamask shows what a broader DID solution might look like and highlights both the permissiveness and danger of self-sovereignty. Because Metamask users own their private keys, they truly own the assets in the wallet. No need to trust a third party for security and custody. Additionally, users can move assets from one application to another. For example, NFTs purchased on SuperRare can be easily sold on OpenSea, limiting platform lock-in and providing liquidity. Arguably, the customer experience has also improved – users don’t need to deal with complicated registration procedures and manage multiple usernames and passwords, just connect their Metamask wallet to try out new applications.
Import accounts into Metamask
However, hacks and scams abound. Web3 users must be highly vigilant about the security of their wallets so as not to lose control of all their assets. Even just losing a wallet's seed phrase can lead to permanent loss of funds. Therefore, some users may still prefer to delegate account security and management to escrow.
Metamask is expected to gradually transition to decentralized governance. ConsenSys founder Joseph Lubin recently stated that Metamask will launch a token in the near future. Erik Marks, a senior software engineer at Metamask, said that while the team hopes the direction of usage of the Metamask token will be attractive, the project is “completely open to the idea of making the project community-owned.” Some speculate that if Metamask does perform the airdrop, users who have used the Metamask swap feature will predominate.
Consensys CEO on Metamask Token Launch
Metamask primarily monetizes by embedding a swap function (swap), which aggregates data from decentralized exchange aggregators, market makers, and DEXs, and adds a 0.85% swap fee on top of that. Adoption of the swap feature has grown significantly since the beginning of the year — Metamask earned around $40 million in swap fees from its swaps last month.
Metamask Swap Daily Volume and DAUs on Ethereum L1
In fact, the revenue growth of the Metamask swap function significantly outpaced the revenue growth of Sushiswap and Curve.
Metamask revenue relative to DeFi protocol revenue
Uniswap and the Ethereum DEX and DEX aggregator 1inch, respectively, make up the bulk of Metamask’s liquidity sources.
Source of liquidity for Metamask Swap
There is a wide range of potential valuations for Metamask tokens. Equity valuations are not directly comparable, but ConsenSys’ recent equity funding round ($200 million at a valuation of $320 million) can give a rough estimate of the value of Metamask tokens (AXS tokens when Sky Mavis raised equity at a $3 billion valuation) worth about $4 to $5 billion). Valuations range from $1.05 billion to $2.1 billion at $500 to $1,000 per MAU.
Valuation against ConsenSys
Ceramic
Ceramic is a public, decentralized data network for managing dynamic and variable information on the Internet. It enables developers to build applications without databases or servers through Ceramic streams.
On Ceramic, each piece of information is represented as a commit log, called a stream. Each stream is a directed acyclic graph (DAG) stored in IPLD with an immutable name of StreamID and a verifiable state of StreamState. Streams are conceptually similar to Git trees, and each stream can be thought of as its own blockchain, ledger, or event log. Tile Documents are a Ceramic StreamType often used as identity data (e.g. profiles, social graphs, linked social accounts), user-generated content (e.g. blog posts, social media), DID documents, etc.
The protocol is not tied to any particular blockchain. Instead, it can be conceptualized as a "document chain", where validating the state of a particular document only requires the user to synchronize the document's data. Users do not need to synchronize the entire network state like most blockchain networks (Bitcoin, Ethereum).
A key tool for Ceramic is IDX, a cross-chain identity protocol that provides a unified repository where all applications can register and discover data associated with a user's DID. It can be thought of as a decentralized user table. As such, IDX allows users to control their identities and data without locking down any single application, and to easily secure and port their data across applications. At the same time, it allows developers to build data-rich applications without forcing users to recreate the same data on each application.
Ceramic is key in the DID technology stack. Some of the projects built on the Ceramic network that already have traction and market fit include:
- Boardroom: DAO's governance management platform that uses Ceramic's platform to store proposals.
- Rabbithole: An app that encourages people to use Web3 projects by allowing them to earn points and cryptocurrency. Rabbithole uses Ceramic's network to link multiple Web2 and Web3 accounts into a unified cross-chain DID and allow a user's reputation to span other Web3 applications.
- ArcX: A decentralized application that provides on-chain credit scoring and identity by issuing "DeFi passports".
in conclusion
The Internet may be the most important invention of this century. Over the past two decades, it has changed the fundamental nature of social information flow: media, politics, news, education, social interaction, and more. However, even as economic activity increasingly moves from atoms to bytes, our online identities still lack true ownership, which only works within platforms.
As the value of the Internet emerges, we need robust DID solutions to introduce new use cases to make Web3 mainstream. We are still in the early stages, but the future is bright. And because of the composability and interoperability of DID standards, the energy brought by each new application has a ripple effect. We expect DID solutions to quickly enter the public eye in the next few years and start the next cycle of Web3 applications.
Appendix I: A Beginner's Guide to ENS
First, connect your wallet to the ENS app.
Search for the domain name you want to register. The price of an ENS domain name varies by length - the shorter the domain name, the higher the price. You can sign up for multiple years if available. Each registration and renewal will cost a gas fee, so it is most cost-effective to sign up for at least a few years. Click "Request Registration", wait a minute, and complete the registration to secure your ENS domain.
Go to "My Account" to set up reverse recording. There can only be one master ENS name per Ethereum address. After that, your .eth address can be referenced by any party with whom you are transacting.