Share this page!

Fraser Edwards Profile picture
Twitter logo
May 25 17 tweets 8 min read
1/ Soul Bound Tokens (SBTs): verifiable credentials with better branding (?) but much worse privacy behaviour

Strange to see this from @VitalikButerin given he co-authored a paper which forms a component of self-sovereign identity (SSI):
danubetech.com/download/dpki.…
2/ Let’s first take some of the use-cases in the paper:

- University degrees: Already done using VCs by @IdentityRamp
- Certifications: being rolled out for doctors by @truu_id, @CondatisUK & @evernym amongst others

Not soon to come, either done or being productionised Image
3/ Or another:

Issuing credentials to attendees of a conference. This was done around 4 years ago by @esatus_SOWL, @trinsic_id amongst others at #InternetIdentityWorkshop Image
4/ Starting the paper, we’re only on page 2 when we hit privacy issues with building something net-new for problems which have already been solved. I would argue there is nothing about me I would feel comfortable writing onto an immutable-ledger. Image
5/ I would instead argue that the default should be privacy unless disclosure is desired. Even then, not onto an immutable ledger. The thinking behind SBTs appears to be the reverse.

Let’s take the potential to hash data onto the ledger. Image
6/ Written by the European Parliament Research Service in 2019, the following still stands (page II).

europarl.europa.eu/RegData/etudes… Image
7/ Key except on Page 30:

“the mere use of a hash function will not automatically transform personal data into anonymous data“

The #SSI community moved away from this direction around 5 years ago for exactly this reason.
8/ Writing personal data to the ledger is typically driven by trying to increase the throughput on the network and hence the fees that can be captured via gas rather than optimising for the system as a whole, i.e. privacy and high throughput.
9/ When SBTs are compared against VCs, good work is seemingly thrown away despite the ability of the technology to extend to solve the issues levelled at it:

- Community recovery paradigm
- VCs being optimised for unilateral privacy

Let’s take these one by one. Image
10/ Community recovery paradigm.

Using VCs, this can be achieved using Shamir Secret Sharing where a key is split into parts with a threshold of the parts needed for recover:
en.wikipedia.org/wiki/Shamir%27…
11/ For DeSoc it may be desirable to have a community recovery mechanism. For most people however, a more typical account recovery mechanism is perfectly fine (assuming it is appropriately secure).
12/ VCs being optimised for unilateral privacy.

This is a bit more interesting but could be achieved by agents which interact with multiple wallets or accounts.

Definition of #SSI agents available here:
freecontent.manning.com/the-basic-buil… Image
13/ The reality is most use-cases have unilateral privacy models, e.g. decentralised lending, it is the users decision on what they publicise. Whilst the counterpart or protocol may request information, it is entirely the person’s decision to agree and reveal that information.
14/ Wrapping this up, SBTs seem to be coming from the opposite privacy paradigm from #SSI which could have some dangerous unintended consequences:

- DeSoc being public-by-default in terms of philosophy
- As a result, publishing data on-ledger in public for better or for worse
16/ P.S. What throws me is the lack of depth in analysing alternatives before rejecting them and going net-new. Solved or solvable issues are treated as terminal which makes me think the solution came before the problem.

If there is a more detailed analysis, I’d love to see it!
17/ Stream of consciousness, maybe the problem was “What token concept will drive the next bull market”?
Hey @iamjasonlevin, @tweezers0xffff wanted to tag you both since I made such heavy use of your tweets (thanks for the breakdown!). Would love to know your thoughts / feedback on anything I'm missing (maybe the whole thing?).

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Fraser Edwards

Fraser Edwards Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @fraser_again

Fraser Edwards Profile picture
Jun 11
#web5 is a genius marketing move to capture #SEO for what is mostly self sovereign identity #SSI but the key part is, it's the basis for #decentralised #twitter which we saw the first hints of at internet identity workshop #IIW

Some more thoughts👇

1/ First up, this is exactly the publicity that #SSI has been missing for global adoption!

There has been a great and growing community beavering away on this for years but the dam is finally breaking on awareness and adoption.
2/ @blocks' #web5 project is being built by longstanding leaders in this community like @csuwildcat.

They're also members of both Chain Agnostic Standards Alliance and @DecentralizedID (as is @cheqd_io). This means it's going to be built in the right way

github.com/ChainAgnostic/…
Read 14 tweets
Fraser Edwards Profile picture
Feb 8
A prime example of the #internet missing a functional “identity layer”

In this case, resulting in a toothless policy publicised on #internetsafetyday

🧵👇
1/ A previous version of this was proposed in 2019 and subsequently dropped as unworkable.

theguardian.com/culture/2019/o…
2/ Little has changed since then and if this statement in the BBC article is true, then these measures will likely be meaningless.
Read 12 tweets
Fraser Edwards Profile picture
Jan 21
What connects @Apple #Airtags, @ethereum (#Ethereum) naming service (#ENS) and identity using #NFTs?

🧵👇
1/ The law of unintended consequences, specifically unintended tracking.

Read on for the parallels and contrasts
en.wikipedia.org/wiki/Unintende…
2/ Whilst #airtags were designed to track "things" they certainly weren't designed to stalk people as they are.
bbc.co.uk/news/technolog…
Read 9 tweets
Fraser Edwards Profile picture
Jan 20
1/ 2 members of our team ( one was me) almost missed flights recently and a 3rd actually did. More airlines & airports need to adopt @IATA TravelPass which implements #SSI for aviation.

My (definitely not unique) frustrating story working back from departure (the worst bit) 👇
2/ To return to the UK I needed:
- Passport
- Passenger locator form
- Vaccine certificate
- Antigen or PCR test
Because airlines are fined for allowing people to travel who shouldn’t be, the front desk was checking the details against each other, e.g. passport numbers.
3/ Note, they weren’t checking that the documents were legitimate, just that the name and passport details matched. As if fraudsters are that useless...
Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(