Decentralized Identity Trilemma

By maciek

Identity remains an unsolved problem for decentralized networks. None of the existing solutions are privacy-preserving, Sybil-resistant and self-sovereign at the same time.

  1. Self-sovereignty — anybody can create and control as many identities as they wish without 3rd party involvement.
  2. Privacy-preserving — one can acquire and utilize an identifier without revealing their ‘real name’ or any other personality identifying information in the process.
  3. Sybil-resistant — identity is subject to scarcity; i.e. creating more identifiers cannot be used to manipulate a system.

There were many attempts at creating a self-sovereign identity. I am not aware of any design that fulfills all three criteria.

A common approach is nesting an identity in the existing infrastructure, e.g. nation state-issued identity cards. The user goes through a KYC process and proves his or her existence . This serves as a source of scarcity.

This solution is Sybil-resistant, but it violates the requirement for the preservation of privacy and self-sovereignty. Proof-of-Authority shares this flaw.

Another approach assumes providing a Proof-of-a-Unique-Human. This methodology can, in theory, be independent of centralized 3rd parties. The identity is derived from a unique feature of the human body — its biometrics. The peer-to-peer process of human-driven checks is designed to ensure the correctness of provided information.

It is questionable whether this system can be secure. However, if this assumption is granted, it still falls shorts of the self-sovereignty and privacy-preservation requirements. It assumes a single identifier issued to each person and needs a verification process.

Finally, there are solutions utilizing Web-of-Trust (WoT) approach. In this scheme, anybody can create and control an identity. Anybody can also become an issuer of an identity. Its validity is defined through the network of connections with other identities.

There is no source of scarcity here. This makes it susceptible to Sybil attacks.

The trilemma exists because we do not have a decentralized source of scarcity for human capital.

A potential solution could be derived from a decentralized organization system. In this case, the scarcity stems from the value of the organization itself and can be attributed to each contributor. Contributors can serve as attributes for an identity.

However, for this to serve as a basis for a universal identity system, these organizations would have to first become massively popular. Even when expanded through WoT. 

Another approach could be based on a social graph of personal cryptocurrencies. It is a similar idea to WoT. However, the value of social connections gets priced because each connection offers upside, but also carries the risk for both sides.

This idea is highly experimental and is yet to be tested. There are open questions whether it would be possible to fulfill the privacy requirement with this approach. Even if it this concern could be resolved, it’s a partial solution at best — it prices in trust between actors, but not their expertise or contributions.

A universal design would be possible if there was a source of scarcity available as an objective metric. Proof of Work introduced an abstraction of financial capital in the form of an objective metric.

A missing piece is a similar metric providing an abstraction of human capital.

Thanks for reading an early draft and/or providing feedback to Trent McConaghy, Remco Bloemen, Joe Andrieu, Phil Windley, Jack du Rose, Balázs Némethi

This essay was also published on Twitter as a tweetstorm.