The Future and History of Decentralized Identity
Think of the components of your online identity: you have an email address, Twitter handle, avatar, your usernames on forums, and profiles on every service you’ve ever signed up for. Your identity is scattered far and wide; fragmented yet centralized.
Offline, you have a national ID and documentation that’s relatively secure in so far as it’s in the best interests of your nation to ensure an accurate log of your activity is kept. In the online world, however, identity is in the hands of a few superpowers.
Most people rely on Gmail as their universal identifier, Twitter for a social moniker, etc.. And none of these are actually owned by you. Ultimately, they’re records on other people’s databases, and they’re siloed to the service you signed up for.
Your web2 email addresses, usernames and domains are controlled by a central authority. This is a history of how we’ve taken that control back into our own hands.
While crypto culture enables and welcomes anons, the drive to have an identity – psuedononymous or not – is just as strong in web2. Or, since identity is finally self-sovereign and interoperable, maybe the drive is stronger than ever.
Name services for blockchains like Ethereum, Solana are seeing wider adoption and recognition, along with NFT profile pictures. As we’ll look at in this article, Arweave is quickly developing and proving out its identity layer, too.
The whole movement signifies a new age of identity that couldn’t exist without cryptographic verification. It’s the base social layer of web3, and the same way that we use our wallets to login to dApps, we will use NFTs owned by those wallets – like usernames and avatars – to identity ourselves on web3 platforms.
Let’s look at the history of decentralized identity, from the foundational layers up to how it applies to Arweave, with a special preview into some of the new waves being made on the permaweb.
Zooko’s Triangle (2001)
Zooko’s Triangle is a trilemma which states it is impossible for network participant names to be human-meaningful, decentralized and secure all at once.
“…you cannot have a namespace which has all three of: distributed (in the sense that there is no central authority which can control the namespace, which is the same as saying that the namespace spans trust boundaries), secure (in the sense that name lookups cannot be forced to return incorrect values by an attacker, where the definition of “incorrect” is determined by some universal policy of name ownership), and having human-usable keys.”
For example, DNS is human-meaningful and secure (example.org), but relies on a centralized authority. Bitcoin addresses are secure and decentralized, but in no way human-meaningful.
Proposed in 2001, the theory has since actually proven to be false – and it was the blockchain and its identity layers that refuted it.
Sybil attack / pseudospoofing (2002)
Microsoft researcher John R. Douceur published a paper entitled The Sybil Attack in 2002’s Peer-to-peer systems journal. In it, he outlined a novel threat to distributed networks where one bad actor with multiple identities can “control a substantial fraction of the system, thereby undermining redundancy”. The paper argued that a distributed system has no way to protect against this attack since there is no centralized authority which can label accounts as fake.
“…when the local entity selects a subset of identities to deduntantly perform a remote operation, it can be duped into selecting a single remote entity multiple times”
This basically describes the 51% attack threat to a blockchain network, and is a good preface for why verifiable identity might be desirable. Proof of work, proof of stake, and other consensus algorithms disincentivize Sybil attacks and make it more desirable to mine honestly.
A discussion on the Bitcoin IRC channel in 2010 led to a proposal on BitcoinTalk to enable Bitcoin-based domain names tied to wallet addresses. Satoshi weighed in on the following commentary with an idea to run this name system – BitDNS – on a parallel chain:
“I think it would be possible for BitDNS to be a completely separate network and separate block chain, yet share CPU power with Bitcoin. […] While you are generating bitcoins, why not also get free domain names for the same work? If you currently generate 50 BTC per week, now you could get 50 BTC and some domain names too.”
While BitDNS never saw widespread adoption and ultimately became a failing altchain, it did provide the basis for Namecoin – the next step towards decentralized identity.
Originally a Bitcoin fork and able to be mined simultaneously by Bitcoin miners, Namecoin sought to bring .bit domains to the world as censorship-resistant TLDs. While a 2015 study found that 120,000 Namecoin domains were registered, a mere 28 were in use.
This could be due to .bit domains not being sanctioned by ICANN, and OpenNIC passing a vote to drop .bit support, titled “Due to numerous problems with support of NameCoin domains, along with their recent article blasting OpenNIC for supporting the .bit TLD, should we the members of OpenNIC continue to provide peering with the NameCoin group or resolve .bit domain names?”.
It seems both technological underpinnings and personality clashes were to blame for .bit ultimately becoming a failed attempt to provide decentralized identity for the blockchain.
The Ethereum Whitepaper Proposes a decentralized naming service (2013)
In the Ethereum Whitepaper, Vitalik Buterin proposed an expansion to Bitcoin’s BitDNS/Namecoin functionality, giving an example snippet of a smart contract that could track registering and transferring a name. He called it a potential “identity and reputation system”,
Anyone can register a name with some value, and that registration then sticks forever. A more sophisticated name registration contract will also have a “function clause” allowing other contracts to query it, as well as a mechanism for the “owner” (ie. the first registerer) of a name to change the data or transfer ownership. One can even add reputation and web-of-trust functionality on top.
By early 2017, the first version of Ethereum Name Service (ENS), was successfully launched with support for .eth names over seven characters in length – the sole function of these names was as a proxy for wallet addresses, to make them more readable and user-friendly.
The “Gold Rush” (2017)
With much media hype, the launch of ENS went mainstream in May 2017. At the time, ENS domain name auctions were ran by Codetract.io, and popular names went for thousands of ETH each. The name exchange.eth was won for upwards of 6,000 ETH, and other desirable handles also saw huge sales.
Just days after the launch, the total amount of ETH bid on ENS domains exceeded 105,000.
ENS funded by Ethereum Foundation; more features built (2018-2019)
An announcement on the ENS Medium account in June of 2018 revealed that the Ethereum Foundation funded ENS in a $1,000,000 grant. ENS responded by incorporating a separate organization and making a round of new hires for everything from Solidity development to UX design.
Most importantly, ENS announced an essential roadmap item to integrate DNS into .eth domains.
“Once mainnet launch is complete, we anticipate expanding this to cover many more top level domains shortly thereafter. This will make it possible for owners of most internet domain names to claim the DNS names they own inside ENS.”
This integration was completed in August of 2021, enabling ENS domains to point to web servers and for websites to receive ETH payments.
We're pleased to announce full DNS namespace integration to ENS is now live on mainnet! 🍾🍾
This enables a DNS domain owner to import it for use on ENS.
Those following ENS know this has been a long time in the making. 💪
Blog or 🧵 below for more:https://t.co/OKE8UwgaNu
— Ethereum Name Service | ens.eth (@ensdomains) August 26, 2021
In June 2021, Bonfida launched the Solana Name Service which enabled minting for .sol domains both as a way to proxy Solana wallet addresses and direct to websites, like traditional domain names.
From the Solana blog:
“The aim of this decentralised naming service, is to help with censorship resistance, so that no person, company policy or government can block, ban or delete you. When you pair this up with decentralised backend hosting like Arweave or IPFS you will reach 100% censorship resistant and laser beams will shine out of your eyes. 🙂”
Solana domains went to auction for a minimum of $20 USDC, and featured an integration with Twitter to make it easy for users to mint their usual handles.
.@solana domain names (.sol) are live 👇
— Bonfida (@bonfida) June 22, 2021
In-development Arweave naming services (2021)
Arweave is the ideal home for permanent NFTs, and permanent identities are no different. While Ethereum is a few years ahead, the concepts from ENS and the teachings we’ve shared from the past two decades have helped towards Arweave building its own sovereign identity system.
In the Arweave ecosystem, we have two in-progress naming systems – one from Glass and one from decent.land. Glass’ didar is a way to submit a transaction to Arweave which commits addresses and their aliases to the blockweave. For example:
Beyond this, decent.land is developing ANS – Arweave Name Services – which will allow anyone with an Arweave wallet to mint a universal Arweave username for use with Arweave dApps.
Right now it’s possible to mint an ANS identity using smart contract interactions, but sources from the decent.land team tell us that a user-friendly form will be released soon, and a way to link these domains to txids of Arweave-hosted websites will follow.
Follow @decentdotland for updates on the development of ANS.