Eco ID: A Decentralized and Permissionless Identity Primitive
This post summarizes the details of the Eco ID identity and reputation NFT system.
Reputation and identity systems are critical for well-functioning societies, economies, and governance mechanisms. Eco aims to be all three, and as such, it is necessary to build the foundations of reputation.
Eco ID is the first step towards Eco's answer to reputation and identity. To understand it, let's first take a step back and think about how we construct reputation and identity “offline” in the world today.
It must be understood that reputation only exists in the eye of the beholder. There is no such thing as objective, global "reputation" — rather, everyone perceives everyone else's reputation (and status, and identity — all of which we will use interchangeably with reputation) independently.
Your perception of someone else's reputation is a function of two things: first, your own experiences with them; and second, the experiences that others report with the person.
In the second category, you may interpret others' experiences with someone with varying weights. If your best, most trusted friend says something about someone else, you'll probably weigh it similarly to your own perspective. If someone you've never met and have no reason to believe is credible says something about someone else, you'd probably ignore it entirely.
This can be extended to institutions as well. If an institution you trust says something about someone, you'll probably take it seriously. If an institution you're not familiar with says something about someone, you'll probably ignore it.
As such, aiming to design a singular, universally-trusted reputation system is an impossible mission. There have been many attempts to create that type of system on-chain, and Eco's belief is that it is simply impractical and not reflective of the way we actually construct reputation and identity.
If you decompose the ideas above about reputation, you arrive at a simple model — and this model holds for both the traditional world and on-chain reputation:
- Anyone can have any perspective or data point on someone else's reputation
- Anyone can listen to whatever perspectives or data points they find credible
What the blockchain uniquely enables is a truly permissionless and decentralized identity or reputation credential that follows this model, while being fully verifiable. While traditional world reputation is permissionless and decentralized (anyone can have any perspective about anyone else), it is not easily verifiable — that is, it's not always possible to affirmatively "look up" someone's perspective about someone else without finding your way to them directly.
Eco IDs are built to follow this model. They are primitives designed to enable a fully decentralized and permissionless identity system that is simple, but maximally flexible. At its core, the Eco ID system provides a common standard for identity and reputation assessments to be attested to by verifiers, and then consumed by any parties interested in those assessments.
Eco IDs are ERC-721 NFTs that hold arbitrary data attested to by a verifier, along with the identity of the verifier. Consumers of the data in the system can choose which verifiers to listen to and what data to look for. End users request attestations from verifiers, and once granted, are able to mint a new Eco ID with that data.
Identity and reputation are built up by combining many individual data points, with optionality for others to selectively pay attention to certain ones. Eco IDs allow for the accumulation of such data points, and in doing so, provide a path to more robust on-chain identity and reputation.
Eco IDs are non-transferable NFTs that conform to the ERC-721 standard. Each NFT contains an arbitrary claim that is attested to by at least one verifier, along with a list of the verifiers who have attested to the claim. The claim can contain any piece of data an individual or collective might want associated with a public Ethereum address.
There are three types of actors in the Eco ID system, and anyone can serve as any of these actors:
- Verifiers attest on-chain to certain data points about End Users
- End Users request attestations from Verifiers
- Readers consume the attestations about End Users for their own purposes
To mint an Eco ID for a given claim, an end user must first find one verifier willing to verify the claim. Once a verifier has attested to the claim, the end user can mint a single non-transferable NFT with the claim in the “data” property of the NFT and the initial verifier in the “verifier” property of the NFT.
Once the NFT is minted, additional verifiers are able to attest to the claim, and their addresses are appended to the NFT’s readable metadata structure. The system allows for an unlimited number of verifiers.
The NFT system provides two types of attestations: revocable and non-revocable. A revocable attestation allows the verifier to revoke their attestation at any time, which may be appropriate for attestations that are ephemeral in nature, like a subscription to a service. A non-revocable attestation may not be revoked by either the holder of the NFT or the verifier, and is appropriate for claims that require immutability.
The system introduces novel economic incentives for verifiers to participate in the system by allowing both the initial verifier and additional verifiers to charge a fee for the attestation. Verifiers and end users must agree on a price for the attestation beforehand, which must be paid in ECO.
The Eco ID NFT is a primitive that will enable a fully decentralized and permissionless identity infrastructure and system. Interested parties can choose which verifiers they trust and which data to listen to. Over time, the Eco ID NFT system will allow for the accumulation of many claims and verifications, and those will lead to increasingly-complex and custom reputation and governance systems.
Linking Off-chain Identity or Status:
End users have many off-chain elements of their identity: perhaps their Discord account, or their Twitter account, or their Telegram account, or their airline loyalty status, or their skills.
To the extent that any of these things are verifiable — either, like in the case of a Twitter account, by anyone; or, like in the case of an airline status, by the issuer — the user could mint an Eco ID representing the data.
This could then be used for many purposes: for crypto projects conducting airdrops, or for assessing who should be allowed into a certain community, or giving benefits based on status elsewhere.
Readers might choose to aggregate information across multiple Eco IDs to synthesize unique “scores” or “assessments.” For example, a reader trying to determine a user's competency in DeFi might read data across a broad number of Eco IDs to create a synthesized assessment of that user’s competency. In this example, the reader might choose to listen to any Eco ID with claims involving, but not limited to:
- Miner Extractable Value competency
- Flash loan arbitrage competency
- High profile trader endorsements
- Leveraged trading competency
- DEX liquidity management competency
Once a list of “relevant Eco IDs” was identified, the reader could decide which verifiers it trusted for each claim, and calculate a compound score based on the various claims it read and verifiers it trusted. With a high enough score, the reader might even serve as a verifier and allow the end user to mint a new Eco ID attesting to that user's “DeFi Competency.”
Decentralized Subscription Verification:
A provider of a good or service, like a subscription music service or content creator, could issue a revocable attestation that a given address is subscribed to their subscription service. The attestation could be removed whenever a user failed to pay for the subscription.
This would allow service providers to gate content solely by verifying ownership of an Eco ID in the browser, removing the need for service providers to manage accounts and user data.
This would also allow for simple partnerships between service providers. Giving subscribers of one service temporary access to another service would be as simple as updating that service to accept the first service provider's attestation.
This abstraction could apply to large decentralized communities with services provided by various independent members. Instead of creating accounts for each service, a member could simply verify they are a member of that decentralized community, to access all the services provided by all members of that community.
Eco IDs provide a way for individuals to attest to skill competency for a given individual or collective. For example, assume that The Dorian Collective is an agency that provides tax help for decentralized finance arbitrageurs. Individuals who have received tax advice and services from The Dorian Collective could provide verifications to the competency of the organization.
Other arbitrageurs, interested in seeking tax assistance, could read the set of verifiers from the Eco ID for The Dorian Collective, to see if any other traders they trust recommend their services. If not, they might be hesitant to use those services.
The Dorian Collective might provide high profile traders free services in exchange for the chance to receive a verification. Potential customers or consumer advocate groups could choose to only listen to those consumers they know to be unique individuals, removing the current problem with “fake” reviews (like on Yelp or Amazon). These readers could utilize other “uniqueness” attestations, or other readers with public determinations of "uniqueness," to outsource the determination of whether someone was a unique individual or not.
Proof of Identity:
An oracle could discern the "humanity" or uniqueness of a human being behind a wallet — this could be used for Sybil prevention or non-coin-voting governance mechanisms.
This could come in many forms — you can imagine a verifier that performs KYC on users (having them upload a passport, submit a selfie, etc.) to verify their uniqueness, and then minting an Eco ID that indicates they are a unique human.
Or there could be a verifier that does the same uniqueness check, but based on an algorithm that assesses whether a newly-submitted video of a face is unique.
Or there could be a verifier that assesses whether a user is unique based on their Discord activity.
These verifiers could all have different standards for uniqueness, and a user could mint all of them. Readers could then choose which of them to consume. Perhaps for low-stakes use cases, the Discord activity would provide enough signal, but for higher-stakes ones, the KYC would be required.