Web 3 has amazed the world by creating a parallel financial system of unprecedented flexibility and creativity in less than a decade. Cryptographic and economic primitives or building blocks such as public-key cryptography, smart contracts, proof-of-work, and proof-of-stake have led to a sophisticated and open ecosystem for the expression of financial transactions.
However, the economic value with which finance trades is created by people and their relationships. Lacking primitives to represent such a social identity, Web 3 has become fundamentally dependent on the centralized Web 2 structures it seeks to overcome, and reproduces their limitations.
Glen Weyl is a researcher in the Office of the Chief Technology Officer at Microsoft and co-author of "Radical Markets." This article is adapted from "Decentralized Society: Finding Web 3's Soul," a paper he co-authored with Puja Ahluwalia Ohlhaver, a strategist at Flashbots, and Vitalik Buterin, co-inventor of Ethereum.
For example, the lack of a Web 3 native identity and reputation forces non-fungible token (NFT) artists to often rely on centralized platforms like OpenSea and Twitter (TWTR) to commit to scarcity and initial provenance, and prevents less than fully collateralized forms of lending. Distributed autonomous organizations (DAOs) attempting to move beyond simple coin voting often rely on Web 2 infrastructures such as social media profiles to resist Sybil attacks (one or a few entities pretending to be many more entities). And many Web 3 participants rely on cached wallets managed by centralized entities such as Coinbase (COIN). No wonder: decentralized key management systems are user-friendly only for the most experienced.
In our paper, we show how even small and incremental steps to represent social identity with Web 3 primitives could solve these problems and bring the ecosystem much closer to regenerating markets and their underlying human relationships in the native Web 3 context.
More promisingly, we show how native social identity in Web 3 with rich social composition capabilities could lead to major advances in broader, long-standing problems in Web 3 around wealth concentration and the vulnerability of governance to financial attack, while triggering a Cambrian explosion of innovative political, economic, and social applications. We refer to these use cases and the richer pluralistic ecosystem they enable as the "Decentralized Society" (DeSoc).
Soul-bound tokens
Our key primitive product is accounts that hold publicly visible, non-transferable (but potentially issuer revocable) tokens. We chose these features not because they are clearly the most desirable collection of features, but because they are easy to implement in the current environment and enable significant functionality.
We refer to the accounts as "souls" and the tokens held by the accounts as "soulbound tokens" (SBT). Despite our strong interest in privacy, we initially assume that these will be publicly visible because it is technically easier to validate them as a proof-of-concept, although this is limited by the subset of tokens that users are willing to share publicly. Programmable private SBTs are a next step, which we discuss below.
Imagine a world where most participants have souls that store SBTs corresponding to a set of affiliations, memberships, and permissions. For example, a person might have a soul that stores SBTs representing educational credentials, companies they have worked for, hashes of artwork or books they have written, and so on. In their simplest form, these SBTs can be "self-certified," much like we share information about ourselves in our resumes. But the true power of this mechanism is revealed when SBTs held by one soul can be exhibited by other souls who are counterparties in these relationships. These counterpart souls can be individuals, corporations, or institutions.
For example, a university could be a soul that issues SBTs to graduates. A stadium could be a soul that issues SBTs to long-time Dodgers baseball fans.
It is not necessary that a soul be associated with a legal name or that there be a protocol-level attempt to ensure "one soul per person." A soul could be a persistent pseudonym with a set of SBTs that cannot be easily linked. We also do not assume that souls are not transferable between people. Instead, we seek to illustrate how these properties can arise naturally from the design itself, where necessary.
Soul Lending
Perhaps the greatest financial value based directly on reputation is lending and unsecured lending.
Currently, the Web 3 ecosystem cannot replicate even the most primitive forms of unsecured lending because all assets are transferable and sellable - simply forms of collateral. The traditional financial ecosystem supports many forms of unsecured lending, but these are often mediated by centralized credit scoring mechanisms - on the grounds that less creditworthy borrowers have little incentive to share information about their creditworthiness.
But such scores have many weaknesses. At best, they opaquely overweight or underweight factors relevant to creditworthiness and disadvantage those who have not collected enough data, especially minorities and the poor. At worst, they can enable opaque, "Black Mirror"-style "social credit" systems that manipulate social outcomes and reinforce discrimination.
An ecosystem of SBTs could create a censorship-resistant, bottom-up alternative to top-down commercial and "social" credit systems. SBTs representing educational credentials, past work history, and rental agreements, to name a few, could serve as a permanent record of credit-relevant history and allow souls to avoid collateral by using a significant reputation to secure credit. Loans and lines of credit could be represented as non-transferable but revocable SBTs, so that they are embedded among a soul's other SBTs - a kind of (unseizable) reputational pledge - until they are repaid and subsequently burned (or, better, replaced with a repayment record that extends the soul's credit history). Think of it much like a note in your credit history.
SBTs provide useful security features: The non-transferability property prevents the transfer or hiding of outstanding loans, while the presence of a rich ecosystem of SBTs ensures that borrowers who try to escape their loans (perhaps by starting a new soul) lack SBTs to meaningfully compromise their reputation.
Simply calculating public liabilities with SBTs would lead to open-source credit markets. New correlations between SBTs and repayment risk would emerge, producing better lending algorithms that predict creditworthiness, thereby reducing the role of the centralized, opaque credit scoring infrastructure. Even better, lending would occur in the context of social relationships, giving rise to new forms of collaborative lending. In particular, SBTs could provide a substrate for "group lending" practices similar to those of Nobel laureate Muhammad Yunus and the Grameen Bank, in which members of a social network agree to support another's liabilities. Because a soul's SBT constellation represents memberships in different social groups, participants could easily discover other souls who would be valuable contributors to a group lending project. While commercial lending is a "lend-and-forget" model until repayment, community lending could take a "lend-and-help" approach, combining working capital with human capital and generating higher returns.
Don't lose your soul
The non-transferability of important SBTs - such as one-time-issued educational credentials - raises an important question: How can you not lose your soul? Today's recovery methods, such as multiple signature recovery or mnemonics, have different trade-offs in terms of mental overhead, ease of processing, and security. Social recovery is a new alternative that relies on a person's familiar relationships. SBTs allow for a similar but more comprehensive paradigm: community recovery, where the soul is the overarching voice of their social network.
Social recovery is a good starting point for security, but it has some drawbacks in terms of security and usability. A user assembles a set of "guardians" and gives them the power to change the keys of a wallet by majority vote. The guardians can be a mix of individuals, institutions, or other wallets. The problem is that a user must balance the desire to have a reasonable number of guardians against the precaution of having guardians from discrete social circles to avoid collusion. In addition, guardians may pass away, relationships may fail, or people may simply lose track of each other, requiring frequent and attention-intensive updates. While social recovery avoids a single point of failure, successful recovery depends on building and maintaining trusted relationships with a majority of your guardians.
A more robust solution is to tie soul recovery to a soul's memberships in various communities, rather than curating, and instead draw on the broadest possible set of real-time relationships. Remember that SBTs represent memberships in various communities. Some of these communities - such as employers, associations, colleges, or churches - may be more off-chain, while others - such as participation in a protocol governance or DAO - may be more on-chain. In a community recovery model, recovery of a soul's private keys requires the consent of one member from a qualified majority of a (random subset) of the soul's communities. As with social recovery, we assume that the individual has access to secure channels of communication outside the chain, beyond the chain, where "authentication" (through conversation and sharing of shared secrets) can occur. We can often think of the relationships tokenized by SBTs as access to such channels.
Maintaining and regaining cryptographic ownership of a soul requires the consent of the soul network. By embedding security in sociality, the restoration of community deters the theft (or sale) of the soul. A soul can always regenerate its keys through the restoration of community. Therefore, any attempt to sell a soul is implausible, since a seller would also have to prove that it sold the restoration relations.
Programmable pluralistic privacy
Most valuable data is not necessarily individual, but interpersonal (e.g., social graph) or valuable only when aggregated into larger groups (e.g., health data). However, proponents of "self-determined identity" tend to treat data as private property: The data about this interaction belongs to me, and therefore I should be able to decide when and to whom I disclose it. But even more than in the physical economy, the data economy is poorly understood in terms of simple private property. Even in simple reciprocal relationships, such as an illicit affair, the right to disclose information is usually symmetrical and often requires mutual permission and consent. The Cambridge Analytica scandal was essentially about people disclosing features of their social graph and information about their friends without their consent.
A more promising approach than "privacy as a transferable property right" is to treat privacy as a programmable, loosely coupled set of rights to access, modify, or profit from information. Each SBT - whether the SBT is an affiliation, membership, credential, or access to a facility - also has an implicit programmable property right that specifies access to the information underlying the SBT: the holders, the agreements between them, common ownership or assets, and obligations to third parties, to name a few. Some issuers and communities will choose to make SBTs fully public, such as SBTs that reflect information in a public CV. Some SBTs will be private in the atomistic sense of verifiable credentials. Most will fall somewhere in between, making some information public and keeping some information private while sharing some information with a specific subset.
SBTs enable privacy protection as a programmable, composable property right that can be tailored to the complex expectations and agreements we have today. Better yet, SBTs also help us imagine new configurations, as there are an infinite number of ways that privacy-as a property right to permit access to information-can be composed to create a nuanced constellation of access rights.
For example, SBTs could allow holders to run computations over data stores that might be owned and managed by a collective of souls, using some privacy preserving technique. Some SBTs might even grant permission to access data in a way where computations across data stores are possible, but the content can only be proven with the permission of a third party. This could be useful for SBTs that instantiate and represent "continuous voting mechanisms" where the voting mechanism must tally the votes of each soul, but the votes should not be provable to anyone else to prevent vote buying.
SBTs could control healthier forms of "attention economy" that empower souls to filter out spam from likely bots outside their social graph while encouraging communication from real communities and desired intersections. This would be a dramatic improvement over today's communication platforms, which lack user control or governance and auction off user attention to the highest bidder, even a bot. Listeners could become more aware of who they are listening to and better able to give credit to works that lead to insights.
Rather than relying on engagement, such an economy could optimize collaboration and valuable contributions.
Albert Einstein said at the 1932 Conference on Disarmament that the failure of "man's organizing power" to keep pace with "his technical advances" had put a "razor in the hands of a three-year-old child." In a world where his observation seems more relevant than ever, we must learn to program a future that builds on - rather than replaces - trust so that human life can continue on this planet.