Privacy, Future & Conclusion
Privacy Considerations
The Privacy Trilemma
Identity Verification
(Sybil resistance)
▲
/ \
/ \
/ \
/ \
/ \
/ \
/ \
Privacy ◄───────────────► Decentralization
(Anonymity) (No trusted party)
Pick two:
- Verified + Private = Centralized (trusted party sees identity)
- Verified + Decentralized = Not private (public verification)
- Private + Decentralized = Not verified (Sybil attacks)
Examples:
Worldcoin:
✓ Verified (biometric uniqueness)
✓ Relatively private (only hash stored, they claim)
✗ Centralized (Worldcoin controls Orbs)
Proof of Humanity:
✓ Verified (video + social verification)
✓ Decentralized (community-governed)
✗ Not private (video/photo public)
ZK-based systems (theoretical):
✓ Verified (mathematical proofs)
✓ Private (zero-knowledge)
✗ Requires trusted setup (often centralized)
OR ✗ Not yet practical (complex)
Techniques for Privacy
1. Selective disclosure with ZK proofs:
Scenario: Prove age without revealing birthday
Traditional:
"Show me your ID"
→ Reveals: Name, address, photo, birth date, ID number
→ Privacy loss: 100%
ZK proof:
"Prove you're over 18"
→ Reveals: Age > 18 (true/false)
→ Privacy loss: ~1%
Implementation:
const proof = generateAgeProof({
birthDate: "1995-03-15", // Private
currentDate: "2024-11-03",
minimumAge: 18
});
await verifyAgeProof(proof);
// Returns: true
// Learns: Nothing except "age >= 18"
2. Anonymous credentials (e.g., CL signatures):
Process:
1. Issuer signs credential with special signature scheme
2. Holder receives signed credential
3. Holder generates proof of possession
4. Proof reveals no information except:
- "I have a valid credential"
- Optional: "Credential has attribute X"
Example:
University issues: "Alice has Bachelor's degree in CS"
Alice proves: "I have a Bachelor's degree"
Without revealing: Name, university, graduation year
Technology: CL signatures (Camenisch-Lysyanskaya)
Used by: Hyperledger Indy, Sovrin
3. Ring signatures:
Concept: Prove "I am one of this group"
Example:
Group: [Alice, Bob, Carol, Dave, Eve]
Signer: Alice
Signature proves: "One of these 5 people signed"
Cannot determine: Which one
Application:
- Anonymous voting: Prove you're eligible without revealing who
- Whistleblowing: Prove you're employee without revealing which
- Private transactions: Prove ownership without revealing address
4. Differential privacy:
Add noise to data before sharing
Example: Gitcoin Passport
Instead of revealing: "Alice has GitHub, Twitter, PoH"
Reveal: "Alice's score is 25" (aggregated, noisy)
Benefit: Cannot reverse engineer which stamps
Trade-off: Less precise, but more private
Privacy Regulations and Compliance
GDPR (Europe):
Right to be forgotten:
- Users can request data deletion
- Challenge: Blockchain is immutable
Solutions:
1. Store minimal data on-chain
- Only hashes, not personal data
- Full data off-chain (can be deleted)
2. Encrypt personal data
- Destroy keys when "forgotten"
- Data becomes unreadable
3. Use permissioned chains
- Can actually delete data
- Trade-off: Less decentralized
CCPA (California):
Similar to GDPR:
- Right to know what data collected
- Right to delete data
- Right to opt-out of sale
Blockchain challenges:
- How to delete immutable data?
- Who is "controller" of decentralized network?
- How to identify users by address?
Solution: Privacy by design
Principles:
1. Minimize on-chain data
- Only hashes and commitments
- Full data off-chain
2. Use encryption
- Data stored encrypted
- Key management separate
3. Implement "forget" mechanisms
- Delete off-chain data
- Delete encryption keys
- On-chain hash becomes meaningless
4. Provide transparency
- Users see what data collected
- Can export their data
- Can revoke access
Future of Decentralized Identity
Emerging Trends
1. Portable social graphs:
Current: Social graph locked in platforms
- Twitter followers: Owned by Twitter
- If banned: Lose entire network
- Cannot take followers elsewhere
Future: On-chain social graphs
- Followers stored on blockchain
- Portable across platforms
- Cannot be censored
- User owns their network
Example: Lens Protocol
- Alice has 10k followers
- Stored as on-chain relationships
- Can use ANY Lens-compatible app
- Followers come with her
2. Reputation layer for Web3:
Vision: Universal reputation protocol
Components:
- Work history (SBTs from employers)
- Education (verified degrees)
- Skills (peer endorsements)
- Projects (contribution proofs)
- Social (vouch network)
Aggregation:
reputation_score = f(work, education, skills, projects, social)
Applications:
- Hiring (verify credentials instantly)
- Lending (credit scores)
- Governance (expertise-weighted voting)
- Access (gated communities)
Portable across:
- DAOs
- Protocols
- Platforms
- Metaverses
3. AI and deepfake detection:
Problem: AI-generated identities
- Deepfake videos (can fool PoH)
- AI-generated social media (bot armies)
- Synthetic faces (can fool biometrics?)
Arms race:
Detection improving: AI classifiers, liveness checks
Generation improving: Better GANs, more realistic
Future solutions:
- Hardware-based attestation (trusted camera)
- Multi-modal verification (video + voice + behavior)
- Continuous verification (not one-time)
- Cryptographic proofs of humanness (?)
4. Zero-knowledge identity:
Goal: Prove properties without revealing identity
Examples:
- Prove creditworthiness without revealing income
- Prove qualification without revealing degree
- Prove residency without revealing address
- Prove age without revealing birth date
Technology:
- zk-SNARKs (already exist)
- zk-STARKs (transparent, no trusted setup)
- Bulletproofs (efficient range proofs)
Challenge: Performance
- Generating proofs: Slow (10+ seconds)
- Verification: Fast (<1 second)
- Improving with hardware acceleration
5. Interoperable identity:
Current: Identity silos
- Worldcoin IDs on Worldcoin
- ENS names on Ethereum
- PoH on its own network
- DIDs on various chains
Future: Cross-chain identity
- Single DID works everywhere
- Credentials portable
- Verifiable across chains
Standards emerging:
- W3C DID (cross-chain DIDs)
- Verifiable Credentials (interoperable creds)
- EIP-4361: Sign-In with Ethereum (universal auth)
Open Questions
1. Can we achieve the impossible trilemma?
Verification + Privacy + Decentralization
Possible paths:
A. Accept trade-offs (current approach)
- Different systems for different needs
- Choose based on priorities
B. Advanced cryptography
- Fully homomorphic encryption
- Secure multi-party computation
- May enable all three
- But: Expensive, slow
C. Trusted hardware
- TEEs (Trusted Execution Environments)
- Can verify privately
- But: Trust in hardware manufacturer
Verdict: Probably impossible perfectly
But can get close enough
2. Who controls the identity layer?
Decentralization concerns:
- Worldcoin: Centralized (Orbs)
- Gitcoin Passport: Centralized (stamp definitions)
- ENS: Semi-decentralized (DAO governance)
- PoH: Decentralized (community governance)
Questions:
- Should identity be governed?
- Who decides verification criteria?
- How to prevent capture by powerful actors?
- Can identity be trustless?
No clear answer yet
3. How to handle account recovery?
Problem: Lost key = Lost identity
Solutions attempted:
- Social recovery (guardians)
- Time-locked recovery (backup address)
- Biometric recovery (Worldcoin)
- Hardware security modules
Trade-offs:
Social recovery → Trust in friends
Time-locked → Vulnerable to attacker
Biometric → Privacy concerns
Hardware → Single point of failure
Open problem: No perfect solution
4. Global adoption feasibility?
Barriers:
- Technical literacy (need education)
- Internet access (50% of world offline)
- Device access (not everyone has smartphone)
- Cost (verification fees, gas fees)
- Cultural resistance (privacy concerns)
Required for scale:
- Simpler UX (one-click verification)
- Cheaper costs (gasless, subsidized)
- Offline-capable (sync when online)
- Multi-device support
- Localization (languages, customs)
Timeline: 5-10 years to mainstream?
Conclusion
Decentralized identity: The missing piece
What we learned:
The problem:
- Blockchains are pseudonymous, not anonymous
- Sybil attacks are easy and profitable
- Identity verification seems to contradict permissionlessness
Solutions attempted:
- DIDs: Self-sovereign identifiers
- Verifiable Credentials: Cryptographically signed claims
- Proof of Personhood: Worldcoin, PoH, BrightID
- Soulbound Tokens: Non-transferable reputation
- Identity scoring: Gitcoin Passport
- Content addressing: IPFS for permanent data
The trilemma:
Cannot have all three:
- Verification (Sybil resistance)
- Privacy (anonymity)
- Decentralization (no trusted party)
Trade-offs everywhere:
- Worldcoin: Good verification, bad privacy
- PoH: Good decentralization, bad privacy
- BrightID: Good privacy, weaker verification
- No perfect solution
Current state (2024):
Adoption:
- DIDs: 100+ methods, limited use
- VCs: Standards mature, implementations growing
- Proof of Personhood: <10M verified humans total
- ENS: 2M+ names (most successful)
- SBTs: Concept, limited deployment
- Gitcoin Passport: 1M+ created, 300k active
Use cases working:
✓ Sybil-resistant airdrops (Gitcoin Passport)
✓ Human-readable addresses (ENS)
✓ Quadratic funding (with identity gates)
✓ Democratic governance (PoH DAOs)
Use cases struggling:
✗ Undercollateralized lending (still early)
✗ Universal reputation (fragmented)
✗ Privacy-preserving verification (complex)
�✗ Global adoption (accessibility barriers)
The future:
Short term (2024-2025):
- Better identity aggregation (Passport-like)
- More SBT deployments
- Cross-chain DIDs
- Improved privacy (ZK proofs)
Medium term (2025-2027):
- Reputation-based lending scales
- Identity becomes standard (like ENS)
- AI/deepfake detection improves
- Regulatory frameworks emerge
Long term (2027-2030):
- Universal identity layer?
- Billions of verified humans?
- Privacy + verification working?
- True self-sovereign identity?
Or: Multiple identity systems coexist
Different trade-offs for different uses
No universal solution
For users:
Recommendations:
1. Get ENS name (identity foundation)
2. Create DID (future-proof)
3. Get verified on one PoP system
4. Build on-chain reputation (SBTs, POAPs)
5. Be careful with privacy (public by default)
6. Diversify (don't rely on one identity provider)
Risks:
- Identity theft (key management critical)
- Privacy loss (data is public/permanent)
- Vendor lock-in (choose portable solutions)
- Regulation (compliance may be required)
For builders:
Best practices:
1. Use DIDs for user identifiers
2. Implement Verifiable Credentials for claims
3. Integrate PoP for Sybil resistance
4. Design for privacy (selective disclosure)
5. Plan for recovery (social recovery)
6. Think cross-chain (interoperability)
7. Follow W3C standards (portability)
Avoid:
- Storing PII on-chain (use hashes)
- Single identity provider (vendor lock-in)
- Centralized verification (trust minimization)
- Ignoring privacy (GDPR, CCPA compliance)
The philosophical question:
Is decentralized identity even desirable?
Pro:
+ Self-sovereignty (you control your identity)
+ Portability (take it anywhere)
+ Privacy (selective disclosure)
+ Sybil resistance (one-person-one-vote)
+ Permissionless (no gatekeepers)
Con:
- Privacy paradox (verification vs anonymity)
- Permanent records (right to be forgotten?)
- Discrimination risk (visible history)
- Coercion potential (forced disclosure)
- Complexity (users want simple)
The tension:
Identity enables coordination and trust
But also enables surveillance and control
Answer: We need identity, but designed carefully
Privacy-preserving where possible
Transparent where necessary
User-controlled always
Decentralized identity is still being invented. The systems we have today are experiments, not final solutions. But they're necessary experiments—without identity, blockchain remains a financial playground for the technically sophisticated. With identity, it can become infrastructure for human coordination at scale.
The search for better identity systems continues. The prize: A future where people control their own identity, reputation, and data. Where Sybil attacks are impractical, privacy is preserved, and no central authority controls who you can be.
We're not there yet. But we're building.
Key concepts recap:
DID: Decentralized Identifier (did:method:identifier)
VC: Verifiable Credential (cryptographically signed claim)
SBT: Soulbound Token (non-transferable reputation)
PoP: Proof of Personhood (verify uniqueness)
IPFS: InterPlanetary File System (content addressing)
ZK: Zero-Knowledge (prove without revealing)
Identity trilemma:
Verification ↔ Privacy ↔ Decentralization
(Can have at most two)
Quadratic funding:
Match = (Σ√donations)² - Σdonations
(Favors many small donors)
Further exploration:
- W3C DID specification
- Verifiable Credentials Data Model
- "Decentralized Society" paper (Buterin et al.)
- Gitcoin Passport documentation
- ENS documentation
- Proof of Humanity registry
Identity is the frontier. Understanding it is essential for the next phase of Web3.