Why On-Chain Reputation Must Be Decoupled from Identity

Linking reputation to a single identity (e.g., an ENS name or main wallet) creates a single point of failure and invites Sybil attacks. Reputation becomes a hackable asset rather than a verifiable signal.

• Sybil-for-hire markets can instantly mint high-reputation identities for a fee.
• ~$1B+ in DeFi losses annually are linked to identity-based trust assumptions (e.g., governance attacks, oracle manipulation).

Reputation trapped within a single identity (like a DAO contributor's main address) cannot be used as collateral or ported to new contexts. This kills reputation liquidity and stifles innovation in undercollateralized lending and social finance.

• 0% of on-chain reputation is currently portable or financially composable.
• Projects like Spectral Finance and ARCx are building primitive reputation scores, but they remain tied to the source identity.

To prove reputation, users must often dox their entire transaction history linked to a persistent identity. This creates a binary choice between privacy and access, limiting adoption for institutions and privacy-conscious users.

• Zero-knowledge proofs (ZKPs) used by zkBob or Aztec for payments are not applied to reputation.
• Decoupling allows ZK attestations (e.g., "prove >1000 GitHub commits" without revealing GitHub handle).

Reputation must be built from discreet, verifiable claims (attestations) issued by verifiers (protocols, DAOs, employers) to a user's controller. The user can then selectively present and compose these attestations across chains and applications.

• Ethereum Attestation Service (EAS) and Verax provide the primitive schema registry.
• This enables reputation as a composable, privacy-preserving asset class.

Decoupled attestations require new infrastructure: Aggregators to score and weight signals, and Markets to price and trade reputation-based access. This creates a liquid layer for trust.

• Oracle networks like Pyth or Chainlink could evolve to serve reputation scores.
• Prediction markets (e.g., Polymarket) could price the likelihood of a specific attestation being true.

Applications should request reputation intents (e.g., "user must have governance participation attestation"), not raw identity. Users fulfill these intents via a reputation solver network, similar to UniswapX or CowSwap for intents, which finds the optimal set of their attestations to meet the requirement.

• Separates the demand for trust from the supply of identity.
• Enables permissionless innovation in reputation-based UX.

Your on-chain history is locked to a single address. Lose your keys, get hacked, or simply want a fresh start? Your entire reputation—your DeFi credit score, your governance weight, your proof-of-humanity—is gone. This creates massive user risk and stifles adoption.

• Sybil resistance fails if identity is a one-time cost.
• Zero portability between wallets or chains destroys user agency.
• Permanent linkage of all activity creates unacceptable privacy and security risks.

Decouple reputation from wallet addresses using non-transferable tokens and verifiable credentials. Projects like Ethereum Attestation Service (EAS) and Sismo allow for the creation of portable, revocable, and context-specific reputation proofs.

• Composable proofs: Mix and attestations from Gitcoin Passport, Optimism's Citizen House, and on-chain activity.
• Selective disclosure: Prove you're a human without revealing your full tx history.
• Chain-agnostic: Reputation built on Ethereum can be used on Base or Arbitrum.

The endgame: prove you have a reputation without revealing which one. Zero-knowledge proofs (ZKPs) enable users to generate a credential proving they meet a threshold (e.g., ">1000 GOV votes") without exposing their exact address or score. This is critical for private voting and undercollateralized lending.

• Privacy-preserving: Leverage ZK tech from Aztec or zkSync.
• Computational trust: The proof is the reputation, not the underlying data.
• Anti-sybil gold standard: Allows for robust, anonymous uniqueness proofs.

DeFi's $100B+ opportunity. Today, all lending is over-collateralized because there's no trust. A decoupled, ZK-provable reputation layer allows protocols like Aave or Compound to underwrite loans based on your on-chain history, not just your capital. This unlocks real-world utility.

• Creditworthiness as a verifiable, portable asset.
• Dynamic risk models based on composable reputation graphs.
• Capital efficiency improvements of 10-100x for qualified users.

Systems like Proof of Humanity or Gitcoin Passport tie reputation to a verified identity, creating a single point of failure. A doxxed identity is a permanent target for extortion, bribery, and social engineering attacks. The cost to corrupt one entity is fixed, while the value of their reputation grows.

• Risk: Centralized failure mode for decentralized systems.
• Attack Vector: Bribe the human, not the protocol.

Persistent on-chain identities (e.g., ENS names, wallet graphs) enable reputation-based DeFi but also enable targeted harassment, front-running, and discrimination. This creates a chilling effect, where high-value users opt for privacy pools like Tornado Cash, fragmenting the reputation graph.

• Problem: Public good of reputation requires public identity.
• Result: Valuable users exit to privacy, degrading the system.

The solution is to treat reputation like a soulbound token (SBT) that is decoupled from its mint source. Systems like HyperOracle's zkSBTs or Semaphore allow a user to prove a reputation credential (e.g., "voted in 50 governance proposals") without revealing which identity holds it. Reputation can be context-specific and atomically burned to pay for a service, eliminating persistent risk.

• Mechanism: Zero-knowledge proofs of anonymous credentials.
• Outcome: Reputation is usable, private, and non-correlatable.

When reputation dictates oracle voting power (e.g., UMA, Chainlink) or governance influence, a linked identity becomes a high-value exploit target. Attackers can perform long-con social attacks to gain trust, then execute a rug pull on the oracle itself, potentially manipulating $10B+ in derivative contracts.

• Vector: Trust is built over years, exploited in one block.
• Scale: Systemic risk to all dependent DeFi protocols.

Account abstraction introduces social recovery and session keys, which are forms of reputation. If a user's primary smart account (their identity) is compromised, all associated reputation and permissions are lost. Decoupling allows recovery modules to import reputation from a zero-knowledge proof of past activity, not a specific compromised key.

• Benefit: Security via key rotation without reputation loss.
• Protocols: Safe{Wallet}, Biconomy, Stackup.

KYC'd on-chain identities (e.g., regulated DeFi pools) create a government-readable reputation ledger. This enables programmable compliance but also state-level censorship and blacklisting based on transaction history. Decoupled reputation resists this by making the link between an action and an identity non-provable without the user's consent.

• Threat: Sovereign overreach into on-chain activity.
• Defense: Cryptographic separation of deed and doer.

Linking reputation to a single wallet or KYC'd identity creates systemic risk and stifles innovation.\n- Sybil attacks are trivial when reputation is non-transferable.\n- Users are locked into a single protocol, unable to leverage their history elsewhere.\n- This creates a fragmented, inefficient reputation layer across DeFi, DAOs, and social.

Reputation must be a verifiable, composable asset built from on-chain attestations. Think Ethereum Attestation Service (EAS) or Verax.\n- Decouple proof-of-personhood (Worldcoin, Gitcoin Passport) from proof-of-behavior.\n- Enable cross-protocol reputation composability (e.g., a Uniswap LP score usable in an Aave loan).\n- Use ZK-proofs to reveal specific reputation traits without exposing the underlying identity.

The technical stack is W3C's DIDs and VCs, implemented via smart contract registries.\n- DID: A user-controlled identifier (e.g., did:ethr:0x...) that owns credentials.\n- VC: A signed claim (e.g., "Credit Score > 750") issued by an attester.\n- Registry: A public, immutable log (like EAS) for credential issuance/revocation. This enables trust-minimized reputation markets.

The first major use case is creditworthiness without overcollateralization. Protocols like Goldfinch and Maple hint at the demand.\n- Portfolio-based scoring aggregates activity across Aave, Compound, and Uniswap.\n- Risk models can price loans based on a user's verifiable, multi-chain financial history.\n- This unlocks ~$1T+ in latent capital efficiency currently trapped by 150%+ collateral ratios.

Raw reputation graphs are a privacy nightmare. ZK-proofs (e.g., zkSNARKs, zkMFA) are non-negotiable.\n- Prove you have a "reputation score > X" without revealing the score or your identity.\n- Selective disclosure allows proving specific credentials (e.g., "DAO member since 2022") from a broader set.\n- Enables compliance (e.g., proof of jurisdiction) without doxxing.

Decoupled reputation becomes a positive-sum primitive, unlike today's zero-sum identity silos.\n- Developers build on a shared graph, not a proprietary dataset.\n- Users own and monetize their reputation across any application.\n- Protocols can implement sophisticated, low-risk mechanics (e.g., Blur's bidding system) without building from scratch. This is the foundation for on-chain social graphs and decentralized work credentials.