Why Pseudonymous Reputation Systems Are Inherently Flawed

Pseudonymity provides zero cost to identity creation, making reputation systems trivial to game. The fundamental economic assumption of "costly signaling" is absent.

• Sybil farms can generate millions of fake identities for a few hundred dollars.
• This renders any one-person-one-vote or stake-weighted governance system meaningless.
• Projects like Aavegotchi and early DAO voting models have been exploited this way.

To combat Sybils, systems like Proof of Humanity and BrightID introduce external verification. This simply moves the trust problem.

• The oracle (the verifier) becomes a centralized point of failure and censorship.
• It creates a privacy leak, defeating the purpose of pseudonymity.
• It adds friction and exclusion, limiting network growth to those who can/will verify.

Many protocols default to token-weighted reputation (e.g., Compound, Uniswap governance). This confuses capital with trustworthiness.

• It leads to plutocracy, where the wealthy control the network, not the competent.
• It's highly mercenary; capital flees at the first sign of higher yield elsewhere.
• It fails for non-financial reputation (e.g., code review, content moderation).

Reputation built through work (e.g., Gitcoin Grants contributions, DAO bounties) is tied to a single key. Loss of keys means total reputation reset.

• This creates perverse security incentives—holders of high-rep keys become massive targets.
• It has zero survivability against a simple phishing attack or hardware failure.
• It discourages long-term, risky contributions due to the irrecoverable loss of social capital.

Reputation is not universal. A top Curve voter is not a trusted Solidity auditor. Pseudonymous systems struggle to create context-specific reputations.

• This leads to reputation spillover, where fame in one area grants undue influence in another.
• It makes reputation aggregation (a "Web3 Score") a meaningless and dangerous metric.
• Vitalik's musings on Soulbound Tokens (SBTs) attempt, but fail to fully solve, this.

In pseudonymous systems, loyalty is ephemeral. A user's "reputation" is only as good as their next economic opportunity.

• This enables vote buying and bribery as seen in Olympus DAO and other DeFi governance attacks.
• It creates short-termism, as reputational stake has no long-term binding power.
• Contrast with traditional systems where legal identity creates a cost to betrayal.

Without a cost to identity creation, reputation is meaningless. Systems like Proof-of-Humanity or BrightID attempt to solve this, but introduce centralization or friction.

• Sybil resistance requires a cost function, either financial (staking) or social (attestations).
• Attackers can spin up thousands of wallets to manipulate governance, airdrops, or social graphs.
• The result is reputation inflation, where trust scores are diluted to zero.

A wallet's history is locked to its private key. This prevents the natural portability of real-world reputation and stifles network effects.

• A user's Gitcoin Passport score or DeFi credit history cannot migrate if keys are compromised.
• Reputation becomes a walled garden, preventing composability across DAOs, lending protocols, and social apps.
• This forces users to re-establish trust from zero on every new chain or application.

Most meaningful reputation signals (e.g., GitHub commits, professional credentials) exist off-chain. Bridging them on-chain requires trusted oracles, reintroducing centralization.

• Protocols like Chainlink or Ethereum Attestation Service (EAS) act as verifiers, creating single points of failure.
• Data becomes stale and gameable; a one-time verification says nothing about current behavior.
• This creates a mismatch between the rich data needed for reputation and the minimalist data available on-chain.

The path forward is decoupling identity from action using cryptographic proofs. zkProofs allow users to prove traits (e.g., "KYC'd human with >100 GitHub commits") without revealing the underlying data.

• Projects like Sismo and Worldcoin explore this for privacy-preserving attestations.
• Enables selective disclosure and reputation aggregation across multiple sources.
• Shifts the security model from protecting an identity to verifying a claim.

Non-transferable tokens, as proposed by Vitalik Buterin, create an immutable, chain-native record of actions and affiliations. When combined with ZK, they can be private.

• An SBT from Compound proves borrowing history without exposing amounts.
• A DAO participation SBT proves governance involvement without linking to a specific wallet's total power.
• Creates a persistent, composable reputation backbone that survives key rotation.

Accept that global reputation is flawed. Instead, build ephemeral, application-specific reputation that resets. This mirrors burner wallets in DeFi or session keys in gaming.

• A user's reputation in a NFT lending pool is based solely on their history within that pool.
• Limits the blast radius of corruption and makes sybil attacks non-scalable.
• Encourages fast iteration and aggressive failure without permanent stigma.