Why Zero-Knowledge Reputation Is the Ultimate MoAT for Protocols

Your on-chain history is trapped. A 10,000-hour DeFi user on Arbitrum is a 0-score newbie on Base. This fragmentation prevents trust from scaling across the modular stack, forcing every new app to rebuild identity from scratch.

• Inefficient Capital: Protocols cannot underwrite based on proven behavior, leading to over-collateralization and high gas wars.
• No Network Effects: User loyalty and data don't accrue to the user; they are captured by the siloed application.

Sismo builds private, granular reputation badges. Users generate ZK proofs of their on-chain history (e.g., "Top 1% Uniswap LP") without revealing their underlying wallets, enabling selective disclosure.

• Sovereign Data: Users own and curate their attestation portfolio, breaking platform lock-in.
• Composable Trust: A protocol like Aave can offer better rates to users with a "Safe Power User" ZK badge, sourced from across Ethereum, Optimism, and Polygon.

Clique aggregates off-chain and on-chain data (Discord, GitHub, Coinbase) to compute a reputation score, delivering it as a verifiable on-chain attestation. It's the data pipeline for ZK reputation.

• Cross-Chain Sync: Scores are computed off-chain and attested on-chain via EigenLayer AVS, making them universally readable.
• Developer-First: A single API call lets any app integrate Sybil resistance and credit scoring, bypassing years of data engineering.

The winning protocol won't just issue scores; it will provide the ZK circuit library and attestation marketplace that become the standard. This is a winner-take-most market.

• Protocol Revenue: Fees from attestation minting, verification, and EigenLayer restaking of oracle operators.
• Ecosystem Lock-in: Once dApps like Friend.tech or Farcaster build on a reputation layer, migrating user graphs becomes prohibitively expensive.

A ZK proof only verifies computation, not the quality of its inputs. If the source data is corrupt, the reputation score is meaningless.

• Sybil Attacks: Manipulating on-chain data sources (e.g., airdrop farming, fake NFT trades) to fabricate reputation.
• Centralized Feeds: Relying on a single API or data provider reintroduces a trusted third party, breaking the trustless model.
• Data Freshness: Stale or lagging data (e.g., from optimistic rollups) can lead to reputation based on outdated states.

Generating ZK proofs is computationally intensive. If only a few entities can afford the hardware, the system recentralizes.

• Cost Barriers: High fixed costs for specialized provers (e.g., GPUs, FPGAs) create an oligopoly, akin to mining pools.
• Censorship Risk: A dominant prover can selectively ignore or delay proofs for certain users, breaking liveness guarantees.
• Single Point of Failure: An outage or attack on a major proving service halts the entire reputation system's state updates.

The reputation algorithm is encoded in a ZK circuit. A bug here is catastrophic and immutable until a hard fork.

• Verifier Contracts: A single bug in the on-chain verifier smart contract (e.g., on Ethereum, Arbitrum) invalidates all proofs.
• Circuit Complexity: More complex reputation models increase audit surface area and the risk of subtle logic errors.
• Upgrade Hell: Patching a circuit requires migrating all user state, a coordination nightmare for protocols like Aave or Compound.

Maximal privacy can undermine the utility of reputation. Completely private scores are useless for sybil resistance or delegation.

• Unlinkability vs. Accountability: A user cannot be held responsible for malicious actions if their identity is perfectly hidden.
• Selective Disclosure Complexity: Systems like Semaphore or Aztec require complex cryptographic protocols to reveal specific attributes, adding friction.
• Regulatory Blind Spot: Protocols operating in regulated jurisdictions (e.g., DeFi) may be forced to deanonymize, breaking the privacy promise.

A reputation system locked to one chain or VM has limited value in a multi-chain world. Bridging reputation state is a unsolved problem.

• Chain-Specific Silos: Reputation earned on Ethereum L2s like Optimism is invisible to apps on Solana or Cosmos, fracturing the network effect.
• State Bridging Risk: Using canonical bridges (LayerZero, Wormhole) or optimistic bridges (Across) to transfer reputation introduces new trust assumptions and latency.
• VM Incompatibility: A circuit written for the EVM cannot be verified natively on other VMs (Wasm, SVM), requiring redundant development.

Reputation must have economic weight to matter. If it's cheap to rent or borrow, the moat evaporates.

• Reputation Renting: A marketplace (conceptually like NFTX) where high-reputation wallets are lent to malicious actors.
• Collateralization Bypass: If reputation lowers collateral requirements (e.g., in lending), an attacker can acquire it cheaply to launch a leveraged attack.
• Value Extraction: The protocol may fail to capture the economic value of the reputation it generates, leaving it as a public good exploited by others.

Protocols waste billions in token incentives on mercenary capital. Traditional anti-Sybil methods (e.g., proof-of-humanity) are slow, invasive, and siloed.

• Real Cost: Uniswap's $UNI airdrop had >30% Sybil clusters.
• User Friction: KYC/AML kills privacy and composability.
• Solution Path: ZK proofs allow users to privately prove 'real' activity (e.g., 6+ months on-chain, consistent volume) without revealing identity.

ZK proofs enable a user's aggregated on-chain history (from Ethereum, Solana, Arbitrum) to become a private credential. This is the core primitive for intent-based systems like UniswapX and CowSwap.

• Protocol MoAT: The reputation graph becomes the sticky layer; users won't re-prove from zero.
• Composability: A single ZK attestation can gate access to lending (Aave), governance, and cross-chain bridges (LayerZero, Across).
• Metric: Protocols can target users with >$10k historical volume or <0.1% default rate.

ZK reputation isn't just access control; it's a financial primitive. High-reputation users get better rates, lower collateral ratios, and priority execution.

• Capital Efficiency: Lending protocols (e.g., a future Aave) could offer 200% LTV to proven borrowers.
• Revenue Capture: Protocol fees are justified by superior risk pricing and reduced defaults.
• Investor Angle: The protocol that standardizes the reputation graph captures a tax on all trusted transactions, similar to Chainlink's oracle network.

The moat isn't just the data; it's the ZK proving infrastructure. Efficiently generating proofs for complex reputation graphs requires optimized provers (e.g., using RISC Zero, SP1).

• Switching Cost: Migrating a user's verified reputation history to a new prover network is computationally prohibitive.
• Performance Edge: The network with ~1s proof times and <$0.01 costs will dominate.
• Analogy: This is the AWS of trust—once integrated, protocols are deeply embedded in the stack.