Soulbound Token (SBT)

SBTs are permanently bound to the wallet address (or 'Soul') that receives them. Unlike NFTs or fungible tokens, they cannot be sold, traded, or transferred to another address. This immutability is enforced at the smart contract level, ensuring the credential is permanently linked to its owner.

SBTs act as on-chain attestations that build a persistent, composable identity. They can represent:

• Memberships (DAO participation, club affiliation)
• Credentials (educational degrees, work experience)
• Reputation (credit scores, lending history, governance contributions)
• Achievements (event attendance, protocol usage)

As on-chain assets, SBTs enable programmable verification. DApps and smart contracts can permissionlessly read a user's SBTs to verify credentials without intermediaries. This allows for composable reputation systems, where, for example, a lending protocol can assess risk based on a user's verified history of on-chain repayments.

A 'Soul' is the wallet or account holding SBTs. The network of Souls and their SBTs forms a decentralized social graph, mapping relationships, memberships, and trust. This graph enables new forms of governance (e.g., sybil-resistant voting), community coordination, and discovery of trusted entities based on shared affiliations.

While SBTs are public by default, privacy-preserving techniques are critical. Implementations may use:

• Zero-Knowledge Proofs (ZKPs) to prove possession of an SBT without revealing its details.
• Revocation Delegates allowing issuers (like a university) to revoke an expired or invalid credential.
• Selective Disclosure where users reveal only specific, necessary credentials.

SBTs differ fundamentally from other token standards:

• vs. NFTs (ERC-721/1155): NFTs are transferable assets representing ownership (art, collectibles). SBTs are non-transferable attestations representing identity.
• vs. Fungible Tokens (ERC-20): Fungible tokens are interchangeable and financial (currency, utility). SBTs are unique and non-financial, with value derived from social, not monetary, capital.

SBTs act as verifiable credentials issued to a user's wallet (a 'Soul') to attest to their identity, skills, or achievements. Examples include:

• Educational degrees from a university.
• Professional licenses (e.g., medical, engineering).
• Proof of attendance at events (POAPs are a primitive form).
• Credit history or repayment records in decentralized lending. This creates a persistent, user-controlled reputation layer that is not tied to a centralized platform.

In DAO governance, SBTs can be used to issue one-person-one-vote credentials, preventing Sybil attacks where a single entity creates multiple wallets to manipulate votes. A DAO might issue a non-transferable membership SBT to verified contributors, granting voting power proportional to their proven participation and reputation, rather than their capital holdings.

SBTs enable reputation-based lending by encoding a borrower's creditworthiness on-chain. A lending protocol could issue SBTs representing a positive repayment history. Users with a high-reputation SBT could then access loans with lower collateral requirements or better interest rates, as their trust is programmatically verifiable.

Artists can issue SBTs to the first purchaser of an NFT as a certificate of authenticity or a membership pass to a collector community. This SBT, bound to the collector's wallet, can unlock future airdrops, exclusive content, or verify the artwork's provenance, creating a direct, enduring relationship between creator and patron.

SBTs function as non-transferable access keys for digital and physical spaces. Use cases include:

• Access to token-gated Discord servers or forums.
• Entry to real-world events or co-working spaces.
• Subscription to a premium content service. Because SBTs cannot be bought or sold, access is tied to the individual who earned or was granted it, preserving community integrity.

SBTs are a blockchain-native implementation of Verifiable Credentials (VCs), a W3C standard for digital identity. Key differences:

• VCs are often held in private identity wallets with selective disclosure.
• SBTs are public, on-chain records by default, emphasizing social transparency. Both aim to create user-controlled, interoperable identity systems, but SBTs leverage the blockchain's public verifiability and composability.

The core feature of non-transferability creates a permanent risk of token loss. If a user loses access to their private key, the SBTs in that wallet are irrevocably locked, unlike fungible tokens which can be recovered via social recovery wallets or multi-sig solutions. This makes secure key management paramount.

SBTs are often designed to represent personal attributes, credentials, or affiliations, creating an on-chain reputation graph. This permanent, public ledger can lead to:

• Doxxing and profiling based on held tokens.
• Unintended correlation of pseudonymous identities across platforms.
• Challenges with data privacy regulations like GDPR, which include 'right to be forgotten' provisions.

The security of an SBT's meaning depends entirely on the trustworthiness and security of its issuer. Considerations include:

• Issuer compromise: A malicious actor gaining control of an issuer's keys can mint fraudulent credentials.
• Revocation mechanisms: Systems must be in place for issuers to revoke compromised or invalid SBTs, which adds complexity.
• Centralization risk: Over-reliance on a single issuer creates a central point of failure.

SBTs are implemented via smart contracts, inheriting all associated risks:

• Implementation bugs in the token standard or issuance logic.
• Upgradability concerns for mutable SBTs that can be changed by the issuer.
• Integration vulnerabilities when other protocols read and act upon SBT data, creating new attack vectors.

The perceived value of SBTs (e.g., for access or status) makes them a target for social attacks. Users may be tricked into:

• Connecting wallets to malicious sites pretending to issue or verify SBTs.
• Signing transactions that grant excessive permissions to drain other assets from the same wallet.
• The permanent nature of SBTs amplifies the impact of such scams.

The regulatory status of non-transferable digital assets is unclear. Potential issues include:

• Securities law implications if SBTs are deemed investment contracts.
• Anti-Money Laundering (AML) requirements for issuers or verifiers.
• Liability for defamatory or fraudulent credentials issued on-chain. These uncertainties pose legal risks for projects and users.