Social Identity Token

These Ethereum standards form the technical backbone for on-chain identity. ERC-725 defines a smart contract-based proxy account that can hold assets and execute transactions. ERC-735 builds on this by adding a claim registry, allowing third parties (issuers) to make verifiable statements (claims) about the identity holder. Together, they create a modular framework for a decentralized identity.

This W3C standard pair is critical for portable, self-sovereign identity. A Decentralized Identifier (DID) is a globally unique identifier (e.g., did:ethr:0x...) controlled by the user, not a central registry. Verifiable Credentials are tamper-proof digital attestations (like a diploma) issued to a DID. They use cryptographic proofs, enabling trust without relying on a central issuer for verification.

Introduced by Vitalik Buterin, Soulbound Tokens (SBTs) are a specific type of non-transferable token that can represent social identity attributes. Key properties include:

• Non-Transferability: Bound to a single wallet (a "Soul"), preventing sale or transfer.
• Revocability: The issuer can revoke the token, mimicking real-world credential expiration.
• Composability: SBTs from multiple sources can be aggregated to form a rich, on-chain reputation graph.

Specialized protocols like Ethereum Attestation Service (EAS) and Graph Protocol provide infrastructure for creating, storing, and querying identity-related data. EAS offers a schema registry and a gas-efficient way to make on- and off-chain attestations. The Graph indexes this attestation data into a queryable graph database, enabling efficient discovery of connections and reputation across the ecosystem.

A core challenge for Social Identity Tokens is preventing Sybil attacks, where one entity creates many fake identities. Solutions include:

• Proof-of-Personhood (PoP): Protocols like Worldcoin use biometrics to verify unique humanness.
• Social Graph Analysis: Algorithms that analyze connection patterns to detect fake or low-trust clusters.
• Staked Attestations: Requiring attestations to be backed by collateral, increasing the cost of issuing false claims.

SITs enable new models for community coordination. In decentralized social media (e.g., Farcaster, Lens Protocol), profiles and followers are represented as NFTs/SBTs, making social graphs portable. In DAO governance, SITs can be used for:

• Sybil-resistant voting: Weighting votes based on verified reputation or unique personhood.
• Role-based access: Granting permissions based on held credentials (e.g., a "Contributor" SBT).

A Sybil attack occurs when a single entity creates multiple fake identities to gain disproportionate influence. For SITs, this undermines the core value of reputation. Common resistance mechanisms include:

• Proof-of-Personhood (PoP): Biometric verification (e.g., Worldcoin) or government ID attestation.
• Social Graph Analysis: Leveraging the interconnectedness of a user's social connections to detect fake clusters.
• Staking/Bonding: Requiring a financial stake that is forfeited upon malicious behavior.

A core promise of decentralized identity is user control. Key considerations include:

• Self-Custody: The private keys controlling the SIT must be held by the user, not a centralized custodian.
• Selective Disclosure: Users should be able to prove specific claims (e.g., "I am over 18") without revealing the underlying data document.
• Interoperability: SITs built on standards like W3C Verifiable Credentials (VCs) or Decentralized Identifiers (DIDs) ensure the identity is portable across different applications and blockchains.

Verifying real-world identity without exposing sensitive data is critical. This is achieved through:

• Zero-Knowledge Proofs (ZKPs): A cryptographic method allowing a user to prove they possess certain credentials (e.g., a valid passport) without revealing the credential itself.
• Minimal Disclosure: Systems designed to collect and store the absolute minimum data necessary for the intended function.
• On-Chain vs. Off-Chain Data: Storing only the proof or commitment hash on-chain, while keeping the raw verification data off-chain.

The on-chain reputation score attached to a SIT is a prime target for manipulation. Risks include:

• Collusion & Bribery: Users may be bribed to provide positive attestations or reviews.
• Governance Attacks: If reputation grants governance power, attackers may target the system to seize control.
• Immutable Negative History: The permanence of blockchain can make recovery from a tarnished reputation difficult. Mitigation involves time-decay algorithms, context-specific reputation, and robust, decentralized attestation frameworks.

Losing access to the private key for a SIT means losing one's aggregated social identity and reputation. Solutions must balance security and usability:

• Social Recovery: Designating trusted individuals or entities who can collectively help restore access.
• Multi-Party Computation (MPC): Splitting the private key among multiple parties, requiring a threshold to sign transactions, eliminating a single point of failure.
• Hardware Security Modules (HSMs): Using dedicated physical devices for key storage, though this can impact accessibility.

Applications using SITs for financial services may trigger Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations. The architecture must enable:

• Auditability for Regulators: Providing a permissioned way for authorized entities to access identity information, often through zero-knowledge proofs that prove compliance without exposing data.
• Jurisdictional Flexibility: Adapting attestation requirements based on the user's location and the service's regulatory scope.
• Data Minimization in Compliance: Ensuring even regulatory processes adhere to privacy-by-design principles.

Proof of Personhood protocols aim to cryptographically verify that each participant in a system is a unique human, combating sybil attacks. Projects like Worldcoin (orb-based biometrics) or Proof of Humanity (social verification) provide a foundational 'unique human' credential. A Social Identity Token can incorporate or be contingent upon such a proof, enabling applications like fair airdrops, democratic governance, and universal basic income (UBI) experiments.

A Social Graph is a map of the relationships and interactions between entities. In Web3, decentralized social graphs (e.g., Lens Protocol, CyberConnect) record follows, mirrors, and comments on-chain. Social Identity Tokens can be enriched by and interact with this graph data, allowing identity to be contextualized by verifiable social connections and reputations established across multiple applications.

Attestation is the act of a subject (issuer) making a claim about another subject (holder), which is then recorded on-chain (e.g., via an SBT or a registry like EAS - Ethereum Attestation Service). Delegation allows an identity holder to grant specific permissions or rights to another agent, such as allowing a bot to post on their behalf. These are core mechanics for building trust networks and composable reputation within Social Identity systems.