Soulbound Credential

SBCs create a portable, user-owned record of professional achievements that is cryptographically verifiable and cannot be sold or forged.

• Example: A developer receives a Soulbound NFT from the Ethereum Foundation for completing a core protocol contribution. This credential is permanently linked to their wallet.
• Use Case: These credentials can be used to gate access to expert DAO working groups, verify qualifications for on-chain bounties, or build a reputational graph without relying on centralized platforms like LinkedIn.

SBCs allow users to build a verifiable credit history by accumulating attestations about their financial behavior, enabling underwriting for decentralized lending without traditional credit bureaus.

• Mechanism: A user's on-chain repayment history for a DeFi loan is attested to by the lending protocol as a positive credential.
• Application: A credit DAO or underwriting protocol can programmatically assess a wallet's risk profile based on the sum of its financial SBCs, potentially offering better loan terms. This moves beyond simple over-collateralization.

SBCs act as programmable access keys for digital and physical spaces, where possession of a specific credential grants entry. The credential's non-transferability ensures the access right cannot be resold.

• Digital Example: Gating a token-gated Discord channel or a premium content library to wallets holding a 'Community Contributor' SBC.
• Physical Example: Granting entry to a conference or IRL event by scanning a wallet that holds a verified 'Ticket' SBC, eliminating scalping and fraud.

SBCs provide immutable, user-custodied proof of participation in events, educational courses, or community activities.

• Process: An event organizer (the issuer) mints and sends a 'Proof of Attendance Protocol (POAP)'-style SBC to verified attendees' wallets.
• Utility: These credentials become part of a user's reputational portfolio, usable to demonstrate community involvement, unlock future rewards, or qualify for loyalty programs. Unlike transferable NFTs, their soulbound nature guarantees the original attendee retains the proof.

SBCs serve as the foundational data layer for composable reputation, where credentials from various sources (e.g., work history, governance participation, skill verification) can be aggregated and interpreted by smart contracts.

• Example: A freelance platform smart contract calculates a trust score by reading SBCs from previous employers, completed courses, and community moderation roles.
• Vision: This enables context-specific reputation where a user's standing in a DeFi protocol is separate from their standing in a gaming guild, all built from the same underlying set of verifiable credentials.

SBCs enable portable, composable reputation systems. A user's history of loan repayments, protocol contributions, or work completion can be attested to via credentials, building a verifiable on-chain reputation graph. This data can be used for undercollateralized lending, trusted task delegation, or merit-based access.

• Composability: Credentials from multiple sources (e.g., Aave, ENS, a DAO) can be aggregated to form a comprehensive reputation profile.
• Example: A lending protocol could offer better rates to wallets holding credentials proving a history of timely repayments.

Within Decentralized Autonomous Organizations (DAOs), SBCs are used to recognize and reward contributions, gate governance rights, and manage roles. They provide a transparent, tamper-proof record of a member's participation.

• Common Use Cases:
  • Voting Power: Issuing governance tokens or voting credentials to active contributors.
  • Role-Based Access: Granting credentials that provide access to private channels or multisig permissions.
  • Proof-of-Contribution: Attesting to completed bounties, successful proposals, or consistent participation.

SBCs provide a secure, globally verifiable way to issue academic degrees, professional licenses, and skill certifications. They eliminate fraud and simplify the verification process for employers and institutions.

• Advantages over Traditional Systems:
  • Instant Verification: Anyone can cryptographically verify the credential's authenticity and issuer.
  • User Control: The holder owns and controls their credentials, not the issuing institution.
  • Interoperability: Credentials can be easily shared across platforms and borders.

Soulbound Credentials rely on a specific stack of cryptographic and blockchain primitives to function securely and privately.

• Core Components:
  • Issuer: The trusted entity that creates and signs the credential.
  • Holder: The subject who receives and stores the credential in their digital wallet.
  • Verifier: The party that requests and validates the credential.
  • Verifiable Data Registry: Often a blockchain (like Ethereum) that stores Decentralized Identifiers (DIDs) and issuer public keys for lookup.
• Key Standards: ERC-721 (for non-transferable NFTs), ERC-1155, or custom Smart Contract logic enforce the soulbound property.

The core security property of a Soulbound Credential is its non-transferability, enforced at the protocol level. This prevents credential trading or theft, making it a fundamental tool for Sybil resistance. A user cannot amass multiple credentials from a single source to game a system, as each credential is permanently bound to their unique cryptographic identity (e.g., an Ethereum wallet). This creates a more reliable mapping between an identity and its proven attributes.

A critical privacy-enhancing technique for SBCs is selective disclosure, often powered by zero-knowledge proofs (ZKPs). Instead of revealing an entire credential (e.g., "I am over 21"), a user can generate a cryptographic proof that verifies the specific claim without exposing the underlying data (like their birth date or wallet address). This minimizes data leakage and allows for privacy-preserving verification in applications like proof-of-personhood or credit scoring.

Managing the lifecycle of a credential is essential. Revocation mechanisms allow an issuer to invalidate a credential if the underlying attestation becomes false or is compromised (e.g., a diploma is rescinded, a license expires). Common methods include:

• Revocation Registries: Maintaining an on-chain or off-chain list of revoked credential identifiers.
• Status List Credentials: Issuing a separate, updatable credential that lists revoked entries.
• Time-Based Expiry: Building automatic expiration into the credential's logic. The choice impacts decentralization and issuer overhead.

SBCs promote data minimization by storing only essential claims. However, storage location dictates security and privacy risks:

• On-Chain Storage: Data is public, permanent, and immutable. Suitable for non-sensitive, publicly verifiable facts.
• Off-Chain Storage (e.g., IPFS): More private, but links can persist, and availability depends on the storage protocol.
• Holder's Device: Maximum privacy and control, but requires the holder to manage data and present it for verification. The design must balance transparency, persistence, and user sovereignty.

The trustworthiness of a Soulbound Credential is derived entirely from its issuer. Verifiers must trust that the issuer correctly performed due diligence. Decentralized Identifiers (DIDs) are used to cryptographically identify issuers, verifiers, and holders without relying on a central registry. This creates a verifiable data registry, allowing anyone to check the issuer's DID document and public keys to authenticate the credential's signature, establishing a chain of trust in a decentralized context.

Since SBCs are cryptographically bound to a user's private key, key management is a paramount security concern. Losing access to the private key means losing all associated non-transferable credentials irrevocably. This necessitates robust recovery solutions, which introduce trade-offs:

• Social Recovery: Using a group of trusted contacts to restore access.
• Custodial Solutions: Relying on a third-party service, which reduces self-sovereignty.
• Multi-Party Computation (MPC): Distributing key shards. The absence of a recovery mechanism poses a significant user risk.

An Attestation is a cryptographic statement made by one entity about another, often recorded on-chain. It is the act of issuing a Soulbound Credential or Verifiable Credential. In practice, attestations:

• Create a verifiable link between an issuer's DID and a subject's DID.
• Can be revoked by the issuer under certain conditions.
• Form the basis for on-chain reputation and provenance systems, such as those used by Ethereum Attestation Service (EAS).

A Zero-Knowledge Proof (ZKP) is a cryptographic method allowing one party (the prover) to prove to another (the verifier) that a statement is true without revealing the underlying information. ZKPs enhance Soulbound Credentials by enabling:

• Selective disclosure: Proving you hold a credential (e.g., age > 18) without revealing the exact data.
• Privacy-preserving verification: Interacting with dApps without exposing your full identity graph.
• Sybil resistance: Proving uniqueness or membership in a set without linking wallets.

Sybil Resistance refers to the ability of a system to withstand attacks where a single entity creates many fake identities (Sybils) to gain disproportionate influence. Soulbound Credentials are a core mechanism for achieving this in decentralized networks by:

• Tying real-world or social provenance to an on-chain identity.
• Enabling unique-person proofs via non-transferable credentials from trusted issuers.
• Forming the basis for fair governance voting, airdrop distribution, and resource allocation in protocols like Gitcoin Grants.