DeFi Passport

A DeFi Passport is typically implemented as a Soulbound Token (SBT), a non-transferable NFT minted to a user's wallet. This ensures the identity and reputation data is permanently bound to the user, preventing Sybil attacks where a single entity creates multiple fake identities. The SBT serves as the immutable, verifiable container for aggregated on-chain credentials.

The core mechanism involves a scoring algorithm that analyzes a wallet's historical blockchain data. Key metrics include:

• Transaction History: Volume, frequency, and diversity of interactions.
• Creditworthiness: Repayment history on protocols like Aave or Compound.
• Governance Participation: Voting and delegation activity in DAOs.
• Asset Holdings: Longevity and composition of the portfolio. This score is computed off-chain and attested on-chain, often via zero-knowledge proofs for privacy.

Passports use verifiable credentials—cryptographically signed statements from trusted issuers (oracles, protocols, KYC providers). These attestations, such as "Wallet 0x... has repaid 15 loans," are stored on decentralized networks like Ethereum Attestation Service (EAS) or Verax. The passport acts as a hub, allowing users to selectively disclose credentials without revealing their entire history.

The primary financial use case is enabling undercollateralized loans. Instead of requiring 150% collateral, a protocol can offer credit lines based on a user's passport score. For example, a user with a high reputation score might borrow up to 50% of their credit limit with 0% upfront collateral, with the passport serving as the enforceable reputation collateral.

By tying services to a non-transferable identity, passports provide robust Sybil resistance. This allows protocols to:

• Offer exclusive airdrops to unique humans.
• Implement graduated token launches for loyal users.
• Gate access to high-risk yield strategies or governance forums based on proven contribution history, moving beyond simple token-weighted systems.

For widespread adoption, passport systems aim for interoperability across chains and protocols. Emerging standards like ERC-7231 (which binds multiple identities to a single wallet) and EIP-7007 (for zk-based attestations) are critical. This allows a reputation built on Arbitrum to be usable for a loan on Base, creating a portable, composable identity layer for DeFi.

A DeFi Passport functions by aggregating and scoring a user's on-chain history. This includes transaction volume, credit history, collateralization ratios, governance participation, and repayment records. This data is compiled into a non-transferable Soulbound Token (SBT) or a verifiable credential, creating a portable reputation score that protocols can query (with user permission) to assess trustworthiness without centralized intermediaries.

The most significant application is enabling credit-based loans. Traditional DeFi lending requires over-collateralization (e.g., 150% for ETH). A passport allows protocols like Credix or Goldfinch (in their DeFi iterations) to offer undercollateralized or zero-collateral loans by using the user's reputation score as a substitute for excess collateral, dramatically improving capital efficiency.

Passports are critical for Sybil-resistant governance. By tying voting power to a verified, unique identity with a history of constructive participation, protocols can mitigate airdrop farming and governance attacks. Systems like Gitcoin Passport aggregate attestations from various sources to create a 'humanity score,' ensuring fair distribution of tokens and voting power in DAOs.

Implementation typically involves:

• Attestation Protocols: Using frameworks like Ethereum Attestation Service (EAS) or Verax to issue verifiable statements about a user's history.
• Zero-Knowledge Proofs (ZKPs): Allowing users to prove properties of their reputation (e.g., 'score > X') without revealing the underlying private data.
• Identity Primitives: Built on standards like ERC-7231 (Soulbound Token with data storage) or ERC-5845 (Minimal Soulbound NFTs).

Notable implementations include:

• Gitcoin Passport: Aggregates Web2 and Web3 identity verifications for Sybil defense.
• Spectral Finance: Creates a MACRO Score (non-fungible credit score) based on wallet transaction history.
• ARCx: Issues DeFi Passports with a credit score that unlocks specific borrowing terms.
• Orange Protocol: A reputation framework for issuing and verifying on-chain attestations.

Significant hurdles remain for widespread adoption:

• Data Privacy: Balancing transparency with the need for private financial history.
• Composability: Ensuring scores are portable and trusted across diverse protocols and chains.
• Regulatory Uncertainty: How on-chain credit scores intersect with financial regulations like fair lending laws.
• Gameability: Preventing users from artificially inflating their reputation through wash trading or other manipulative patterns.

Soulbound Tokens are non-transferable, non-financialized tokens that represent credentials, affiliations, or achievements. They are the foundational primitive for a DeFi Passport, which is essentially a collection of SBTs. Key characteristics include:

• Non-transferability: Bound to a single wallet address.
• Composability: Can be combined to form a verifiable identity graph.
• Revocability: Issuers can revoke tokens if credentials become invalid.

Proof of Personhood is a cryptographic verification that an identity belongs to a unique human, not a bot or sybil attacker. It is a critical attestation often included in a DeFi Passport. Common methods include:

• Biometric verification (e.g., Worldcoin's Orb).
• Video attestation services.
• Government ID verification through zero-knowledge proofs. This proof helps protocols implement fair airdrops, governance, and access controls.

On-Chain Reputation is a quantified score derived from a wallet's historical activity, such as loan repayments, governance participation, or trading volume. A DeFi Passport aggregates this data to create a portable reputation profile. This enables:

• Under-collateralized lending: Lenders can assess borrower risk.
• Sybil-resistant governance: Weight votes based on proven contribution.
• Customized access: Protocols can gate features based on reputation tiers.

Verifiable Credentials are a W3C standard for tamper-proof digital credentials that can be cryptographically verified. They are the off-chain analog to SBTs and are often used to attest to real-world attributes (e.g., KYC status, accreditation) before being minted as a token in a passport. The flow involves:

• Issuance by a trusted entity.
• Storage in a user's digital wallet.
• Selective disclosure using zero-knowledge proofs to prove claims without revealing raw data.

Sybil Resistance refers to mechanisms that prevent a single entity from creating multiple fake identities (Sybils) to gain disproportionate influence or rewards. A DeFi Passport is a core tool for Sybil resistance by anchoring identity to verified attributes. Techniques include:

• Unique humanity proofs.
• Costly signaling (e.g., burning gas, staking).
• Graph analysis to detect linked wallets. Effective Sybil resistance is crucial for fair token distributions and governance.

ERC-7231 is an Ethereum standard proposal for an Identity Aggregator—a smart contract that binds multiple identity tokens (like SBTs) to a primary wallet. This is the technical backbone for many DeFi Passport implementations. It enables:

• Unified identity: A single root address manages multiple credentials.
• Modular design: Credentials can be added or revoked by different issuers.
• Interoperability: A standardized interface for protocols to query a user's aggregated identity.