Reputation Registry

Reputation data is stored on a blockchain or decentralized storage network, ensuring it is tamper-proof and censorship-resistant. This creates a persistent, user-owned record that cannot be unilaterally altered or deleted by any single entity, forming a single source of truth for an identity's historical actions.

The registry acts as a data aggregator, pulling signals from multiple sources to build a holistic profile. Key sources include:

• On-chain activity: Transaction history, DeFi interactions, governance participation.
• Off-chain attestations: Verified credentials, KYC status, professional endorsements.
• Protocol-specific scores: Credit scores from lending protocols, contributor scores from DAOs. This aggregation enables reputation portability across different dApps.

Reputation is built through verifiable credentials—cryptographically signed statements from issuers (e.g., a DAO, an employer, a protocol). These attestations are stored in the registry, allowing any verifier to check their authenticity and validity without contacting the original issuer, enabling trustless verification of attributes like skills, membership, or completion of tasks.

The registry's smart contracts encode the rules for how reputation is calculated, updated, and utilized. This includes:

• Scoring algorithms: Formulas that weight and combine different reputation signals.
• Decay mechanisms: Rules for score degradation over time or due to negative actions.
• Access controls: Permissions defining who can issue attestations or query data. This programmability allows for customizable reputation models tailored to specific use cases.

Advanced registries employ techniques to protect user privacy while proving reputation. This can include:

• Zero-knowledge proofs (ZKPs): To prove a reputation score or credential meets a threshold without revealing the underlying data.
• Selective disclosure: Allowing users to reveal only specific, necessary attributes.
• Data minimization: Storing only cryptographic commitments or hashes on-chain. This ensures user sovereignty over personal data.

A core function is to distinguish between unique human users and fake Sybil identities. Techniques include:

• Proof-of-personhood: Linking an on-chain identity to a verified human (e.g., via biometrics or social graph analysis).
• Cost-of-creation: Imposing a meaningful cost (financial, social, temporal) to create a new identity.
• Graph analysis: Detecting clusters of collusive or bot-like behavior. This protects the integrity and value of the reputation system.

Reputation registries enable one-person-one-vote models by linking voting power to verified, non-transferable identity or contribution history, rather than token holdings alone. This mitigates Sybil attacks and whale dominance.

• Example: A DAO could weight votes based on a user's verified GitHub contributions or proven participation in past governance calls.
• Mechanism: Uses soulbound tokens (SBTs) or non-transferable NFTs to represent immutable reputation scores.

Registries create on-chain credit histories by aggregating data from DeFi activity, loan repayments, and collateralization history. This enables trustless underwriting for uncollateralized or undercollateralized lending.

• Key Data: Wallet's historical loan-to-value (LTV) ratios, repayment punctuality, and total volume of fulfilled obligations.
• Protocol Example: A lending protocol could offer lower interest rates or higher borrowing limits to wallets with a high credit score SBT from a reputable registry.

Smart contracts can use reputation scores as a permission gate for exclusive events, NFT mints, or protocol features. Access is granted based on proven behavior, not just payment.

• Use Case: A private Discord server or token-gated content platform that requires a Proof-of-Attendance Protocol (POAP) NFT or a minimum contribution score.
• Benefit: Creates curated ecosystems where participation is based on merit and past engagement, reducing spam and low-quality interactions.

Platforms can delegate content moderation or curation rights to users with high trust scores, creating a decentralized alternative to centralized admin control. Reputation becomes stake in the platform's health.

• Mechanism: Users with high reputation can flag content; flags from high-reputation users carry more weight in takedown decisions.
• Example: A decentralized social media protocol where the ability to downvote or hide content is a permission earned through constructive historical participation.

Registries provide a verifiable, portable record of work history and client reviews for freelancers in the web3 ecosystem. This solves the trust problem between anonymous parties.

• Data Points: On-chain proof of completed bounties, client-endorsed SBTs for satisfactory work, and aggregated earnings history.
• Utility: A freelancer can build a portable reputation that is recognized across multiple platforms (e.g., Dework, Layer3), reducing the need to rebuild trust from scratch.

By incorporating reputation, DeFi protocols can move beyond purely overcollateralized models. A high reputation score can act as intangible collateral, allowing for more capital-efficient positions.

• Application: A wallet with a long history of responsible borrowing could be offered a dynamic LTV ratio, where their required collateral decreases as their reputation score increases.
• Risk Layer: The reputation score itself becomes a staked asset that can be slashed for malicious behavior, aligning economic incentives.

Non-transferable tokens that represent credentials, affiliations, or achievements. They are the primary data primitive for building a Reputation Registry, as they create a permanent, verifiable record of an entity's actions and attributes.

• Key Feature: Immutable and publicly attestable, preventing reputation laundering.
• Example: An SBT could represent a verified KYC status, a completed course, or a positive loan repayment history.

A W3C standard for creating self-sovereign, verifiable digital identities independent of centralized registries. They provide the foundational framework for entities (people, organizations, devices) to control their identifiers and associated data.

• Mechanism: A DID resolves to a DID Document containing public keys and service endpoints.
• Role in Reputation: DIDs serve as the persistent, cryptographically verifiable anchor to which reputation data (like SBTs) is attached.

A tamper-evident digital claim (like a diploma or license) issued by an authority and cryptographically signed. They enable trustless verification of claims without contacting the issuer.

• Structure: Composed of a claim, metadata, and a digital proof.
• Connection to Registry: SBTs are often used as a specific, on-chain implementation format for VCs, making the credentials machine-readable and composable within smart contracts.

The act of making a verifiable statement or claim about a subject (e.g., a DID). In a Reputation Registry, attestations are the atomic units of reputation data, often minted as SBTs or signed off-chain messages.

• Types: Can be positive (endorsement), negative (report), or neutral (fact).
• On-Chain vs. Off-Chain: On-chain attestations (like SBTs) are permanent and publicly queryable. Off-chain attestations (like EAS schemas) offer privacy and scalability, with proofs stored on-chain.

The property of a system to resist attacks by fake identities. It is a critical security requirement for any meaningful Reputation Registry, as it ensures that reputation scores cannot be artificially inflated by creating multiple identities.

• Common Mechanisms: Proof-of-Personhood protocols (e.g., Worldcoin), biometric verification, or costly signaling (e.g., staking assets).
• Goal: To create a strong binding between one real-world entity and one on-chain identity (DID).

The ability for different applications and protocols to read, interpret, and build upon the same on-chain reputation data. This is the core value proposition of a public Reputation Registry.

• Example: A lending protocol can read a user's creditworthiness SBTs from one registry, while a DAO governance system reads their contribution SBTs from another, creating a holistic profile.
• Enabled by: Standardized data schemas (like those from the W3C or Ethereum Attestation Service) and public, permissionless access.