Author: Chloe, IOSG Associate

secondary title

Insight

DID & PoP Authentication and Management

The last issue of "The Human-Machine Game Has Just Begun" talked about why DID and PoP are particularly important in Web 3.0. This week, we will explore the concepts of DID and PoP, and introduce several PoP verification methods and leading projects.

secondary title

Pervasive identity management logic

Whether it is identity management in the real world or DiD in Web3.0, the following logics are followed.

- Tag individuals. First, we need an identifier to "tag" a person. This identifier must be unique and unchanged, such as an ID number.

- Verify identidy. Second, we need to verify the identifier. Often real-world authentication is through proof of ownership, such as having an ID, or through biometric verification (fingerprinting, facial recognition, etc.). When a person has a unique "identifier" mark, and this correspondence is verified as correct. A biological person is equivalent to an identity.

image description

secondary title

What makes DID special

So what's so special about DIDs? The first is DID in terms of "decentralized". Unlike traditional identifiers controlled by centralized authorities, DID identifiers should be self-owned, independent, and dependent on the P2P decentralized network. Secondly, the verification method of DID is also different. It is not proved by holding some kind of certificate, but by the encrypted public key-private key to verify the signature. Finally, the focus of personal information is also different. The information here is mainly on-chain activities, such as which NFTs were purchased, how many transfer records there were, what chain games were played, etc. These on-chain data will be attached to the identifier.

image description

secondary title

Various Practices of PoP

Proof of Personhood, as the name suggests, is based on the authentication of biological persons, how to effectively distinguish between biological persons and AI. Today, the development of artificial intelligence has reached the point where it can beat humans in many fields, such as AlphaGo defeating the world Go champion. Therefore, to successfully identify AI and biological humans, it is necessary to start with the weaknesses of AI.

First of all, the simplest and most straightforward logic is that humans and AI look different. AI can imitate human thinking, but it is difficult to imitate human appearance, such as pupils, skin texture and other biological characteristics. Therefore, the most direct way is to separate people by showing biological characteristics. This method is called anonymous parties (Pseudonym Parties). Just like participating in an interview, users need to show their face, voice and other biological characteristics by participating in online or offline parties to prove that they are biological people.

Second, another feature that distinguishes humans from AI is their social attributes. Humans are social animals, bound to have social connections with those around them, something that robots do not. Therefore, the Web of Trust takes advantage of this feature and verifies through people's social attributes. If a user uses multiple social platforms for a long time and interacts with others more, the probability of this person being a bot will be lower.

In addition, unlike AI, humans are very good at logical thinking and pattern recognition, which is precisely the point that machine learning is difficult to overcome. Reverse Turing Tests take advantage of this feature. Inverse Turing tests have been around for many years and are widely used. Everyone must have encountered a pop-up window containing nine tiles when surfing the Internet, allowing users to select tiles containing traffic lights/locomotives/zebra crossings to complete recognition. This is the application of the reverse Turing test.

At present, most of the leading projects on the PoP track adopt one or more of the above verification methods. Proof of Humanity and BrightID, for example, authenticate through anonymous meetups and social connections. The logic of these two projects is similar, and both are verified through the video consensus of the small circle. BrightID has also innovated on this basis and introduced a new verification method based on the location on the social network graph - Bitu verification. The method of Bitu verification is to evaluate the degree to which each social relationship of the user is close to the center of the network. If a user associates with an unfamiliar account that has no intersection, they will receive a point penalty, which increases the cost of "doing evil". However, Proof of Humanity and BrightID still have some problems. The first is to require users to "show their faces" and publish some personal data, which sacrifices users' privacy to a certain extent. Another flaw is the high cost of organizing meetings, human verification, and maintaining the PoP network, reducing scalability.

image description

Idena User Verification Level and Number

There is still a long way to go for the exploration of DID and PoP. At present, most DID solutions are dedicated to accumulating on-chain/off-chain data for users, such as the recent hot SocialFi projects, CyberConnect, Galaxy, etc., which build social graphs and user portraits for users. However, the discussion and exploration of "identifier" is relatively lagging behind, and people generally equate the identifier of Web 3.0 with the wallet address. A person can only have a unique identity, but can apply for countless wallet addresses. Fortunately, there is a first step in this direction with Sismo, a DID solution that leverages zk technology and issues badges to users based on on-chain activity.

Users can specify other wallet addresses and collect the activity badges of other wallet addresses under the same ENS domain name. This not only solves the conflict between multiple wallets and unique identities of users, but also protects user privacy. However, users can still claim multiple ENS domain names. At present, the industry's exploration of identifiers has various unique methods, but there is still a long way to go for the widespread promotion of these applications. DID, which is the basis of Web3.0, will be explored by more innovative projects in the future. Stay tuned to IOSG, we will bring more articles about Web 3.0.