Understanding Decentralized Identity DID Popular Projects: ENS and MetaMask

Original Title: “Decentralized Identity: The Passport to Web3”

Written by: Amber Group

Translated by: ETH Chinese Station

The internet has not provided users with a native identity layer, leading to a situation where websites and applications issue digital identities. The siloed approach may have been suitable for the early internet, but with billions of internet users today, the drawbacks of this method are becoming increasingly apparent. Usernames and passwords have become the mainstream paradigm for identity verification, even though they are increasingly seen as an insecure model. Ordinary people have to manage 70 to 80 passwords, which certainly leads to a poor user experience.

In fact, companies like Okta, 1Password, and Dashlane, which manage decentralized accounts for businesses and individuals, generate millions of dollars in revenue. More importantly, users do not actually own their online identities; they rent accounts from companies or centralized entities. As a result, online identities are vulnerable to illegal intrusion, manipulation, censorship, or loss.

Fundamentally, Web3 is closely related to economic transactions, and its emergence re-emphasizes the importance of establishing robust identity systems. Although decentralized identity (DID) is often overlooked compared to DeFi (decentralized finance), NFTs (non-fungible tokens), and DAOs (decentralized autonomous organizations), we believe it is an extremely important technological primitive that can help realize native Web3 applications. If we can create a shared, flexible, and resilient identity layer, we can accelerate innovation by creating a broader design space.

This article will introduce the main concepts of DID, discuss the current DID ecosystem from a high-level perspective, and then delve into some cutting-edge selected projects that are building the foundation of Web3 identity.

Decentralized Identity

The DID (Decentralized Identity) specification developed by W3C (World Wide Web Consortium) is a widely recognized standard to ensure that identity systems can interoperate across different networks and platforms.

Here is a brief description of the DID structure: a DID is an address on the internet that is owned and directly controlled by the user. A DID can be used to look up the associated DID document, which contains information related to that DID. The relevant information contained in the DID document can be used for login, encrypting data, communication, and other use cases. Cryptographic proofs like digital signatures allow entities to prove their control over these identity identifiers.

Basic Components of the DID Architecture

In summary, a DID is an identity hub. Since users control their own identity hubs, they can freely decide when, to whom, and under what circumstances to present their digital identities. As the DID standard is more widely adopted, individuals are no longer limited to a single ecosystem or siloed approach.

DID provides users with identity control, security, privacy, and portability.

New Use Cases Enabled by DID

In real life, identity is essential for a well-functioning society. Governments identify citizens through passports, citizens prove their driving qualifications with driver's licenses, and university degrees grant individuals educational credentials, among others.

Similarly, DID can make high-value internet economic activities feasible. Below, we will highlight some Web3 pain points that DID can address.

NFTs --- Authenticity and Identity

Artists and creators are plagued by issues of fraud and counterfeit minting. Digital artist Derek Laufman, designer of Marvel's Super Hero Adventures, discovered that his work was auctioned on the NFT platform Rarible without his permission. Such incidents are common.

Artists are tormented by NFT scams

Source: @laufman

Woobie.eth: Hi Derek! Have you quietly released some works on Rarible? I'm not sure if that's you.

Derek Laufman: Definitely not me! I thought the point of NFTs was that the work and the author could be verified. But clearly, this can easily deceive people. This platform is a joke.

A robust DID infrastructure can solve this problem. Applications can be built on DID to allow creators to provide traceable signatures for certain NFTs, proving that these NFTs representing some digital or physical asset were created by them. Buyers and sellers can also verify the provenance of digital artworks.

DID also helps facilitate better communication between artists and communities, such as restricting NFT ownership to community members to limit speculation by scalpers, or providing exclusive NFT content to selected holders.

More broadly, NFTs can serve as an anchor point for decentralized identity. Some users have already begun using NFT projects as their online identity identifiers, rather than just usernames. For example, Manifold co-founder @richerd rejected a $9.5 million offer to buy his CryptoPunk #6046 because he believes CryptoPunk #6046 has become part of his identity and brand.

NFTs as Online Identity Identification

Source: @richerd

For the past six months, I have used CryptoPunk 6046 as my identity and built an important brand around it.

As most people know:

@manifoldxyz co-founder

Smart contract artist

Cryptocurrency security

NFT critic

3D glasses connoisseur

@richerd3DAO name used

NFT Degen

My identity, along with the value of other image-based Punks and Bored Apes, has surpassed the NFT itself. We can own our brand, influence, and align with other brands, which is very meaningful.

I value personal branding and identity, so rejecting the above offer was not difficult for me.

Unlocking the Next Phase of DeFi

Mortgages have always been a pillar of DeFi growth. However, because cryptocurrency financial protocols aim for complete trustlessness and permissionlessness, they often require over-collateralization.

For example, when mortgaging ETH for a loan on MakerDAO, the collateralization ratio needs to be between 130% and 170%. Mortgages drove DeFi growth last year, but the collateral requirements limited use cases to most cryptocurrency traders seeking leverage. For most people, the reason for borrowing money is simply that they do not have enough.

To encourage broader adoption of DeFi, lowering collateral requirements or completely removing them is key. If there is a strong DID layer, it could introduce "on-chain" credit scores, allowing users to obtain loans based on credit. Moreover, since users can directly control their credit scores, they can better monitor or adjust their borrowing/lending behavior. Thus, DID can further democratize decentralized financial systems.

Additionally, if financial applications have a strong identity layer, many current issues in DeFi can be addressed. For example:

• By verifying real members, the fairness of token airdrop distributions can be improved while reducing the occurrence of bot dilution.
• Using DID to access DeFi pools can reduce spam or Sybil attacks, while institutions can provide compliance tools to identify trading parties.
• By illuminating trusted participants, it can guide users through the dark forest of Ethereum in a positive-sum manner.

Decentralized Autonomous Organizations (DAOs)

DAOs typically use token-based governance for voting, building influence, and determining the priority of business processes. This approach is generally reasonable (as large holders are often most aligned with the project's interests), but it also excludes active but less-funded contributors or lowers their priority. Furthermore, even if a member is well-regarded in one DAO, they still need to establish credibility from scratch in another DAO.

DID allows users to retain their credibility across different DAOs. Transferring identity credentials between different DAOs (a form of reputation portability we have already achieved in real life) allows active contributors to avoid having to rebuild their credit from scratch.

Moreover, in Web3 contexts such as participating in fundraising on Gitcoin, publishing works on Mirror, and contributing code on Radical, it can better help DAOs find qualified candidates.

The DID Ecosystem

The DID ecosystem can be divided into layers, with each layer built on underlying protocols. We have used and slightly modified the four-layer identity model from DIF (Decentralized Identity Foundation) to illustrate the main projects currently focused on DID. Below is a simplified model, with most being cross-layer application projects.

Layered Decentralized Identity Ecosystem

Source: DIF, Amber Group

Layer 1: Identifiers and Standards

Standards, identifiers, and namespaces collectively build a public trust layer, ensuring their standardization, portability, and interoperability. They also allow networks to register and manage DID methods, providing developers and users with the rules and environment for network identity systems.

DIF (Decentralized Identity Foundation) is the core of Layer 1 and the foundation of the ecosystem. DIF is the development, discussion, and management center for all activities, creating and maintaining an interoperable and open ecosystem for the DID stack.

Layer 2: Infrastructure

Infrastructure and agent frameworks enable direct interaction between applications and allow applications to interact directly with verifiable data registries. These solutions include communication, storage, and key management. Ceramic and ENS are leading projects in building DID infrastructure (although the classification of ENS is still under discussion, we categorize it as part of the infrastructure layer because we anticipate that future identity credentials and applications will be built on ENS).

Layer 3: Credentials

We need to manage and update identity credentials, and they need to be interchangeable. This layer aims to address how DID determines "proof of control" and "proof of authentication" for identities, as well as how to securely transmit data between identity owners.

BrightID is a noteworthy project in this field. It is a social identity network with over 30,000 users, allowing users to prove to applications that they do not have multiple accounts, thereby minimizing the chances of Sybil attacks.

Vitalik Buterin Discusses the Potential Applications of BrightID

Source: @VitalikButerin

Project idea for future hackathons: sentiment futures. Conduct a poll on some users a few months later (for example, every user with BrightID agrees to answer questions): "Do you agree/disagree…?" Then create a prediction market based on the poll results.

People have already attempted to launch UBI (Universal Basic Income) tokens or similar projects; the biggest challenge is the lack of a strong identity model to ensure security. I believe projects like BrightID may be a way to address such issues.

Layer 4: Applications, Wallets, and Products

This layer may be the most familiar to readers and provides practical use cases and value for consumers. Some projects, such as Goldfinch (unsecured loans), use proprietary and unique entity verification but will only implement them when DID technology matures. In contrast, other applications are already using existing DID technology, such as TrueFi (unsecured loans using on-chain credit scores), Gitcoin (public goods fundraising), and Ethsign (decentralized electronic agreements).

Layer X: Horizontal Projects

These projects greatly exceed the scope of a single layer and impact applications across multiple layers. For example, the European GDPR (General Data Protection Regulation) affects all areas of the ecosystem.

Token Value of the DID Ecosystem

Source: CoinGecko, Coinmarketcap data from November 22, 2021

Chart Translation:

ENS: Public registry of Ethereum addresses

Ontology: DID blockchain providing data certification and data trading market

Civic: Identity verification for KYC (Know Your Customer) and AML (Anti-Money Laundering)

SelfKey: Non-custodial DID wallet

ArcX: Decentralized on-chain credit and credit score protocol

Bloom: Decentralized identity verification and credit scoring

Idena: Personal blockchain proof ------ nodes related to identity

BrightID: Social identity network providing unique identities

Selected DID Projects

Ethereum Name Service ------ Public Registry of Ethereum

Ethereum Name Service (ENS) is a foundational tool that can convert any Ethereum address into a public registry. ENS primarily maps human-readable names to machine-readable identity identifiers.

In other words, you don’t have to transact under the address "0x7fc7a9694A09077e137f953108265ad59cCF5ba3"; you can instead use "amberfin.eth".

Due to the hierarchical nature of ENS, individuals owning domain names can also own subdomains. For example, if Amber Group owns the domain "amberfin.eth," it can also create the subdomain "pay.amberfin.eth." ENS domains also support text records, allowing users to store various types of data (all associated with the same identity identifier). In this setup, no centralized entity or company is involved.

ENS Records of Amber Group

The use cases for ENS continue to grow. In August of this year, DNS was fully integrated into ENS, meaning you can send cryptocurrency to "example.com" instead of just "example.eth."

Additionally, domain names with the ".eth" suffix can also be used to build decentralized websites. For instance, Ethereum co-founder Vitalik Buterin utilized this DNS integration, along with IPFS (InterPlanetary File System), to create a robust and censorship-resistant website.

In the future of portable and decentralized identity, ENS will play an important role. We can register ENS as a representative of DID, allowing ENS names to encapsulate into DID to facilitate interoperability. Many Web3 users have already begun using ENS as their identity identifiers.

In a survey of approximately 300 Ethereum users, about 64% reported already owning ENS. On-chain analysis shows that the average ENS user holds 2.5 domain names. With the rollout of additional features (such as support for NFT avatars) and increasing support for ENS from decentralized applications, more and more Web3 users will use ENS as their public identity on Ethereum.

Uniswap Supports ENS Domain Names and Avatars

ENS Ecosystem

On November 2, 2021, ENS announced decentralized governance by accepting applications for ENS DAO representation while airdropping governance tokens ENS. This ENS airdrop accounted for 25% of the total supply, with the remaining tokens distributed to the community treasury and contributors. The token distribution essentially allocated half for the past (previous contributors and users) and half for the future (community treasury).

ENS Token Distribution

ENS token holders only have governance rights over the DAO and do not receive any additional monetary value. Notably, ENS token holders must sign the "ENS Constitution" to claim their tokens. The ENS Constitution emphasizes several important principles, such as enforcing property rights, avoiding rent-seeking behavior, and integrating global naming spaces. Therefore, one of the most exciting aspects of the ENS token is that it conducts a large-scale experiment: how the market prices digital public goods.

ENS has generated nearly $20 million in revenue, most of which comes from new domain registrations, and this revenue will go to the DAO community treasury.

ENS Monthly Revenue

Source: Dune Analytics (@makoto)

ENS transaction revenue continues to rise, indicating that users are choosing longer registration durations when registering domain names, or that the value of domain names is increasing (for example, holding shorter names), or possibly both.

ENS Revenue per Transaction

Source: Dune Analytics (@makoto)

After hitting a high of around $8.4 billion intraday, as of the writing of this article, ENS has a fully diluted market cap of about $4.2 billion, which means that based on data from the past year, ENS's price-to-earnings ratio has increased 236 times.

(Fully Diluted) ENS Market Cap

Source: CoinGecko

Metamask ------ Gateway to Other Blockchain Apps

In the new technological paradigm, the solutions that users interact with most frequently often have a significant impact on the future development of the industry. Just as browsers were the battleground for Web1 (Netscape, Internet Explorer, Google Chrome), and applications were the battleground for Web2 (Facebook, Instagram, Netflix, Spotify), wallets may become the battleground for Web3.

If you have interacted with Web3 applications, you have likely used Metamask. Launched in 2016 by ConsenSys, Metamask is a non-custodial cryptocurrency wallet that allows users to interact with the Ethereum blockchain or any Ethereum-compatible network (such as Polygon, Arbitrum, Avalanche).

Although Metamask does not specifically focus on decentralized identity, as an application that helps users access Ethereum addresses, it has over 21 million monthly active users. Similar to single sign-on (SSO) in Web2, almost all EVM-compatible Web3 applications can "log in with Metamask."

Login Options for Augur (left) and OpenSea (right)

Metamask serves as a powerful mental model, showcasing what a broader DID solution might look like while also highlighting the potential and risks of identity autonomy. Since Metamask users hold their own private keys, they truly own their assets in their wallets.

At the same time, there is no need for a third party to secure or custody the assets. Additionally, users can seamlessly migrate assets between applications. NFTs purchased on SuperRare can easily be sold on OpenSea, reducing platform lock-in and enhancing asset portability. The user experience is greatly improved—no more dealing with cumbersome login steps or managing numerous usernames and passwords; logging into new applications only requires connecting to the Metamask wallet.

While "connecting a wallet" may seem decentralized, it is important to note that the differences between these wallets lie only in the user interface; in reality, they all use the same underlying account system—you can also import other wallets on Web3.

Importing Accounts into Metamask

However, hacking and scam incidents continue to occur frequently. Web3 users must remain vigilant about wallet security to avoid losing all their assets. Even forgetting a wallet's mnemonic phrase can lead to permanent loss of all assets. Therefore, some users choose to entrust third-party custodians to manage their accounts and ensure their security.

Metamask is expected to gradually transition to a decentralized governance model. ConsenSys founder Joseph Lubin recently hinted that Metamask will issue tokens soon. Metamask senior software engineer Erik Marks stated, "We are open to the idea of releasing a community governance token for Metamask."

While the Metamask team aims to make the use cases for the Metamask token more attractive, some speculate that if Metamask decides to airdrop, using the swap feature will be a determining factor for receiving the airdrop.

Consensys CEO Discusses Metamask Token Issuance

Source: @ethereumJoseph

Andrew T: I bet Metamask won't issue a token because JPMorgan owns at least 10%, and they don't want to see a token on the balance sheet.

Joseph Lubin: Hi Andrew, ConsenSys's balance sheet has thousands of tokens. Employees of ConsenSys, including myself, have significant control over the company. We also have several projects advancing decentralization. When will we issue tokens? Stay tuned. Can you provide an objective report when the time comes?

Metamask primarily profits through its embedded swap feature, aggregating data from decentralized exchange aggregators, market makers, and DEXs, charging a 0.85% swap fee on quotes. Since the beginning of this year, the usage of the swap feature has increased significantly—over the past month, Metamask has earned about $40 million in swap fees.

Daily Traffic of Metamask Swap and Daily Active Users on Ethereum L1

Source: Dune Analytics (@tomhschmidt)

In fact, the revenue growth of Metamask's swap feature far exceeds that of Sushiswap and Curve.

Metamask vs. Other DeFi Protocols in Revenue

Source: Dune Analytics (@momir)

Uniswap and 1inch are the leading DEX and DEX aggregator on Ethereum, respectively, and they constitute most of Metamask's liquidity sources.

Liquidity Sources for Metamask Swap

Source: Dune Analytics (@momir), November 21, 2021

The potential valuation range for the Metamask token is broad. Equity valuations cannot be directly compared, but the recent equity financing by ConsenSys (valued at $3.2 billion, raising $200 million) provides a rough valuation range for the Metamask token (when Sky Mavis's equity value rose to $3 billion, the total value of the AXS token was about $4-5 billion). Direct comparisons of tokens can also yield a wide range. Based on a multiple of $500 to $1000 per MAU (monthly active user), Metamask's valuation range is between $10.5 billion and $21 billion.

Valuation Benchmark for ConsenSys

Source: Public filings, Capital IQ, CoinGecko, Amber Group estimates

Ceramic

Ceramic is a public decentralized data network for managing dynamic, variable internet information. By establishing a flexible primitive, known as Ceramic streams, developers can build applications without databases or servers.

In Ceramic, each piece of information represents an append-only log called a stream. Each stream is stored in IPLD as a directed acyclic graph (DAG), named with an immutable StreamID, and has a verifiable state called StreamState.

Streams conceptually resemble Git trees, where each stream can be viewed as its own blockchain, ledger, or event log. Tile Documents are one type of Ceramic stream (StreamType) commonly used to replace identity metadata (such as profiles, social graphs, associated social accounts), user-generated content (blog posts, social media), DID documents, verifiable identity credentials, and more.

This protocol does not rely on any specific blockchain. Instead, it can be seen as a "document chain," where verifying the status of a specific document only requires the user to sync the data within that document. Users do not need to sync the entire state of the network like most blockchain networks (such as Bitcoin, Ethereum). Therefore, there is no global document ledger.

One of Ceramic's key tools is IDX (Interoperable Decentralized Identity Protocol), which provides a unified storage space for all application-registered and discoverable data sources associated with a user's DID. IDX can be seen as a decentralized user table.

Thus, users can control their personal identity and data through IDX, preventing information from being locked in a single application, better protecting data, and facilitating data transfer between different applications. Similarly, developers can build data-rich applications without requiring users to repeatedly input the same information across each application.

In the DID technology stack, Ceramic serves as important middleware. Some projects built on the Ceramic network have already seen its appeal and market fit, including:

• Boardroom: A DAO governance management platform that uses Ceramic to store proposal opinions.
• Rabbithole: Encourages people to use Web3 project applications, allowing them to earn points and cryptocurrency on Rabbithole. Rabbithole uses the Ceramic network to connect multiple Web2 and Web3 accounts to a unified and cross-chain DID, also supporting the use of users' reputations across different Web3 applications.
• ArcX: A decentralized application providing on-chain credit scores and distributing "DeFi passports" as identity.

Conclusion

The internet may be the most important invention of the century. Over the past 20 years, the internet has transformed the fundamental nature of social information flow: media, politics, news, education, social interaction, and more. Even as more economic activities move from the physical to the virtual, online identities still cannot be truly owned by users, existing in isolation across different platforms.

As the value of the internet continues to manifest, we need robust DID solutions to make Web3 mainstream through the realization of new use cases. Although DID is still in its early stages, the future is bright. With the composability and interoperability of DID standards, the momentum for development will emerge from the combinations between new applications. We look forward to seeing the importance of DID solutions grow exponentially in the coming years, unlocking the next cycle of Web3 applications.