Title: SBT: the Key to Unlock the Future of DeSoc

Author: Huobi Research Institute

Abstract
SBT, proposed by Vitalik inspired by the game "World of Warcraft," is a type of publicly visible, non-transferable token that can be revoked. Accounts bound to these SBTs are referred to as souls, which can correspond to individuals, institutions, organizations, etc., and a single soul can possess multiple SBTs. SBT marks users' characteristics and achievements on-chain in the form of tokens, accompanied by verifiable information. SBT can help users build a native digital identity in the web3.0 world, ultimately realizing the vision of a decentralized society. SBT overlaps with the concept of DID; functionally, both aim to describe user characteristics through certificates or identifiers, thereby constructing a digital identity. SBT is a bottom-up solution and a means to achieve decentralized identity.

Currently, there are 3 main types of SBT-based projects: certificate type, identity type, and semi-credit lending type. Certificate-type projects issue SBT certificates for users' on-chain behaviors, representing users' experiences or qualifications. Partnering projects can rely on the certificates held by users to more accurately target and filter users for other activities or businesses. Identity-type projects can be seen as advanced projects aggregating multiple certificates issued by themselves, directly using SBT as proof of identity and potentially including other certificates such as KYC information. Semi-credit lending projects assess users' credit risk by describing user credit SBTs and provide more capital-efficient services to users with good credit.

The SBT track is still in its early stages, facing challenges such as the lack of unified technical standards, difficulties in balancing privacy protection with verifiability, and vulnerabilities in certain application scenarios. Once a certain foundation is established, new use cases may emerge, such as cross-platform SBTs allowing users more freedom of operation, refined SBTs enabling more precise marketing, and SBT-based credit lending.

This summer, Vitalik introduced the intriguing term "soulbound token" and envisioned its use cases. Inspired by him, a wave of SBT concept projects emerged. Unfortunately, due to the overall downturn in the crypto market, the enthusiasm for SBT quickly waned. In October, Vitalik minted an NFT that can be exchanged for the digital identity of the Republic of Palau (SBT); recently, Huobi Global announced support for Palau ID for KYC identity verification. The magical name SBT has once again captured people's interest. So what exactly is SBT? Is it merely a genius's impractical whim, a flashy concept, or a spark of wisdom that can drive the crypto industry into new fields? This article aims to introduce readers to SBT, exploring its meaning, current development status, and value.

1. Origins: The Past and Present of SBT
1.1 Etymology and Meaning
The term Soulbound originates from "World of Warcraft," where it is a foundational mechanism implemented to define the ownership of certain powerful equipment. When players complete dungeons or specific tasks, they receive corresponding game equipment as rewards; once these items are picked up, they are uniquely bound to the player and cannot be transferred or sold. This special design provides players with a unique experience, contributing to the global popularity of "World of Warcraft" for decades.

With the booming NFT market, NFTs, with their unique and indivisible characteristics, have been widely applied in the confirmation of scarce digital assets, aligning well with rare in-game items. Moreover, they serve other purposes, such as proof of certain abilities, qualifications, or social status. However, due to the free transferability of NFTs, especially with many wealth-generating stories emerging in the past two years, people have become overly focused on their trading attributes. If NFTs are still used as badges or proof of abilities, it becomes impossible to determine whether the holder genuinely possesses the qualification or merely has sufficient wealth. Therefore, Vitalik, inspired by the soulbinding mechanism, seeks to combine the two and explore new application scenarios.

In the article "Decentralized Society: Finding Web3's Soul," Vitalik elaborates on his vision and provides a clear definition of soulbound tokens (SBT). SBTs are publicly visible, non-transferable NFTs that can be revoked. This NFT represents a user's on-chain behavior or experience. Since these behaviors occur on the blockchain, they are inherently traceable. The accounts bound to these SBTs are the souls, which can correspond to individuals, institutions, organizations, etc., and a single soul can possess multiple SBTs. Moreover, SBTs are typically used to constitute commitments, certificates, or affiliations in the social relationships of the web3 world, functioning like an expandable resume that marks the characteristics and achievements of the corresponding soul on the blockchain in the form of tokens, accompanied by verifiable information. Thus, SBT can help users build a native digital identity that mirrors real-world society in the web3.0 world, ultimately realizing the vision of a decentralized society by establishing and continuously expanding this social relationship network.

1.2 A New Solution for Decentralized Identity
Attentive readers may have questions; SBT seems very similar to existing DID tracks, leading to the belief that SBT is a replica of DID. Indeed, these two tracks are closely related, and there are many overlapping concepts. Therefore, it is necessary to clarify the differences between the two and explain their respective values and development paths.

DID stands for Decentralized Identifier, emphasizing decentralization and the hope that users can fully control their identity, rather than having their identity data controlled by large centralized platforms as in the web2 world. This point has been the core narrative of previous DID projects.

As for "ID," there are different interpretations, with dual meanings of "symbol" and "identity." The standard concept of DID was proposed and explained in a working draft on DID published by W3C in 2019. Subsequently, in 2021, the "Decentralized Identifier (DIDs) v1.0 Recommendation" was released, detailing the meaning of DID. It states, "Entities are identified by decentralized identifiers and can be authenticated through proofs (e.g., digital signatures, privacy-preserving biometric protocols, etc.)." From this, it can be seen that DID is a symbol used to identify a particular entity. The standard does not specify what this symbol can identify.

The emergence of DID aims to change the current situation where digital identity is controlled by centralized institutions. It aims to return ownership of digital identity data to users while constructing a global digital identity. Just like a national ID number in real life, each person has only one that cannot be transferred, and all other certificates can be associated with it. Therefore, some prefer to interpret DID as Decentralized Identity, a global identity that encompasses various characteristics of the user.

From an architectural perspective, the DID system roughly includes decentralized identifiers and DID documents, DID resolvers, verifiable credentials (VCs), verifiable data registries, and other components.

In a series of recommended standards by W3C, DID uses verifiable credentials (VC) as a means of verification. VCs are generated by third parties (Issuers) to prove that users possess certain attributes. For privacy protection, users' identity information is typically stored off-chain, and the Issuer has the right to access this data, generating zero-knowledge proofs and uploading them to the chain. This allows for the verification of users' identities without disclosing privacy. Users can store VCs in their wallets for reuse, just like holding other crypto assets.
In this regard, while both VCs and SBTs are solutions for DID, they differ slightly. We summarize the characteristics of VCs and SBTs in the table below.
By this point, it should be clear that the confusing part lies in the dual meaning of DID. When DID projects use a certain identifier to represent general certificates, especially when the certificate is non-transferable, it functions similarly to what SBT achieves. However, when DID is used to represent identity, it is the soul bound by tokens (the Soul Bound by Tokens).

In summary, we outline the main differences between SBT and DID: (1) SBT is a bottom-up solution and a means to achieve identity. It focuses more on what kind of certificates to issue and how to concentrate certain abilities and qualifications in the form of non-transferable NFTs; whereas DID is the result of on-chain identity. It aims to aggregate multiple labels, multiple addresses, or even multi-chain addresses to form a global identity marker. (2) The identity constructed by SBT is a solution based on addresses, while DID seeks to achieve a solution based on a collection of addresses to some extent.

In the future, the ideal state may be as follows: each user corresponds to a unique decentralized identity, under which there are many non-transferable credentials representing the user's experiences, skills, and qualifications in different fields. This identity could be a single address or a collection of multiple addresses.

Thus, the competitive landscape of credentials and identities becomes clear. Any organization can issue credentials to users, which has a low barrier to entry, but it requires several large, influential organizations to aggregate these credentials into a universally applicable identity across multiple applications or even networks, which holds significant value and has a relatively high barrier to entry.

2. Typical SBT-based Applications
Vitalik's paper lists 8 use cases based on SBT, such as reputation provision, SBT community recovery, soul airdrops, soul governance, and soul lending. Therefore, this article will not elaborate further, but will categorize his ideas:

1. Use SBT as a certificate to establish identity;

2. Use the identity established based on SBT to achieve more advanced functions, such as credit lending, more democratic governance, community recovery keys, etc.;

3. Use SBT as a carrier for non-transferable special assets.

Currently, the first two types of applications have emerged in the market. Let's examine the role of SBT and the identity based on it through typical projects.

2.1 Certificate Type
Due to the non-transferable nature of SBT, it is well-suited to represent certain abilities and qualifications obtained by the holder through their own actions, rather than characteristics derived from assets. Currently, SBT-based applications are predominantly certificate-type projects. Representative projects include POAP, Project Galaxy, and RabbitHole, which share the commonality of issuing SBT certificates for users' on-chain/off-chain behaviors. This certificate represents the user's experiences or qualifications. Partnering projects can rely on the certificates held by users to more accurately target and filter users for other activities or businesses. Below, we use RabbitHole as an example to illustrate the typical operating model of such projects. (Some projects issue transferable NFTs for their certificates, but their design philosophy is the same.)

RabbitHole is a reward-based beginner's classroom. It attracts users by publishing rewarded tasks, allowing users to learn and use specific Web3 applications to receive rewards. Rewards include activity-customized NFTs and token rewards provided by the project parties.

To qualify for participation in rewarded activities, users must first complete basic skill learning and certification in RabbitHole's Skills training camp to obtain SBT-form skill certificates. For example, to obtain the Intro to L2 certificate, users need to complete 3 small tasks: transferring ETH to the Optimism network using the Hop cross-chain bridge, exchanging ETH for OP on Uniswap, and minting an NFT on Quix.

After obtaining the skill certificate, users can use it as a prerequisite to participate in more rewarded tasks. For instance, Uniswap previously collaborated with RabbitHole to launch the Learn L2s with Uniswap task Quest. The prerequisite for completing this task was to have Bright ID certification (real person verification) and the Intro to DeFi certificate issued by RabbitHole (the Intro to L2 certificate was not yet available at that time). The Quest consists of 4 small tasks, which involve providing liquidity and trading on Uniswap deployed on Arbitrum and Optimism. After completing these 4 small tasks, users can receive 2 UNI token rewards and an NFT.
Certificate-type projects are somewhat like on-chain data service providers. Partnering projects can directly query the certificates they issue without needing to read users' interaction records personally. This saves partnering projects time and economic costs in processing data. Their profit model is to charge a service fee to partnering projects.

Taking RabbitHole as an example, they operate the entire activity together with partnering projects, including setting the activity start and end times, task settings, rewards and expected participant numbers, community and media promotion, tutorial production, etc. RabbitHole charges a service fee of 20% of the activity reward amount from the partnering party and locks it for 1 year. Thus, this service fee is more like an operational cost, with data usage fees being just a part of it.

The key point for certificate-type projects is to have partners recognize their certificates and conduct activities based on those certificates. On one hand, their income is relatively dependent on the overall market activity level; when the market is active and various projects can allocate customer acquisition funds, their income is guaranteed. However, when the market is quiet, they have little business to conduct. On the other hand, their income relies on their market influence. If a project has been running for a long time, has a large and active community, and can attract user attention, its certificates are more likely to be recognized, thereby generating practical effects.

2.2 Identity Type
SBT-based identity projects use SBT directly as users' identity credentials. In this system, SBT achieves the functionality of DID. Representative identity projects include BAB and the previously mentioned Palau digital ID.

BAB is the first soulbound token based on the BNB Chain launched by the exchange Binance in September 2022, representing the concrete implementation of the SBT concept in the identity verification track. BAB is bound to Binance accounts, follows the ERC-721 standard, and only users who have completed KYC on the platform can apply for it, with a single account ID allowed to mint only one BAB, with a minting fee of 1 BUSD. Once minted, BAB is non-transferable and can only be revoked.
Although BAB is newly created, its practical implementation brings some foreseeable opportunities.

(1) For holders, although BAB's non-transferable nature means it does not have direct financial and wealth value, it represents the on-chain behavior credentials corresponding to that address and can be verified by others. Users only need to hold it to prove that they have successfully completed Binance's KYC process, effectively avoiding being classified as a bot account and missing potential airdrop rewards.

(2) For Binance, it can not only earn some on-chain income by providing a minting channel for BAB but also verify the time users mint BAB to assess their loyalty, and even provide precise services in the future by analyzing the on-chain behavior of holders.

(3) For ecosystem project parties, whether through airdrops or other incentive methods, quickly integrating their ecosystem with BAB to attract this segment of real users is a significant help for their community building and project development. For this purpose, within less than a week of BAB's launch, 14 ecosystem projects within the BNB Chain promised to provide rewards for BAB holders.

The digital ID of Palau is also a type of identity SBT. To apply for this SBT (rental fee of US$ 248 per year), users must go through KYC procedures, including uploading ID photos, profile pictures, and filling in height and weight. Its planned use cases include address verification, KYC verification, access to digital banking, legally verified on-chain signatures, digital company registration services, and other potential products such as asset ownership and insurance. The official statement also specifies that it can be used in any application requiring government-issued ID.

Identity-type projects can be seen as advanced projects aggregating multiple certificates issued by themselves. BAB itself is an identity that contains a user's Binance KYC "certificate," and may in the future include more information such as interactions and holdings on the BNB Chain. The KYC certificate serves as a link between real users and the cyber world, which general blockchain projects cannot issue; only exchanges, asset management companies, etc., can issue them. Well-known exchanges have significant traffic advantages, making them the preferred issuers of SBT-based identities. In the future, it is possible that several large exchanges will collaborate with closely related public chains to issue on-chain identities. This will significantly reduce the interference of bot users in crypto applications, allowing ordinary users to have a more comfortable on-chain experience. If an on-chain identity issued by a certain exchange can gain widespread consensus, even across several public chains, this SBT will attract incremental users and capital for the exchange, achieving a reciprocal effect.

2.3 Semi-Credit Lending Type
Since the summer of DeFi in 2020, lending projects have developed rapidly, but the vast majority are collateralized lending projects. Collateralized lending aligns with the permissionless and low-threshold characteristics of the crypto world, but it has inherent shortcomings in capital utilization efficiency. Credit lending projects like TrueFi, Goldfinch, and Maple have emerged, providing credit loans to crypto enterprises that have undergone off-chain KYC, expanding the lending market scale and improving capital efficiency for institutional traders and crypto enterprises. However, it remains difficult for general users to obtain loans based on credit. One reason is the lack of identity and credit certification on-chain, making it challenging for lenders to assess borrowers' credit risk. This is why Vitalik proposed the concept of "soul lending" in his paper, hoping that SBT could serve as a historical record of credit to prove that users have a good reputation, thus allowing them to obtain loans directly without collateral.

Currently, there are no projects in the industry that fully provide credit loans to general users based on SBT. However, there are semi-credit lending projects that assess users' credit risk levels based on their behavior and adjust their maximum borrowing limits (loan-to-value, LTV) accordingly. We categorize these projects as the second major application scenario based on SBT. Below, we introduce ARCx as a typical representative of how SBT drives the operation of such projects.

First, it should be noted that the term "SBT" does not explicitly appear in ARCx's official documentation, but its approach is similar to SBT, so this article considers it a type of SBT project.

ARCx has launched a DeFi Credit Score similar to SBT. It scores users based on their behavior on ARCx and other lending platforms, with scores ranging from 0 to 999. This score reflects users' risk preferences, risk management capabilities, and understanding of lending products and market conditions. ARCx sets up three tiers of lending pools; the higher the user's credit score, the higher the maximum LTV they can obtain, meaning they can borrow more money against the same value of collateral.

ARCx's credit score is calculated based on users' on-chain interactions with lending protocols (on Polygon and Ethereum), and the calculation formula is fully public. The credit score consists of three main components: daily score rewards, survival score rewards, and liquidation score penalties. Daily score rewards are given to users who use the ARCx platform within 120 days, calculated based on users' borrowing utilization rates (actual borrowing LTV as a percentage of maximum LTV). ARCx's research on Compound found that the most experienced and capable users typically have a borrowing utilization rate around 60%, achieving reasonable maximum capital efficiency while controlling risk. Therefore, when ARCx users' borrowing utilization rate is at 60%, they earn more points, while deviations from this ratio, whether higher or lower, result in a decrease in score growth. Survival score rewards and liquidation score penalties measure how much liquidation risk users face, both of which assess users' performance across all lending protocols. If a large number of liquidation events occur in the lending market, and a user avoids liquidation, it indicates that this user has outstanding risk control capabilities, warranting a higher score. Conversely, if the market is stable and general users are not liquidated, they will not receive a high score. Penalties are more straightforward; if a user has a liquidation record within 120 days, they directly lose 250 points. With a total score of only 999, experiencing a liquidation once in a short period means they cannot access ARCx's highest borrowing utilization pool.

Projects like ARCx operate within the safety range of collateralized lending. They assess users' credit risk through user credit SBTs and provide more capital-efficient services to users with good credit. Currently, this design aligns with the development status of the crypto industry and effectively complements traditional over-collateralized lending.

3. Current Development Challenges in the SBT Track
Despite the emergence of various SBT projects following Vitalik's paper, they still face some development difficulties that hinder further market recognition.
3.1 Lack of Unified Technical Standards
Issuing tokens on Ethereum essentially involves establishing a new smart contract ledger under a certain address, recording all transaction records of users interacting with it. This issuance method has formed several unified standards, such as ERC-20 and ERC-721, allowing developers to construct corresponding types of new crypto tokens by following the rules step by step.

SBT presents a new type of token to the web3 world, but most existing SBTs are slightly modified based on ERC-721, and the characteristics of non-transferability, revocability, and verifiability in its concept do not yet have dedicated technical interfaces in existing APIs. The absence of formally defined interfaces not only increases the security audit workload before contract code deployment but may also lead to unexpected attack events during operation. On the other hand, different token standards for SBTs create additional workloads for other projects integrating them, hindering broader adoption and recognition.

The solution to this problem is relatively straightforward. We need a unified SBT technical standard with broad consensus to lay a solid foundation for SBT applications.

In addition, SBT also possesses programmability, and there is great potential for it to combine with dynamic NFTs in the future, introducing oracles for dynamic updates of attributes. Of course, this needs to be included in its unified technical standard.
3.2 Balancing Privacy Protection and Verifiability
For SBT, balancing privacy protection and verifiability is challenging. On one hand, SBT is generated based on users' on-chain behaviors, making it inherently verifiable. It is precisely because it is verifiable that it possesses credibility. However, on the other hand, SBT summarizes and labels users' originally relatively dispersed behaviors, which increases the risk of user privacy exposure. On-chain analysis tools can easily grasp users' behavioral habits. Especially for projects requiring KYC certification, they face a dilemma: if users' KYC information cannot be verified by a third party, their SBTs will lack credibility to some extent, thereby limiting their scope of use. However, if other entities verify users' KYC information, it inevitably leads to information leakage, such as disclosing users' real-life information and causing unnecessary troubles, which would also damage the brand reputation of the project and the SBT it issues. Therefore, how to ensure user privacy while obtaining as much real user data as possible to construct highly credible credentials is a significant challenge for every SBT project. In the future, technologies such as zero-knowledge proofs and multi-party secure computation (MPC) may be used to balance privacy and verification, thus solving this problem.
3.3 Vulnerabilities in Certain Application Scenarios
Taking the use of SBT for more democratic governance as an example, the current token voting mechanisms relied upon by DAOs often encounter issues such as witch attacks and ballot manipulation. The emergence of SBT can help communities effectively filter out fake bot accounts and external members, alleviating the unfair voting issues in DAO governance. However, the problems of voting in real life also manifest in the blockchain world, such as bribery. With SBT, those with high voting weight souls are more easily discovered by malicious actors; once bribery occurs, it clearly contradicts the original intention of SBT to help achieve fair governance in the community. This issue is difficult to resolve; it transcends the realm of computer science and enters the field of sociology.

4. Outlook: Potential Use Cases for SBT
Currently, SBT and on-chain identity tracks are in their early stages, with more projects focusing on how to issue SBTs. Assuming we have a more unified technical standard that can fully utilize information while protecting privacy, the role of SBT will extend beyond soul airdrops and governance.
4.1 Cross-Platform SBTs Allow Users More Freedom of Operation
Now, internet applications can achieve cross-application logins based on Google, Facebook, WeChat accounts, etc., but users are still often required to fill out the same registration information or undergo a process to prove their usage level when using similar apps. From this perspective, SBTs generated on the blockchain, with publicly accessible information, facilitate sharing across applications and platforms. However, the current application scope of SBT is still limited to certain platforms; if SBT can achieve interoperability in the future, it will greatly enhance user experience. For example, a user of a shooting game who wants to select their favorite game to play long-term can use the "Sharpshooter" SBT issued by game A to compete directly in the expert arena of game B, eliminating the repetitive process of leveling up and accumulating rank. If they abandon game A for game B, game B can pay a certain customer acquisition fee to game A.

4.2 Refined SBTs Enable More Precise Marketing
Currently, SBTs measure user behavior across relatively few and shallow dimensions, mainly including interactions with a certain application and receiving airdrops. Some projects have already recorded and analyzed deeper layers of user behavior; we still need to refine SBT information to reflect various aspects, including the amount of user operations, risk preferences, time periods, and usage duration. Especially when combined with exchange information such as trading frequency and strategy preferences, as well as what news users follow in the media, SBTs can portray this soul more closely to the user's true self. Various projects based on more refined user profiles will conduct more precise marketing activities, finding the most suitable potential users at a lower cost.
4.3 More Widely Applied SBTs Assist in Achieving Credit Lending
The realization of credit lending in real life mainly relies on imposing various restrictions on dishonest individuals. If a borrower defaults, their credit is damaged, and they lose convenience in many areas. For example, restrictions on consumption for dishonest individuals include prohibiting them from taking flights, soft sleepers on trains, or second-class cabins on ships, and from high-consumption venues such as star-rated hotels, nightclubs, and golf courses. They may also be reported to relevant government departments, financial and regulatory agencies, and industry associations for joint credit punishment based on relevant regulations, leading to more economic activity restrictions, including government procurement, administrative approvals, bidding, government support, financing, qualification recognition, market access, corporate matters, bond issuance, and appointments of directors and supervisors.

If we draw on real-life practices to mark dishonest individuals and impose restrictions on their on-chain behaviors, achieving credit lending is not impossible. If certain lending protocols form alliances to issue credit SBTs with industry-wide consensus, and with the cooperation of other protocols and exchanges, they can collectively restrict the behaviors of dishonest individuals, such as refusing to serve them, thus raising the cost of default for dishonest individuals. If compliant exchanges can synchronize users' on-chain default records with traditional financial institutions like banks and act jointly, general users will be less likely to default, making complete credit lending very likely to be realized.

References:

1. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4105763

2. https://vitalik.ca/general/2022/01/26/soulbound.html

3. https://docs.rabbithole.gg/rabbithole-docs

4. https://wiki.arcx.money/welcome/arcx-credit-introduction

5. https://www.163.com/dy/article/FVJK69830511WPT2.html

6. https://www.w3.org/TR/vc-data-model/