1/ On Soul Bound Tokens
Why they are not a great idea imho and also a real-life case study where we decided not to use the - the @unicmetaverse course completion certificates.
As usual, we try to cover the big picture, not every variation.
Why they are not a great idea imho and also a real-life case study where we decided not to use the - the @unicmetaverse course completion certificates.
As usual, we try to cover the big picture, not every variation.
2/ The general theory on soul bound tokens is that certain NFTs should be linked to a specific individual - university diplomas, proof of participation and so on - and, given this, the individuals should not be able to transfer them without the permission of the issuers
3/ I understand why this is superficially appealing.
"We can't have people selling their university diploma on Blur", people say and that sounds sensible.
But this pathway will lead to centralization, for "benefits" that can be achieved in other ways
"We can't have people selling their university diploma on Blur", people say and that sounds sensible.
But this pathway will lead to centralization, for "benefits" that can be achieved in other ways
4/ Let's start with the three main problems of SBTs:
a) They are terrible for security
b) They require centralized issuers to exist forever
c) They impose difficult (impossible?) KYC burdens on issuers
a) They are terrible for security
b) They require centralized issuers to exist forever
c) They impose difficult (impossible?) KYC burdens on issuers
5/ My major concern with SBTs is that people are going to change Ethereum addresses all the time.
From a software wallet to a hardware wallet; from a hardware wallet to a @safe and so on.
There is no time, any time soon, this will stop.
From a software wallet to a hardware wallet; from a hardware wallet to a @safe and so on.
There is no time, any time soon, this will stop.
6/ Despite everyone's best intention, the average NFT user is bad on security, does not take the right steps and "inconvenience" gets in the way.
If we add to this existing hurdle, "go to many issuers to get them to qualify your new wallet," well nobody will do it
If we add to this existing hurdle, "go to many issuers to get them to qualify your new wallet," well nobody will do it
7/ We should not set up a social / technical system that makes the process of changing your Ethereum address even harder and more annoying than it is.
And the more time people spend in NFTs, the more addresses they will have. I started with 1, have dozens of different types.
And the more time people spend in NFTs, the more addresses they will have. I started with 1, have dozens of different types.
8/ The second problem is that the issuer has to support this process, well, forever.
Maybe (maybe) a university can give assurances it will be around in 20 years to KYC your new address.
But the conference organizer for NFT Cancun 25 maintaining their POAPs in 2045? Yeah right
Maybe (maybe) a university can give assurances it will be around in 20 years to KYC your new address.
But the conference organizer for NFT Cancun 25 maintaining their POAPs in 2045? Yeah right
9/ In the last 20 years, "52% of companies on the Fortune 500 since 2000 have either gone bankrupt, been acquired, or ceased to exist"
These are the largest companies and 50% gone in 20 years. 95% of organizations that issue a SBT will not be supporting it in 2045
These are the largest companies and 50% gone in 20 years. 95% of organizations that issue a SBT will not be supporting it in 2045
10/ Even if your issuer (say a university) is around, you are giving them a mission impossible KYC effort.
In other words, how exactly are you going to prove to them that the other (receiving) address is also you?
What off-chain data can you provide to prove that???
In other words, how exactly are you going to prove to them that the other (receiving) address is also you?
What off-chain data can you provide to prove that???
11/ Side note. The whole SBT discussion is not about SBTs but about whether a) we can have enforced off-chain identity on-chain (vs statistical identity), b) if this is desirable and c) what decentralized compromises are needed
This is a much longer discussion and...
This is a much longer discussion and...
12/ ...whatever way it is solved "in general" is also going to be the solution for POAPs and so on specifically.
It is Sybil Resistance in another form, it is a hard problem and it is not solved by adding a second signer to the transfer function on an NFT
It is Sybil Resistance in another form, it is a hard problem and it is not solved by adding a second signer to the transfer function on an NFT
13/ So ok the complaining section of this thread is over. "how would you do it 6529?"
Well, fortunately we are about to issue a university certificate with @giaglis and @unicmetaverse so I will tell you exactly how we will do it.
Well, fortunately we are about to issue a university certificate with @giaglis and @unicmetaverse so I will tell you exactly how we will do it.
14/ Our current plan is to allow students to have their certificate issued to any one of three identities.
a) their ethereum address
or
b) their ENS
or
c) their governmental name
Let's take each of these three scenarios.
a) their ethereum address
or
b) their ENS
or
c) their governmental name
Let's take each of these three scenarios.
15/ If the certificate is issued to 0xFD2200...what are the issues
Well, not to troll, but if the student never moves it, they can, at their option, convert it to an SBT.
The only thing the SBT is telling you "has not moved without permission"
Well, not to troll, but if the student never moves it, they can, at their option, convert it to an SBT.
The only thing the SBT is telling you "has not moved without permission"
16/ So a regularr ERC-721, that has not been moved, has the functionality of an SBT.
This functionality is: "It is held by the address that minted it"
So the user can choose to SBT it or also move it.
OK, what if they move it?
This functionality is: "It is held by the address that minted it"
So the user can choose to SBT it or also move it.
OK, what if they move it?
17/ Well, if they move it, they need to be able to verify to some third parties satisfaction that some random ETH address is owned by the same person as another random ETH address.
This is actually hard to do whether you have an SBT or not tbh!
This is actually hard to do whether you have an SBT or not tbh!
18/ But the solution of letting each 3rd party and each user figured this out themselves is better and more decentralized than putting a central arbitrator of KYC in the middle forever and, for some strange reason, that arbitrator is a university or conference organizer.
19/ "but 6529, what if they go on opensea and sell their certificate?"
I dunno anon, I am pretty sure opensea transactions are visible on public blockchains so you may be suspicious of someone whose "certificate" was bought last week for 0.69420 ETH from DumpTheFloor.ETH
I dunno anon, I am pretty sure opensea transactions are visible on public blockchains so you may be suspicious of someone whose "certificate" was bought last week for 0.69420 ETH from DumpTheFloor.ETH
20/ Presumably the reason people care about this topic so much is because it is being used for important situations like "getting a job"
In that context & if the certificate matters, the employer can check right there on opensea the transaction history of that NFT in 60 seconds
In that context & if the certificate matters, the employer can check right there on opensea the transaction history of that NFT in 60 seconds
21/ If it is too much trouble to do that (because it is not that important that you went to NFT Cancun 2025), then it is definitely not important enough to stick a permanent KYC obligation on the issuer.
Also, in time, there will be automated tools to score all of this
Also, in time, there will be automated tools to score all of this
22/ The second solution I think is better than the first. I think you get a huge level of certainty by issuing the certificate to 6529.eth or credentials.6529.eth or whatever.
Now, to "sell" my certificate/poap/etc, I need to give up my whole online identity and history.
Now, to "sell" my certificate/poap/etc, I need to give up my whole online identity and history.
23/ "But not everyone has such a rich history as you do, at 6529.eth"
Well, I suggest that they start building it. My view is that ENS + a PFP + your transaction history there is likely to be pretty important in terms of statistical identity on-chain.
Well, I suggest that they start building it. My view is that ENS + a PFP + your transaction history there is likely to be pretty important in terms of statistical identity on-chain.
24/ The last option is @unicmetaverse finds some process for people to KYC in with their governmental ID and then we put the govt name on the NFT certificate.
Obviously if it matches your drivers license, who cares about the ethereum address
Obviously if it matches your drivers license, who cares about the ethereum address
25/ So I think these three options are game-theory superior to SBTs.
a) full anon? mint to 0x, don't move it if you want SBT features, move it if needed
b) onchain pseudo: Mint to ENS. That way you can change your address, keep your ENS
c) off-chain doxxed: Mint your name on it
a) full anon? mint to 0x, don't move it if you want SBT features, move it if needed
b) onchain pseudo: Mint to ENS. That way you can change your address, keep your ENS
c) off-chain doxxed: Mint your name on it
26/ Another concept:
ENS is a domain name
ETH addreses are IP addresses
The reason I know I am at Amazon is seeing Amazon.com, not because I checked to see if their IP addresses are the same as they were on July 5, 1994 when Amazon launched
ENS is a domain name
ETH addreses are IP addresses
The reason I know I am at Amazon is seeing Amazon.com, not because I checked to see if their IP addresses are the same as they were on July 5, 1994 when Amazon launched
27/ If you came here for the first time, we care a lot about decentralized systems and the open metaverse
Loading suggestions...