The Internet has democratized information sharing, but, like any complex socio-technical system, it tends to concentrate power. These vast and growing accumulations distort everything that comes under their sway, much like gravity around a massive star. Consequently, we find that the Internet today is a profoundly undemocratic place, the opposite of what was intended for it: Technologies designed to liberate and equalize have delivered a world of total surveillance for the benefit of corporations and repressive governments. The individual finds their private information under the absolute control of external parties.

We have come to understand the need to return to the Internet as it was envisioned, to reassert our right to the direct ownership of data and restore the ideals of decentralization that would allow for equality, autonomy, and privacy.

The sharpness of this need fueled the development of blockchains. And for all the talk of revolution in the Internet age, the rapid overturning of an existing order is, in truth, relatively rare. Yet blockchains have planted revolutionary seeds no less than twice in recent memory. We at Idena aim to spearhead the third.

Bitcoin as the first step: direct ownership of money

Bitcoin was the first blockchain revolution. What makes it revolutionary? There are two key factors.

First, Bitcoin supports direct ownership of value. It removes the need for a custodian, be it a bank, trust company, or brokerage, to participate in a market with global reach.

Second, and perhaps more importantly, Bitcoin is not the electronic representation of a fiat currency or any other real-world asset; it is itself a currency, only one that exists natively in electronic form. This is a fundamental distinction that separates Bitcoin from everything that came before it. Traditional electronic payment methods like PayPal merely stand in for fiat currencies. But Bitcoin makes no similar reference. Like a physical fiat currency, it carries its own agreed-upon value.

Ethereum as the second step: decentralized governance

The second blockchain revolution was Ethereum, but not for its cryptocurrency. Ethereum’s killer application is governance. Its crucial innovation of smart contracts holds the potential to reinvent human organization, because it allows for a decentralized governance model. The dreams of direct democracy going back to the origins of western civilization, which were unattainable for sheer logistical hurdles, are today, at this moment, within reach. The technology exists; we have only to deploy it.

But then: a step backward

Bitcoin brought censorship-resistant digital currency. Ethereum brought leaderless governance. Even so, as these blockchains grew, they began to evince antidemocratic tendencies with the emergence of strata and power centers.

Users became frustrated with centralization in blockchains expressly designed for the opposite. Power was pooled in the hands of a very few of the largest exchanges and miners on the blockchain, leading to the formation of cartels and providing the mechanisms for distorting governance. At present, there are just six mining pools controlling 80 percent of the Bitcoin hashrate, all located in China; while two pools control fully 51 percent of the Ethereum hashrate. The top 400 addresses own 53 percent of all Ethers, and Proof-of-Stake only makes this distribution more extreme: The rich get richer — such is the nature of capital. But perhaps not every resource can be exploited in this way.

A new approach to digital identity

As it happens, there is such a resource. Human personhood is the only scarce and evenly distributed resource on Earth that cannot be controlled by capital. We need to take the next revolutionary step: to formalize the human person, to create a new kind of digital identity to match to the censorship-resistant cash of Bitcoin and the decentralized governance mechanism of Ethereum to unleash its full potential. But what would this revolutionary identity look like? Would we recognize it when it appeared?

Technologists are in broad agreement about the attributes that a new identity model should possess. Identity should be global, unique, privacy-preserving, and specific to a human person, not a computer algorithm. But many of the proposed solutions to decentralized privacy-preserving digital identity make too many concessions to the status quo by failing to address the nature of the problem or by actively championing the kinds of policies that make the current conception of digital identity unsustainable, undesirable, and ineffective. What is called “decentralized” is demonstrably not. What is called “direct ownership” is demonstrably not. What is called “revolutionary” is just more of the same.

The two major approaches to digital identity — SSI and web of trust — fall short of their own ideals and cannot show a new way forward.

SSI: credentials-based identity

SSI, or self-sovereign identity, is one possible approach to digital identity. We discussed it briefly in a previous article, but the main idea behind SSI is to replace a human gatekeeper for identity verification with a decentralized open algorithm. Other projects might understand SSI differently, but we draw from the original formulation as set forward by Christopher Allen in an influential post.

Under this model, an individual must present one or more identity markers or verifiable claims to demonstrate that they are who they say they are. Verified users receive a private key that they physically own and control, which gives them access to the blockchain network. Credentials vary according to the application, but they could and would most likely include personally identifiable information such as a state-issued ID or a passport. Allen, perhaps realizing the implications of misuse, states:

In the creation of a self-sovereign identity, we must be careful to protect the individual. A self-sovereign identity must defend against financial and other losses, prevent human rights abuses by the powerful, and support the rights of the individual to be oneself and to freely associate.

But the possibility of this is very much in doubt. Once the digital identity is positively correlated with any association of the physical identity, it has added a layer that can be tracked, surveilled, stockpiled, sold, analyzed, and transmitted without the individual’s knowledge or permission. Moreover, this information resides with someone other than its owner, alongside the information of every other user on the network, which creates conditions of data concentration and presents a convenient target for theft.

The answer to this objection is decentralization. But the verification mechanism is not truly decentralized, even if it removes a human gatekeeper, because the algorithm assumes the role of a central authority. The verifiable claims must be validated somewhere; this information must be stored, which is to say centrally regulated. We have merely changed the stockpile. And not every implementation of SSI is fully automated. An individual might be able to verify their own credentials or be subject to conflicting verification standards.

In either case, the individual surrenders control of their personal information once they have submitted it for verification. They cannot control where else it might go. They cannot revoke it if they so choose. They are not the owners of their own identity. They have, at best, leased it from the validators, who cannot be ideal custodians, even assuming good-faith motives. The individual’s data must be stored persistently to avoid the duplication of registrations. There might also be a need for verification across validators, leading to more unauthorized data transmission to yet another centralized location. This cannot be direct ownership by any reasonable definition.

Other difficulties present themselves. First, in cases where SSI does not prove the uniqueness of the individual, one person might have multiple valid digital identities. But in cases where SSI does prove the uniqueness of the individual, validators can store the proof of that forever.

Second, a user could with modest means fake or forge the documents that support the identity, and the holder of these documents need not be human.

Third, SSI strains at the global level. There are insufficient checks on despotic authority and no way to mediate among competing standards, whereby a government could issue official credentials to validate fraudulent identities wholesale. Or bias could creep into the verification algorithm, which might find American credentials more trustworthy than, say, Nigerian ones.

As it is increasingly put into practice, we have found no difference between its methods and those that it purports to overcome. It claims to be decentralized, but it is not. It claims to offer direct ownership, but it does not. When pressed, proponents of SSI concede these points but indicate that it is the best that they can do. If so, then SSI has no solution to offer.

Web of trust: reputation-based identity

Through another approach, the web of trust, participants on the blockchain validate each other by nothing more sophisticated than their reputation. Think of it as the friend-of-a-friend principle: If Person A can vouch for the authenticity of Person B, who can vouch for the authenticity of Person C, then Person A has reason to believe that Person C is a human individual, especially when Person Y and Person Z are making the same claim. String enough of these kinds of endorsements together, and a decentralized network of verified participants emerges, with no upper limit in terms of capacity. A global web of trust is not inconceivable.

This approach improves upon SSI in that it is more fully decentralized, but in other respects it is no real improvement. To start, the criteria that one uses to vouch for another person are, by design, entirely subjective. Participants with less rigorous verification standards might vouch for the names that they recognize from their social media feeds without knowing for sure whether those accounts belong to bots, a non-trivial issue on most platforms.

Likewise, nothing is preventing a user from intentionally vouching for bad identities. Fraudulent or unreliable accounts might eventually get downvoted by the network’s crowdsourcing logic, but that can happen only after the fact, once the identities have begun interacting. As a result, one is left without any certainty that any given identity is legitimate, which is no better than where we are at present with social media.

The web of trust also penalizes the less well-connected. Not everyone is gregarious or a natural networker; also, not every country participates on the Internet equally, and some subgroups within larger populations are actively excluded from access. Who is to vouch for these in a web of trust? An actual person with few in-group connections might fit the profile of a fake account, while an account with high visibility and hundreds of followers might be an algorithm.

This highlights a significant problem with the web of trust approach. To become a candidate for verification in the web of trust requires more than just a physical identity (or, in the instance of an algorithm, not even a physical identity). It requires connections and a certain level of engagement. It becomes a test of one’s social identity as distinct from one’s cogito or I — one’s fundamental self-relation, which exists apart from the interpersonal. Isolate an individual from their community, and they do not cease to be a human person, nor do they cease to be a human person if their government denies them access to trust. A decentralized network of interconnections does not account for cases like these. It cannot correct a popular fiction or bring to light an unpopular fact.

Why cryptoidentity is different

Bitcoin stood finance on its head by recreating fiat currency in a digital context, with far-reaching consequences as to who has access to global markets under what conditions and by which constraints. Ethereum created the conditions for decentralized governance, promising fairer and more equal social and civic outcomes.

Our guiding principle at Idena is to apply a similar kind of thinking to the challenges of digital identity: to abstract the essential characteristics of the physical identity and create its digital counterpart, one that does not merely point to some other marker but that is, by its nature, a marker of its own. And we want the existence of the digital identity to infer the existence of the physical one without disclosing any other details about it. We cannot reveal a user’s gender or date of birth, because we do not leverage this information. We require only that they be a unique human person. Their reputation is between them and their social media followers.

With the examples of Bitcoin and Ethereum as our guide, we can enumerate the following desired characteristics of a digital identity in the new emerging decentralized world:

The identity must be anonymous and privacy-preserving.

The identity must be global and verifiable online.

The identity must be decentralized and resistant to censorship.

The identity must be Sybil-protected and unique.

The identity must be open and permissionless.

We define cryptoidentity as a manifestation of a conscious human that can be proven online .Digital identity is represented by personally identifiable information. By contrast, cryptoidentity does not need personal data or verifiers to confirm you as a real person. It requires instead a two-part proof: of humanness and uniqueness.

Let us see how Idena meets the suggested identity criteria creating cryptoidentity.

No personal data sharing to preserve anonymity

Idena does not require any personal data or documents sharing and does not reveal a person’s identity. To create a digital person, you should receive an invitation code from a validated participant of the network and use the code to apply for validation.

Reverse Turing tests to prove humanness online globally

A Turing test is widely used online to tell humans from bots in the form of the CAPTCHA. But it turns out to be useless as it relies on a kind of perception for which AI can be trained.

Idena proposes a language-neutral AI-hard test that conveys narrative rather than semantic meaning. A flip, “Filter for Live Intelligent People”, utilizes four images that act like the scenes in a movie. To solve a flip, you choose between two sequences of these images, only one of which makes narrative sense. The other one is deliberately distorted so that the picture sequence would not make up a story (read more here).

To make a flip truly AI-hard and to avoid the need for a trusted third party, flips must be human-generated. In Idena flips are created by validated participants, encrypted and stored in the P2P network.

Collective decentralized and resistant to censorship self-validation

The results of the test are collectively self-validated. This is done statistically as the accuracy rate of the test’s completion is known, so there is no need for a trusted third party.

The network reaches consensus on the flip answers, scores the accuracy, and approves validated identities. All the validated participants receive a reward in coins that can be used for the network services.

Time synchronization to verify the participant’s uniqueness and secure Sybil-protection

A validation that takes place at a synchronized time will allow verifying uniqueness of the network participants.

Idena certifies a participant’s humanness and uniqueness for the consequent epoch (a time period before the next validation session) during regular validation sessions. At a certain known time, flips are assigned to all participants of the network and solved by them within the allotted time period. All the answers are transacted to the network.

The participant’s identification persists for as long as the current epoch lasts. During the epoch, the validated participant gains special privileges, including the ability to invite new users, mine new blocks and get rewards, propose protocol improvements, and create new flips.

After the validation expires by the end of the epoch, participants revalidate themselves with a new synchronized test.

Permissionless blockchain as a novel way to create digital personhood

The Idena blockchain is driven by proof-of-person consensus: Every node is linked to a cryptoidentity — one single person with equal voting power.

***

In our view, these are the areas where SSI and web of trust fall short. Idena embraces all the necessary criteria allowing for the breakthrough ideas that cannot be realized otherwise: true anonymous authentication, privacy-preserving Sybil-protected governance and fair voting for online communities and DAOs, global universal basic income initiatives, and Sybil-protected direct marketing.