Corporations own the Internet

Your digital identity, the unique online presence that is, “you”, is traded, bought and sold by a handful of corporations worth billions (e.g Facebook, Google, Twitter, Amazon). It’s safe to say that most everyone’s digital identity—and all the value linked to that identity—effectively depends on these behemoths. As the Internet takes on even greater social and economic significance, platforms positioned as the de facto “identity providers” of the Internet will continue to solidify their role as the gatekeepers of our online interactions.

That’s a problem

Zuckerberg, Jeff Bezos, Darth Sidious et al. didn’t become our shadowy overlords by filling out a form at the DMV—the fact that we’re all using the same core group of online platforms built around the basic social and economic functions of Web 2.0 is simply an example the network effect in action. (The more users a platform has, the more utility it has, causing more people to join, increasing the utility further, entering a positive feedback cycle). And that was fine, at first.

But the thing is, networks are not like memes: Networks have inherent staying power. Despite how (relatively) easy it’s become to build and deploy a social app, it’s harder than ever for nascent online communities to self-organize in a truly organic and independent way. Niche applications aside, any coder who sets out to create a new social app that provides functionality comparable to Facebook (but with guarantees to handle users’ data more ethically, perhaps) must compete with a consolidated network that already has billions signed up. That’s a massive barrier to adoption, and it’s the reason why, by now, most new online spaces emerge as subsets of an existing user base (e.g. Facebook groups, subreddits). It’s easier to start something when everyone doesn’t have to make a new account, but this process has already begun to undermine the (biodiversity?) of the global abstract spaces that we inhabit, making them all a bit more drab, sterile, and ad-optimized.

What does it mean for an identity to exist on the Internet?

Network neutrality is being threatened not only at the ISP level (i.e. the network/transport layer) but also in the application layer: just as companies that own the infrastructure delivering the raw data should be required to operate on a level playing field, apps that handle meaningful social data (profiles, posts, follows, ratings, etc.) should succeed on the basis of how effectively they can deliver, organize, and provide interfaces to social data—not by keeping users tied to their ecosystem, tracking them, and monetizing their attention. Facebook, Google, and Twitter have become the Internet’s source of truth for establishing “who is who”, “what is what”, and “who posted what and when”. Because information about such relationships is siloed in the databases controlled by these companies, profiles and posts can’t easily be translated to other contexts without abandoning their accrued value: centralization of the social application layer has made individual users and whole communities vulnerable to being “de-platformed”. Regardless of one’s views on the relative importance of free expression vs. other ideals, the fact that private, for-profit corporations are unilaterally drafting the policies that effectively determine, for most of the world, who gets to have a voice and who doesn’t seems like something that we can all agree probably isn’t a super good idea.

Let’s keep things interesting

To achieve “net neutrality” in the social layer (maybe it should be called “app neutrality”…) users and user-created content must be universal, which is to say that the social context of such data (i.e. the who/what/when) must somehow be contained not in the platform hosting the data, but in the data itself. Such universality makes data extremely resilient because it can be hosted by anyone while retaining the same level of trust and—critically—also makes it possible for users to move to another platform easily and without losing their reputation, contacts, history, etc. Instead of “Facebook usernames”, “Twitter usernames”, and “Google usernames”, what’s needed to address the root cause of social media homogenization is a way for people to make, simply, “a name”. A truly universal name would need to be able to be utilized by any platform as a globally unique identifier but at the same time not depend on any platform for its very existence.

But how?

Cryptographically signing all interactions between humans and apps with a key linked to one’s name on an immutable public record results in a global superset of identities abstracted from the social application layer. Like the Hydra, data and the relationships between them become almost impossible to stamp out since they can be re-hosted by anyone with the same level of trust.

Snakes. Snakes is how.

Public key cryptography has been around since the 1970s. In this scheme, keys are created together in pairs consisting of a public key (which, as the name suggests, is shared publicly) and a private key (which is kept secret by its owner). One of the main benefits of this approach is the ability for someone to create a digital signature, which means that anyone else who has the signature and the data that was signed can mathematically determine the corresponding public key of that specific private key which signed the data. This property is very useful for proving one’s identity to strangers and has been used in all sorts of applications. It’s how your browser knows that the connection to your bank’s website isn’t being tampered with and it’s also how the document signing feature of Adobe Acrobat works. So why, then, if it’s so easy and has existed for so long, are we still reliant on platforms owned by corporations to vouch for our identity on the Internet? Couldn’t users, instead of proving their identity with a username/password combo stored in each platform’s database, just send a signed message like “Hi it’s {me}”, “Post {something}”, or “Authorize {action}” to every app they wanted to log in to or interact with?

Technically yes. Practically speaking? Not so much. The downfall of public key cryptography (in the context of it maybe being a viable user-auth system) is that even if the receiver of a message can know for sure which public key is associated with a given signed message, how do they then find out who the public key belongs to? You could use the public key itself as the unique identifying token (i.e. as the username), but that isn’t a great option—not only because the key is a long, unmemorable string of letters and numbers, but also because it will become useless if the owner ever loses the corresponding private key. If only there were something like a global address book where you could just look up which key was associated with which identity, and also, as the owner of the identity, seamlessly update the key linked to your name if you ever needed to… hmm…

Decentralized networks hold the key (quite literally)

Bitcoin demonstrated that it’s possible to reach agreement about highly specific information (in Bitcoin’s case, basically just a ledger mapping addresses to balances) systematically and without assigning special privileges to any particular member, or node. Turing-complete Ethereum takes that capability one step further, making it possible to reach global, decentralized, “leaderless” consensus about anything (well, anything that be represented in a computer, like, say… an address book?)

alias.earth lets you use your Ethereum address as the manager of your name on the blockchain. This means your identity belongs 100% to you and can never be revoked by anyone. You also have the option to set a “recovery address” which functions as an offline fail-safe to reassert ownership of your identity in the event that your primary address ever becomes lost or compromised.

alias.earth

The way alias.earth works is actually quite simple. Each person’s chosen name, or alias (something like “alice”, “bob”, or “老子”) is linked to that person’s key on the Ethereum blockchain. Apps that want to know who signed some data can decode the signature to find the key, and then just look at the blockchain to find the person with whom that key is associated. We’ve created a high-level JavaScript API and a library of minimal-configuration React components that work with MetaMask (such as a login button and embeddable self-verifying messages) to make it really easy for developers to use alias.earth in their own apps.

The Internet’s identity infrastructure shouldn’t be owned by anyone. Web 3.0 hasn’t yet merged with the social web, so now might be a unique opportunity to strengthen the fabric of the Internet by deploying new architectures explicitly aligned with the global public interest.

We (stuart and ryan) don’t control alias.earth—the contract is on the blockchain and all the libraries are open source (if it were possible to shut down alias.earth that would defeat the purpose of building it in the first place). We’re not shilling a token. We’re two developers who quit our jobs to make this idea a reality because it feels like our planet is nearing some kind of tipping point. Global consciousness is expanding, but at the same time it’s beginning to seem that if the future of humanity doesn’t turn out like Star Trek (!), the alternative is Mad Max. Terrifyingly, smart money is betting on the latter. It’s a wild time to be alive.

In the last decade, technology that lets anyone talk to anyone, any time, from almost anywhere (literally anywhere if/when Starlink gets up and running) became commonplace. These newfound god-like powers could (in principle, over the next few decades) be used to politically organize and demand that the oceans and remaining forests be protected, crowdfund critical research, and, in general, raise the collective vibration of this pale blue dot. But the reality is that the Internet—our most powerful medium for collective action—is rapidly devolving into an ever more pervasive surveillance and profit-extraction machine. Political “solutions” (at least in the U.S.) have proven to be utterly farcical and there’s no reason to think this will change in the near term. Leveraging the unique capabilities of decentralized networks like Ethereum to begin implementing an open source technical fix is the most realistic way to stop corporations from eating the Internet and, by extension, the biosphere—it’s a shot we have to take.