DAOstar One (Internal)
DAOstar One (Internal)
/
🏳️‍🌈
How does identity work within DAOs?
🏳️‍🌈

How does identity work within DAOs?

This is a short questionnaire to find common ground across different DAO identity + credentialing tools. Very short answers (plus links to documentation) to the following questions will suffice.
  1. What is the service that your project or tool provides? (short description)
    1. kycDAO: composable verifications.
    2. Spruce:
    3. Lit Protocol: decentralized access control for granting decryption keys to blockchain users based on any set of on-chain credentials, such as owning an NFT or being a member of a DAO.
    4. Sismo: Sismo is building a privacy-focused attestation system for Web3. Sismo enables you to create granular attestations from the historical data and reputation of your aggregated Ethereum accounts to carfeully curate what you reveal about yourself. Those attestation can be packaged as ZK badges (NT-NFTs) to be used for privacy-preserving access control to gated services or simple reputation signalling.
    5. Deep Skills: aggregates multiple reputation systems, recording data in decentralized network around shared identity (DID). This way, professional identity data becomes reusable, portable and accessible by any application as long as user gives such permissions.
    6. Metagov Gateway: not (yet) a tool intended for DAOs, but Gateway is a bunch of pre-built integrations that pulls data from typical social platforms (Slack, Discord, Reddit, Open Collective, etc.) and exports that data for consumption by governance tools like PolicyKit; technically it’s a reverse proxy for those social APIs.
    7. Station: Decentralized hiring stack for accepting inbound interest for contribution, onboarding contributors with an NFT with evolving metadata (role, guilds, projects, reputation scores).
    8. Wonderverse - Helping DAOs optimize their workflows and manage/pay their contributors for their work. Apart from making it easy for leaders to operate, we provide social context for contributors via task feeds and help contributors build up their web3 resume.
  1. What does your project refer to when it talks about “identity”? E.g. qualities, beliefs, personality traits, appearance, and/or expressions represented by credentials, proofs, identifiers or other means? If your tooling has more features please consider shortly describing them.
    1. kycDAO: “identity’ for us is mostly referred to as the government-issued identity of a person. We issue an on-chain “identifier” as a non-transferable NFT, but this identifier does not contain any personal data, only the proof of verification of the identity.
    2. Sismo: We see identities as a set of inventories of curated credentials and facts about one self.
    3. Lit Protocol: Hoping to support the consent framework for web3 users who want to grant access to private data to other users and apps. What google calls ‘Scopes’ in the context of their API and Sign in With Google, but using a fully dweb stack.
    4. Spruce: Identity is a “ridiculously-wide problem”. It’s different things to different groups, and ended putting up a lot more into the authentication and authorization side, e.g. Sign In With Ethereum (i.e. how do you use an identifier to authenticate). Once you add context, you can say this identifier for this context, this identifier for something else, etc. Core We’re less opinionated about credentialing dpeending on context. DAO reputation is.
    5. Deep Skills: Decentralized identifier and attributes (credentials, data points, attestations, badges)
    6. Metagov Gateway: right now, there’s a manual process where we integrate user ids across multiple platforms (similar to what Sourcecred does actually). With tighter integrations we just use OAuth.
    7. Station: The relationship between a person and an organization and documenting the relationship over time (e.g. roles, project involvement, contribution history).
    8. Wonderverse: The different pieces of contributions an individual has made to organizations they are part of and the skills they are building while working in DAOs.
  1. How does your tool, framework, or DAO implement your version of “identity” (or expect identity to be implemented)? Please be clear whether any given part is on-chain or off-chain.
    1. kycDAO: We verify the identity and safelist the wallet to mint a non-transferable NFT as an identifier.
    2. Sismo: Our protocol allows users to curate and develop their identities by building them up with both onchain badges and offchain attestations. For adoption and technical reasons, we first consider any EVM address as a proxy for an identity but will probably move to crosschain DID later on.
    3. Lit Protocol: Apps and users can use decentralized access control to provision symmetric de-encryption keys to users and apps, based on on-chain credentials.
    4. Spruce:
    5. Deep Skills: Cross-chain DID, data storage (Ceramic), schema management, issuer trust registry, scoring models marketplace
    6. Metagov Gateway: we don’t expect identity to be implemented in any particular way; it’s just an entity resolution / entity merge problem for us.
    7. Station: One off-chain account per wallet, one NFTs per organization involvement, also looking into DIDs/VCs to be issued by Station or the DAOs themselves. NFTs provide a central point to access metadata and can also serve as their own DID. NFT transferability is DAO-permissioned.
    8. Wonderverse: Users are able to build their web3 resume by showcasing what DAOs they’re part of, what teams they’ve worked in and the piece of work they’ve done. Currently this is off-chain, but pursuing being able publish tasks on chain according to a standard.
  1. What are your tooling’s main use-cases? I.e. how does a DAO benefit from using your tooling? What problems can DAOs can solve with it? Just a couple of words, e.g. reputation, credentialing, permissions, etc. Think tags.
    1. kycDAO: offer to solve the on-chain KYC problem
    2. Sismo: Privacy-preserving attestation generation for building pseudonymous personas to participate in governance while still leveraging your reputation/history. Can be used for Sybil-resistance, improved whitelisting, proof of participation-based governance, etc...
    3. Lit Protocol: decentralized identity based encryption service
    4. Spruce:
    5. Deep Skills: professional reputation and capabilities of DAO contributors
    6. Metagov Gateway: it isn’t really designed for DAOs at the moment, but eventually the idea is to make it easy for online communities to deploy and manage a bunch of governance apps by helping communities publish the data needed for governance workflows
    7. Station: Onboarding new contributors onto teams. Access management via token-gating on contributor NFTs and their metadata. Producing reputation signal and aggregating others.
    8. Wonderverse: Helping DAOs operate more efficiently via granular permissions on a work board, paying contributors in their token of choice, creating social contexts around tasks/work through feeds and helping contributors build their profile.
Once we have a bit of data, we’ll organize the information into a table.

Table

How Identity Works
Project
Expecting or implementing
How abstract / generic? 1-5
What is the service that your project or tool provides?
Implementation features
Meaning of identity
Main DAO use-cases
On-chain or off-chain?
Website
kycDAO
Implementing
2
on-chain proof of KYC
Non-transferable NFT
Identity is the government-issued identity of a person.
KYC
On-chain
Sismo
Implementing
3
Privacy-focused, granular attestation system
Identity is a set of inventories of curated credentials and facts about one self.
Attestation
Reputation
Personas
Governance
Lit Protocol
Expecting
Identity-based encryption
provide decryption based on credentials (aka identity)
Identity is a credential stored on a public state machine.
DID encryption
Deep Skills
Expecting
Implementing
4
Aggregates multiple reputation systems, and on- and off-chain data in DAOs
DID
Storage
Schema manager for credentials
Reputation model marketplace
Set of attributes, decentralized identifier and attributes (credentials, data points, attestations, badges)
Filtering (HR)
Reputation
Wonderverse
Expecting
Implementing
4
Helping DAOs optimize their workflows and manage/pay their contributors for their work. Apart from making it easy for leaders to operate, we provide social context for contributors via task feeds and help contributors build up their web3 resume.
Identity is (1) the contributions of an individual to the organizations they are a part of an individual has made to organizations they are part of and (2) the skills they are building.
Permissions
Project management
Paying contributors
Creating social contexts
Resume/profile
Spruce
Implementing
1
Authentication and authorization.
Superdao
Station
Expecting
Implementing
3
Organize inbound contribution interest, select contributors and distribute NFTs, manage contributor information and access.
NFT with DAO-permissioned transferrability
Schema manager for credentials
Data that describes who you are and what you have done. Also aligned with descriptions from Deep Skills and Wonderverse
Access control
Reputation
Permissions
Resume/profile
On-chain NFT, Off-chain metadata
Metagov Gateway
Closr
Implementing
Expecting
Communication platform for DAOs
Closr profile / login
Orange Protocol
Reputation for DAOs
Messari
 
Things we all do:
  • Build schemas + data models
  • Issue credentials
  • Trust registries for issuers
  • Build connectors to APIs for blockchain explorers
It’s valuable to build this stack ourselves, but there is a lot of redundancy. I think moving forward there will be more specialization. But right now you either build teh full-stack or it doesn’t work.
Use-cases we want to support
  • Web3 CV (DAO trying to hire; “what data do DAOs need when they verify contributor profiles?”)
    • DAO member name
    • DAO member name_private
    • Credential of “membership in good standing” from other DAO or entity
    • Credential from that DAO
    • Could/should credentialed data be sourced from multiple sources/parties?
    • Sources of data needed to verify
      • On-chain vs. off-chain
      • Issuer / source of attestation / authority
        • Self-attested
        • Data from the DAO itself (DAO-attested)
        • Data from other DAOs (p2p from other individuals from the DAO)
        • Data from arbitrary other sources
        • On-chain history from transactions + events (meaningfully different from transferable assets, including events from the DAO contract itself)
  • Web3 CV (person creating + sharing one)
  • Credential of “membership in good standing” in a given DAO
  • Onboarding new contributors from Web2
    • But we’re NOT okay with using social media like LinkedIn?
    • How do we deal with Web2 integrations in a way that doesn’t ask people to doxx themselves? We need to be very sensitive here: susceptibility to attack.
    • E.g. in Twitter integration: have a proof that you are followed by Vitalik?
  • KYC
  • Similar to KYC: super high-value storage on off-chain centralized, then verified via credentials.
    • Example: credential wallet for a KYC provider. Whatever it is, you can only put hashes; anything that is sensitive, names, needs to be on a centralized server. You need to implement a logical barrier there.
  • Affordances of identity + reputation / contribution
    • Issuer revokation (semi-centralized vs. decentralized)
      • For public data
      • For private data
    • Subject disassociation (semi-centralized vs. decentralized)
      • Hiding credentials from certain people.
    • Credential recovery
 
 
Off-chain vs on-chain
  • Lean off-chain, a lot of apps right now all pulling the same on-chain data. But overall NFTs give us weak assurances of their holders.
  • The holder is issued the credential as some on-chain data, and the registry you verify against is the off-chain data.
    • Does the credential NEED to be on-chain? The benefit of being on-chain is it gives the issuer more power, e.g. it could be revoked. The only reason I bias that toward on-chain is the capacity of the issuer.
    • What about the informed consent of the receiver; do they have the ability to revoke? What about “revokation registries”. Aave seems to be really against this.
      • Could be something completely off-chain, then you need to check both the verifiable credential registry + revoked.
      • Individuals receiving the credential; registries are best suited for the issuer. I can personally not disclose or delete the verifiable credential. When they’re on-chain public, it’s taking power away from them.
      • On-chain also incurs costs on the person to remove or revoke.
Use-cases we are NOT supporting
  • Crazy people who want to post plaintext PII on public chains.
PII
  • Most people putting PII in encrypted form in whatever permissioned data storage they prefer to use. It’s mostly accidental.
  • No plaintext PII on public chains: IS this controversial? That core note or assumption is worth solidifying. And with greater detail, more nuance on the subtypes of PII. A lot of folks can’t get past why can’t we put the PII on-chain?
  • Is IPFS a public blockchain? Should you put personal data on IPFS
  • David: currently way that I think about this: on the blockchain, the thing that gets stored is the credential.
What’s the MVP?
  • A schema for reputation & contributions by a member, i.e. “Activities”. But for which use-cases?
  • A schema for DID usage.2
  • What data do DAOs need when they verify contributor profiles?
    • User research interviews?
    • Time of joining
    • Reputation & identity within the DAO
      •  
DAOstar One (Internal)
DAOstar One (Internal)
/
🏳️‍🌈
How does identity work within DAOs?
🏳️‍🌈

How does identity work within DAOs?

This is a short questionnaire to find common ground across different DAO identity + credentialing tools. Very short answers (plus links to documentation) to the following questions will suffice.
  1. What is the service that your project or tool provides? (short description)
    1. kycDAO: composable verifications.
    2. Spruce:
    3. Lit Protocol: decentralized access control for granting decryption keys to blockchain users based on any set of on-chain credentials, such as owning an NFT or being a member of a DAO.
    4. Sismo: Sismo is building a privacy-focused attestation system for Web3. Sismo enables you to create granular attestations from the historical data and reputation of your aggregated Ethereum accounts to carfeully curate what you reveal about yourself. Those attestation can be packaged as ZK badges (NT-NFTs) to be used for privacy-preserving access control to gated services or simple reputation signalling.
    5. Deep Skills: aggregates multiple reputation systems, recording data in decentralized network around shared identity (DID). This way, professional identity data becomes reusable, portable and accessible by any application as long as user gives such permissions.
    6. Metagov Gateway: not (yet) a tool intended for DAOs, but Gateway is a bunch of pre-built integrations that pulls data from typical social platforms (Slack, Discord, Reddit, Open Collective, etc.) and exports that data for consumption by governance tools like PolicyKit; technically it’s a reverse proxy for those social APIs.
    7. Station: Decentralized hiring stack for accepting inbound interest for contribution, onboarding contributors with an NFT with evolving metadata (role, guilds, projects, reputation scores).
    8. Wonderverse - Helping DAOs optimize their workflows and manage/pay their contributors for their work. Apart from making it easy for leaders to operate, we provide social context for contributors via task feeds and help contributors build up their web3 resume.
  1. What does your project refer to when it talks about “identity”? E.g. qualities, beliefs, personality traits, appearance, and/or expressions represented by credentials, proofs, identifiers or other means? If your tooling has more features please consider shortly describing them.
    1. kycDAO: “identity’ for us is mostly referred to as the government-issued identity of a person. We issue an on-chain “identifier” as a non-transferable NFT, but this identifier does not contain any personal data, only the proof of verification of the identity.
    2. Sismo: We see identities as a set of inventories of curated credentials and facts about one self.
    3. Lit Protocol: Hoping to support the consent framework for web3 users who want to grant access to private data to other users and apps. What google calls ‘Scopes’ in the context of their API and Sign in With Google, but using a fully dweb stack.
    4. Spruce: Identity is a “ridiculously-wide problem”. It’s different things to different groups, and ended putting up a lot more into the authentication and authorization side, e.g. Sign In With Ethereum (i.e. how do you use an identifier to authenticate). Once you add context, you can say this identifier for this context, this identifier for something else, etc. Core We’re less opinionated about credentialing dpeending on context. DAO reputation is.
    5. Deep Skills: Decentralized identifier and attributes (credentials, data points, attestations, badges)
    6. Metagov Gateway: right now, there’s a manual process where we integrate user ids across multiple platforms (similar to what Sourcecred does actually). With tighter integrations we just use OAuth.
    7. Station: The relationship between a person and an organization and documenting the relationship over time (e.g. roles, project involvement, contribution history).
    8. Wonderverse: The different pieces of contributions an individual has made to organizations they are part of and the skills they are building while working in DAOs.
  1. How does your tool, framework, or DAO implement your version of “identity” (or expect identity to be implemented)? Please be clear whether any given part is on-chain or off-chain.
    1. kycDAO: We verify the identity and safelist the wallet to mint a non-transferable NFT as an identifier.
    2. Sismo: Our protocol allows users to curate and develop their identities by building them up with both onchain badges and offchain attestations. For adoption and technical reasons, we first consider any EVM address as a proxy for an identity but will probably move to crosschain DID later on.
    3. Lit Protocol: Apps and users can use decentralized access control to provision symmetric de-encryption keys to users and apps, based on on-chain credentials.
    4. Spruce:
    5. Deep Skills: Cross-chain DID, data storage (Ceramic), schema management, issuer trust registry, scoring models marketplace
    6. Metagov Gateway: we don’t expect identity to be implemented in any particular way; it’s just an entity resolution / entity merge problem for us.
    7. Station: One off-chain account per wallet, one NFTs per organization involvement, also looking into DIDs/VCs to be issued by Station or the DAOs themselves. NFTs provide a central point to access metadata and can also serve as their own DID. NFT transferability is DAO-permissioned.
    8. Wonderverse: Users are able to build their web3 resume by showcasing what DAOs they’re part of, what teams they’ve worked in and the piece of work they’ve done. Currently this is off-chain, but pursuing being able publish tasks on chain according to a standard.
  1. What are your tooling’s main use-cases? I.e. how does a DAO benefit from using your tooling? What problems can DAOs can solve with it? Just a couple of words, e.g. reputation, credentialing, permissions, etc. Think tags.
    1. kycDAO: offer to solve the on-chain KYC problem
    2. Sismo: Privacy-preserving attestation generation for building pseudonymous personas to participate in governance while still leveraging your reputation/history. Can be used for Sybil-resistance, improved whitelisting, proof of participation-based governance, etc...
    3. Lit Protocol: decentralized identity based encryption service
    4. Spruce:
    5. Deep Skills: professional reputation and capabilities of DAO contributors
    6. Metagov Gateway: it isn’t really designed for DAOs at the moment, but eventually the idea is to make it easy for online communities to deploy and manage a bunch of governance apps by helping communities publish the data needed for governance workflows
    7. Station: Onboarding new contributors onto teams. Access management via token-gating on contributor NFTs and their metadata. Producing reputation signal and aggregating others.
    8. Wonderverse: Helping DAOs operate more efficiently via granular permissions on a work board, paying contributors in their token of choice, creating social contexts around tasks/work through feeds and helping contributors build their profile.
Once we have a bit of data, we’ll organize the information into a table.

Table

How Identity Works
Project
Expecting or implementing
How abstract / generic? 1-5
What is the service that your project or tool provides?
Implementation features
Meaning of identity
Main DAO use-cases
On-chain or off-chain?
Website
kycDAO
Implementing
2
on-chain proof of KYC
Non-transferable NFT
Identity is the government-issued identity of a person.
KYC
On-chain
Sismo
Implementing
3
Privacy-focused, granular attestation system
Identity is a set of inventories of curated credentials and facts about one self.
Attestation
Reputation
Personas
Governance
Lit Protocol
Expecting
Identity-based encryption
provide decryption based on credentials (aka identity)
Identity is a credential stored on a public state machine.
DID encryption
Deep Skills
Expecting
Implementing
4
Aggregates multiple reputation systems, and on- and off-chain data in DAOs
DID
Storage
Schema manager for credentials
Reputation model marketplace
Set of attributes, decentralized identifier and attributes (credentials, data points, attestations, badges)
Filtering (HR)
Reputation
Wonderverse
Expecting
Implementing
4
Helping DAOs optimize their workflows and manage/pay their contributors for their work. Apart from making it easy for leaders to operate, we provide social context for contributors via task feeds and help contributors build up their web3 resume.
Identity is (1) the contributions of an individual to the organizations they are a part of an individual has made to organizations they are part of and (2) the skills they are building.
Permissions
Project management
Paying contributors
Creating social contexts
Resume/profile
Spruce
Implementing
1
Authentication and authorization.
Superdao
Station
Expecting
Implementing
3
Organize inbound contribution interest, select contributors and distribute NFTs, manage contributor information and access.
NFT with DAO-permissioned transferrability
Schema manager for credentials
Data that describes who you are and what you have done. Also aligned with descriptions from Deep Skills and Wonderverse
Access control
Reputation
Permissions
Resume/profile
On-chain NFT, Off-chain metadata
Metagov Gateway
Closr
Implementing
Expecting
Communication platform for DAOs
Closr profile / login
Orange Protocol
Reputation for DAOs
Messari
 
Things we all do:
  • Build schemas + data models
  • Issue credentials
  • Trust registries for issuers
  • Build connectors to APIs for blockchain explorers
It’s valuable to build this stack ourselves, but there is a lot of redundancy. I think moving forward there will be more specialization. But right now you either build teh full-stack or it doesn’t work.
Use-cases we want to support
  • Web3 CV (DAO trying to hire; “what data do DAOs need when they verify contributor profiles?”)
    • DAO member name
    • DAO member name_private
    • Credential of “membership in good standing” from other DAO or entity
    • Credential from that DAO
    • Could/should credentialed data be sourced from multiple sources/parties?
    • Sources of data needed to verify
      • On-chain vs. off-chain
      • Issuer / source of attestation / authority
        • Self-attested
        • Data from the DAO itself (DAO-attested)
        • Data from other DAOs (p2p from other individuals from the DAO)
        • Data from arbitrary other sources
        • On-chain history from transactions + events (meaningfully different from transferable assets, including events from the DAO contract itself)
  • Web3 CV (person creating + sharing one)
  • Credential of “membership in good standing” in a given DAO
  • Onboarding new contributors from Web2
    • But we’re NOT okay with using social media like LinkedIn?
    • How do we deal with Web2 integrations in a way that doesn’t ask people to doxx themselves? We need to be very sensitive here: susceptibility to attack.
    • E.g. in Twitter integration: have a proof that you are followed by Vitalik?
  • KYC
  • Similar to KYC: super high-value storage on off-chain centralized, then verified via credentials.
    • Example: credential wallet for a KYC provider. Whatever it is, you can only put hashes; anything that is sensitive, names, needs to be on a centralized server. You need to implement a logical barrier there.
  • Affordances of identity + reputation / contribution
    • Issuer revokation (semi-centralized vs. decentralized)
      • For public data
      • For private data
    • Subject disassociation (semi-centralized vs. decentralized)
      • Hiding credentials from certain people.
    • Credential recovery
 
 
Off-chain vs on-chain
  • Lean off-chain, a lot of apps right now all pulling the same on-chain data. But overall NFTs give us weak assurances of their holders.
  • The holder is issued the credential as some on-chain data, and the registry you verify against is the off-chain data.
    • Does the credential NEED to be on-chain? The benefit of being on-chain is it gives the issuer more power, e.g. it could be revoked. The only reason I bias that toward on-chain is the capacity of the issuer.
    • What about the informed consent of the receiver; do they have the ability to revoke? What about “revokation registries”. Aave seems to be really against this.
      • Could be something completely off-chain, then you need to check both the verifiable credential registry + revoked.
      • Individuals receiving the credential; registries are best suited for the issuer. I can personally not disclose or delete the verifiable credential. When they’re on-chain public, it’s taking power away from them.
      • On-chain also incurs costs on the person to remove or revoke.
Use-cases we are NOT supporting
  • Crazy people who want to post plaintext PII on public chains.
PII
  • Most people putting PII in encrypted form in whatever permissioned data storage they prefer to use. It’s mostly accidental.
  • No plaintext PII on public chains: IS this controversial? That core note or assumption is worth solidifying. And with greater detail, more nuance on the subtypes of PII. A lot of folks can’t get past why can’t we put the PII on-chain?
  • Is IPFS a public blockchain? Should you put personal data on IPFS
  • David: currently way that I think about this: on the blockchain, the thing that gets stored is the credential.
What’s the MVP?
  • A schema for reputation & contributions by a member, i.e. “Activities”. But for which use-cases?
  • A schema for DID usage.2
  • What data do DAOs need when they verify contributor profiles?
    • User research interviews?
    • Time of joining
    • Reputation & identity within the DAO
      • Â