Bullish Case for Decentralized Reputation
In this post I’m showing a need for persistent decentralized reputation protocol. I’m outlining the learnings we got the last few years building digital identity and SSI products, describing the necessary principles of pseudonymous reputation, discussing potential use cases and how to make those a reality.
In a networked world, trust is the most important currency
Public blockchains created a revolutionary tool for solving coordination problems. Never before have we had a system that is worth billions and used millions of users daily with no centralized governance or authority to manage it. In most cases, we don’t even know the real names of people who build, run or use these systems. DAOs took this idea forward and applied principles of decentralization to self-coordinating communities to replace corporations, venture funds, legal firms, courts, asset management, freelance communities and art galleries with more efficient alternatives.
Today, most of those systems heavily rely on the use of mechanism design and monetary incentives to achieve coordination and direct future development of a system. But people are not perfectly rational economic agents. In fact, we are much more irrational than we even realize.  We care about social status, mental wellbeing, acceptance and feeling of belonging. All those incentives are heavily utilized by the traditional centralized economy and there’s no reason why we shouldn’t employ these tools in the decentralized web as well.
Persistent pseudonymous reputation is a foundational tool that we need to build truly scalable decentralized systems that can provide effective coordination beyond just finance.
Our digital reputation is fragmented. We own hundreds of accounts across web2 and web3. DAO contributor rating, Uber driver reputation or Amazon seller profile are not portable and interoperable. Companies in the same industry, such as banks, social networks or marketplaces, are required to build separate reputation systems that are actually working in a surprisingly similar way. Giving up reputation data back to the customers reduces the need for duplicate work and creates network-of-networks effect where each application benefits from their users having richer and more trusted identities.
The bureaucratic systems that we use today are not quantifiable. When opening a bank account or applying for a visa you’re required to bring a predefined set of documents regardless of your reputation and prior history.
Bureaucracy is binary. You either have a KYC, employment, university degree or not. Real life is a spectrum. You can reveal the fact that you’ve been KYC’ed with a reputable provider but not share your passport info. You can earn enough without being employed officially and full-time. You can be good and skillful at your job without a university degree.
Scoring systems are proprietary. It’s hard enough to build an accurate ontology and scoring system for any domain of reputation. Having those systems proprietary and closed source only hinders innovation, experimentation and validation.
Solving Decentralized Reputation
To address the problems outlined above we need to create a decentralized reputation protocol which would be open, permissionless, work across reputation domains and use cases. We need to borrow a few important principles from blockchain and self-sovereign identity communities to ensure decentralization of the system and user sovereignty that comes with it.
Pseudonymous and private by default
Reputation system should not evolve into the Social Credit System of China or any other centralized blacklist. Users are identified via their decentralized identifiers [DID] and should not reveal their real names or any personally identifiable information. Unlike NFTs or tokens, all reputation data (reputes) is stored off-chain and is not accessible publicly. Whenever user decides to share the information they should have a granular choice of privacy settings:
- Share reputation event or reputation score directly with the verifier (encrypted with verifiers PK)
- Share data publicly
- Share data selectively (only choose one attribute or aggregated score)
- Share zero knowledge proof of having a certain reputation event or score.
Segregation of reputation data and scoring models
Reputation is just a combination of facts and opinions. Those facts can be objective data points issued and signed by some reputable entity (smart contract, government, organization, web2 platform, peer). But the scoring is always subjective. To make the reputation system universal we shouldn’t introduce bias by adding assessment and evaluation right away.
Instead, we should separate data acquisition from data analytics. Reputes are just vertices of a directed graph that represent some real world qualifications, attestations or facts. User’s reputes and events are stored in a decentralized encrypted addressable storage system. Whenever the user wants to build and share their reputation score they will choose the scoring that is trusted by the verifiers and provide their reputes as an input data. The output would be an actual reputation profile. To put this into context, we can imagine a few examples:
- It can be as simple as just a single number representing a credit score. In the DeFi case the input data would be on-chain activity across multiple blockchains, centralized exchanges, traditional banks and some qualification of being an experienced investor.
- It can be a professional profile. Imagine the reputation profile of an engineer. It will take in their online activity across web2 platforms (github, stackoverflow, jira), web3 networks (deploys and calls of smart contracts), education (bootcamps, personal projects) and prior work (hackathons, grants completed, freelance and full-time job). The output would look something like a LinkedIn profile but with skills and experience being actually verified and proven, not just self-reported.
Reputation is not a monolith. It’s domain specific and for each domain you need different kinds of data sources and scoring models. There’s no thing as just a reputable human being — but can be a good poet, bad coder, trustworthy borrower and exceptional investor.
Reputation models competition
From the examples above we can see that computing a credit score or assessing an engineer is actually a subjective task and can be done in a myriad of ways. We can have a person doing an assessment, it can be a pre-defined algorithm or even a neural net. Those algorithms or assessment methodology should be public so that the whole system is trusted. But once we make a methodology public we also expose ourselves to cheating and people trying to game the system.
Generally, we have two options: making scoring proprietary or making it radically open. In the second case we end up with a much faster experimentation rate as people are free to fork and improve on each other’s work.
Naturally, reputation verifiers will be looking to use the most accurate and trusted model that exists on the market. This means that creators of such a model will be able to monetize their work in a way similar to how Yearn strategists or TheGraph indexers are being paid for their job.
Open source and community-driven
In web3 you will not get adoption or success by building a siloed full stack solution. Instead, we need to think of ways to combine amazing work done by many open source projects. Even though reputation systems largely remain fragmented there’s a few quite interesting experiments being done in the community: SourceCred and CoordinaApe transform engineering contributions into monetary rewards; TheConvo computes score of NFT and DeFi users on Ethereum, Degenscore is… well, you can probably figure out for yourself; ArcX is looking to build an on-chain credit score; RabbitHole is building an on-chain resume; DAO management systems like Colony have internal reputation engines; and many many more examples…
What is missing is an open interoperable solution that will allow these and many other applications to benefit from shared network effects, and will provide an intuitive customer experience of having full control over their digital identities.
Blockchain world doesn’t end with just Bitcoin and Ethereum. Decentralized web doesn’t end with just blockchains. Human coordination and need for trust doesn’t end with just the web. The architecture of the system should be modular to support multiple information domains and technical protocols.
Let’s make it a reality
Whatever your goal is — from verifying personhood of your users to building programmable finance, giving out grants, enabling meritocratic voting and decision-making, building holacratic organization, hiring and assessing employees, doing directed airdrops, creating a decentralized social media or a closed community of experts — you will need a pseudonymous reputation system.
Eventually we will create decentralized social infrastructure that empowers trusted interactions between people and organizations.