(please read this post on attractors before you read the below one xD )
The case for building a primitive for sybil resistance (sockpuppet account resistence) is very strong IMO.
- One-token-one-vote systems are inherently plutocratic, giving themselves over to capital over time. But one-human-one-vote systems are democratic.
- The majority of the world’s financial lifes are based on their communities + jobs, not their capital investments. If web3 projects want to onboard the majority of humanity into them, they will need to find ways to be more truly democratic.
So how do we move the ecosystem from one-token-one-vote to one-human-one-vote?
We create an attractor for sybil resistance. Simple right?
An attractor for sybil resistance (say, a crypto-economic system that created sybil resistence) would increase the economic payoffs for becoming more sybil resistent. And it would be ambivalent to or even repellant of one-token-one-vote or sybil attacking behavior.
Just like ETH2 is in a stable equilibrium that it is cheaper to defend than it is to attack, this sybil resistent attractor would need to consistently make it cheaper to defend than to attack the attractor to remain stable.
I think the way we do that is by building protocols that make it easy for everyday people all over the world to prove humanity. According to ppl in the know, there are four workable ways of doing sybil resistance.
- Nation State Identification
- Biometric (eye scanning, fingerprints)
- Web of Trust
So basically the attractor actually looks like this.
Why would people in this possible action space want to bother verifying their identity via these methods? They need some reason to want to use the system.
I think we need to help these people with their Job To Be Done.
Some examples of Jobs to be Done:
- Contribute via QF on Gitcoin.
- Claim my UBI.
- Claim an airdrop.
So lets update our attractor diagram:
Now lets talk about the incentives for the people in this possible action space to remain entrapped by the status quo. These mostly have to do with risks associated with using proof of personhood/sybil resistance protocols.
- “arent all web3 projects scams?”
- “what if my identity is stolen?”
- “what are the privacy implications?”
- “will i actually get this job done?”
Let us again update our sybil resistance attractor:
Let us revisit our initial criteria for the type of attractor we want to build. Is it stable? eg is it reliably cheaper to defend than it is to attack?
Finding System Stability
It needs to be:
- Cheap/Easy to legitimately use.
- Expensive to falsify.
- Expensive to bribery attacks.
I believer that we’re now adding a new criteria to this attractor.
But is the system stable? Well I think that in order to be stable, it needs to have stable (eg recurring/legitimate) sources of capital backing the rewards for the jobs to be done in the system.
Eg capital that comes from those who have sustainable/legitimate sources of funding (governments, profitable DAOs, organizations with a high lindy) and not fly by night sources (3AC, FTX, ICO scammers).
Eg capital that wants the cost of forgery of the identities in the system to be high enough to accomodate their use case. (eg if I checkout on Gitcoin Grants with a $100 match, then I should have a least $100 cost of forgery for my identity. If I get checkout with a $1k match then I should have at least $1k, and so on… )
I also think that it’s important that this system has network effects because exponential growth will allow for the good things bout the system to get better on an exponential curve
Unfortunately, any system that a solid attractor of legitimate users will also be an attractor of illegitimate users. And since sybil resistence is an infinite evolutionary game illegitimate users are likely to evolve their attack methodologies over time.
For this reason, it will be important to have good data science & attack response. I define good here as privacy-preserving, not capturable, not easy to collude + effective at staying 1 step ahead of the illegitimate users.
I also think its important that the identity mechanism + attack remediation layer is plural. Systems that rely on one identity mechanism are monocultures, and thus subject to more fragility + more capture. A system with plural identity mechanisms is desirable because it creates less fragility + less capture.
Hint: If you can go to a village and bribe 100s of people to scan their biometrics once + sell their lifetime identity to you (the attackooooor), you are not collusion-resistent! A more time-delimited approach may be necessary. And if you rely only on one single implementation of biometrics implemented by one team you are not plural!
If we can accomplish the above, I think we can safely go to the detractors or defenders of the status quo that we’ve legitimately answered their concerns:
- there are legitimate web3 projects
- my identity will be respected
- my privacy will be respected
- i will get the job done + be on my weay.
Such an attractor would be meta-stable (stable provided it is subjected to no more than small disturbances.) with the first layer of attributes.
and would be stable (stable to most disturbances) with the 2nd layer of attributes.
Is anyone out there building this?