How Web3 apps are building composable trust

Reputation Until Today

Web2 was a turning point for reputation systems in many ways. For the first time, reputation was no longer localized or limited by geography. Any credentials or accreditations that you receive are readily sharable to a broad audience on the Internet. Web2 introduced a paradigm where users could not only consume content but also create at a massive scale. It became seamless for creators to collect likes, views, retweets and replies, signaling to readers the quality of their work and their expertise on a subject.

Over time, data accrued to specific platforms and became trapped in application siloes. As you know, the reputation you build on Twitter doesn’t transfer over to your Instagram account. Every time a creator moves or adds a platform to their portfolio, they effectively start at zero, and must request their fans to do the same. Web2 platforms have also done a poor job of translating our real-world reputation. The credentials we collect and earn in Web2 are not natively digital and are mere proxies for the more complex and natural relationships they represent.

Enter Web3.

DIDs and VCs as the Future

The World Wide Web Consortium (W3C) is an international organization that develops and maintains standards for creating and interacting with web content, ensuring acceptance and interoperability across the Internet. The W3C introduces a standard for a Verifiable Credential (VC), providing a mechanism to issue credentials on the Web in a way that is cryptographically secure, privacy respecting, and machine-verifiable.

Simply speaking, a VC is a piece of contextual data that is generated and signed by a trusted party, creating an attestation for any piece of information.

Another W3C standard, a Decentralized Identifier (DID) is a uniquely generated identifier that is controlled by either single or multiple public keys. DIDs are a useful chain-agnostic abstraction to sign off-chain attestations such as VCs or to link to various on-chain assets. The specification outlines 90+ types of DID methods that can sign and manage contextual data. Since DIDs are chain-agnostic, they allow users to build a comprehensive view of their identity in a multi-chain world.

Ultimately, this paints a future where various credentials can be issued as VCs to a user’s DID, where the DID is a higher-level representation of all their wallet accounts and private keys. To learn more about DIDs and how Ceramic enables this user-centric reality, read : https://blog.ceramic.network/user-centric-data-on-web3/

Reputation in Web3

While Web2 reputation was based on content creation for a digital platform, Web3 introduces a concept we’re familiar with in real life—reputation based on participation. Community members can not only invest in various cryptocurrency protocols but also become an active participant in DeFi and NFT communities, build dApps, contribute to a DAO, or even earn POAPs (Proof of Attendance Protocol) to register event attendance. Online reputation and digitally-native credentials can finally resemble those of the real world.

Let’s dive into what makes Web3 reputation more powerful and expansive than Web2.

Totally, and wholly, owned by you

Unlike Web2 platforms that lock your credentials into the system, Web3 credentials are owned by you—controlled by your wallet and private keys. This means that your credentials can’t be altered, deleted, or suspended by a third party.

Comprehensiveness and Portability

Your private keys control access to the credentials you’ve earned, this means that they will follow you from community to community. Credentials that you’ve earned in one community can be seen by and used to reward you elsewhere. Since the data stored on Ceramic can be made publicly available, credentials can be composable—other communities and protocols can use credentials issued by others as inputs to issue new ones.

On-chain assets and credentials are easy to scan at scale. And now, with the rise of oracles and off-chain storage systems like Ceramic, it’s becoming easy to build reputation data pipelines for applications ranging from DeFi credentialing to tracking DAO contributions.

Verifiability

It’s easy to verify your educational credentials, mainly because they’re issued by a trusted third-party—an accredited university. In Web2, when you claim a course or skills credential, there are limited ways to digitally verify its accuracy. However, in Web3 systems, on-chain assets are inherently verifiable given the public and open nature of the blockchains they exist on. Off-chain assets can become verifiable when decentralized oracle systems can verify their accuracy or when an attestation is signed by a public key.

Ceramic Use-Cases

A topic as broad as credentials has, practically, an infinite number of use cases — but let us cover a few interesting ones that we’ve been tackling here at Ceramic. Notice how they all exhibit the key pillars of Web3 reputation: Portability, verifiability, user-controlled data.

Financial Credentialing

Traditional financial systems make it difficult to understand, view, or access one’s credit history or financial trustworthiness. Using next generation Web3 reputation systems, we could represent a person’s credit score as a digitally native primitive. Users would own their credit history, add context to it, and could share with whoever they wish, even across borders. dApps can easily run aggregate reports on credit scores to determine trustworthiness and use scores as composable data, building advanced DeFi protocols that allow under-collateralized loans or margin accounts.

A common use case we’ve seen a lot at Ceramic is universal KYC (know-your-customer) verification where a trusted agency can issue VCs for KYC validation so that users don’t have to perform a time-consuming validation process every time they onboard onto a new dApp.

Proof of Humanity

To protect against Sybil attacks, several Web3 dApps are reinforcing their security by implementing Proof of Humanity or Proof of Personhood systems, requiring users to prove that they are real human beings and not bots. Similar to a universal credential that can be carried across the Web3 metaverse, Proof of Humanity can be issued as a credential to the user’s Ceramic DIDs—enabling them to be portable, verifiable, and self-sovereign. Proof of Humanity can be a very comprehensive determination, integrating various on/off chain data sources (KYC, NFT ownership, Web2 authentication, etc). Moreover, once all the credentials are available on Ceramic, various services can implement proprietary scoring algorithms.

In the diagram below we see various third parties issuing credentials to the user’s Ceramic streams. Each credential is composable, meaning that one issuer can use a previously issued credential to issue another (Issuer 2 issuing a Proof of Humanity credential). Finally, various dApps can request the user to read one (or several) of the credentials that were previously issued.

Reputation in DAOs

To function effectively in an organization, DAO members must be able to signal a rich sense of their contributions in- and outside of the community. They need to share reputation that mirrors real-world interactions and contextual information about themselves and their peers—who they are, what they’ve done, and how they’ve contributed.

A very common problem for DAOs is that they have no idea who exactly a contributor is when they join the organization. Using Ceramic, users and DAOs can drastically reduce switching costs by being able to collect and share credentials across Web3 ecosystems. Contributors can seamlessly share their contribution history (skills, completed bounties, membership levels, org roles, participation, etc.) and be assigned meaningful tasks on Day 1, avoiding the need to prove themselves. Organizations are empowered to immediately onboard new contributors and start relationships on shared understanding, leading to better and faster collective decisions.

Application Architecture for Storing VCs on Ceramic

There are several ways to design your application to issue Verifiable Credentials, but let’s cover one of the more popular and simple architectures using Ceramic.

• Users submit a claim to the dApp (birth date, KYC, financial history) or perform a certain action on the dApp (votes on a proposal, logs in every day, moderates a Discord).
• dApp forwards the claim for verification, either to the dApp’s own verification service or a third-party’s.
• The claim is verified and a VC is created and signed using the application’s DID. For a VC to be considered valid, it must be signed by the issuing authority.
• Finally, the claim is stored on the user’s Ceramic streams.

Who’s building reputation systems on Ceramic?

Ceramic is a solution that seamlessly integrates DIDs and VCs along with robust database-like features for users and applications to issue, store, and share their credentials. Accruing credentials in a multi-chain metaverse and associating them with a chain-agnostic DID allows users to fully create an accurate picture of their digital reputation and proudly carry that with them into any application they use.

Here’s just a sampling of the projects that are using Ceramic to build robust identity and reputation systems: https://developers.ceramic.network/learn/highlighted-projects/#reputation

If you’re working on a project on identity, credentials, and reputation, Ceramic might be a great fit in your tech stack—join the Discord and we’d love to chat!

Website | Twitter | Discord | GitHub | Documentation | Blog | IDX Identity