The Challenge of Unconditional Trust: Centralizing Factors in Identity Management within Web3
TechFlow Selected TechFlow Selected
The Challenge of Unconditional Trust: Centralizing Factors in Identity Management within Web3
Although Web3 promises "trustlessness" and "decentralization," this may be more of an unattainable dream than a real possibility.
Navigating Web3 tides with focused insightsWritten by: Karim Halabi
Compiled by: TechFlow
Why is our real-world identity unconditionally trusted? Although Web3 promises "trustlessness" and "decentralization," this may be more of an elusive dream than a genuine possibility. This is because numerous centralized factors exist, the most significant being the management of our real-life identities. Currently, we cannot use them within cryptographic networks in a truly trustless manner.
This article will elaborate on this viewpoint and highlight some potential solutions.
Let us imagine the open metaverse as a theme park. We use tokens to access the park’s fun and thrilling rides, issuing new tokens when creating new attractions. Value creation and consumption are permissionless, and rides—if properly built—cannot be destroyed by anyone, making our interactions inside the theme park independent of trust.
Some rides might cost more tokens than we currently possess, so we can perform tasks we excel at (e.g., making and selling cotton candy), earn enough Cotton Candy Tokens ($CFT, available to anyone), and exchange them for the tokens required to access the rides we desire.
Currently, anyone can access any ride and its counterparties—whether ride operators or the rides themselves—without concern for who or what you are. You could be a human or a bot.
The problem is that many rides will soon need to distinguish between human players and bots. This could be to optimize user experience for specific players, but more likely stems from regulatory and compliance obligations.
This isn’t inherently alarming—linking our off-chain identities to our public addresses isn’t necessarily bad and can bring many benefits. However, we must remain cautious about how such linkages are established.
The Metaverse and Our Identity
Today, DeFi users enjoy using a fully permissionless and anonymous parallel financial system—but only after completing the onboarding process into cryptocurrency. This onboarding typically involves purchasing crypto through centralized exchanges, which requires strict KYC and AML screenings and linking designated bank accounts. These are centralized gateways to a decentralized world.
As Moxie pointed out, true decentralization remains a vision. Many of the middleware and backends we rely on are maintained by centralized entities. Our dependence on Infura, Alchemy, and AWS serves as proof.
However, thanks to projects like Ocean Protocol and DIA, the metaverse is gradually becoming more decentralized. Yet access points remain just as centralized as before—and likely will stay that way. Nevertheless, the biggest centralized element does not come from CEXs or other fiat-to-crypto entry points, but from our digital identities.
First, let's distinguish between two types of digital identity:
1. Natively generated on-chain identities;
2. Off-chain identities.
An example of a natively generated on-chain identity might be our public address—providing value (by acting as a node in an IoT network or lending its computing chip for distributed computation) and receiving rewards in token form. These tokens accumulate in its public address: its identity within this network.
A machine contains chips and wires—key technical components enabling it to interact with other devices also equipped with chips and wires. When things already have the ability to interact within blockchain networks, associated digital identities are easier to create. Humans, however, lack equivalent intrinsic components allowing native interaction within blockchain networks—at least for now. This is why we first have off-chain identities.
These are typically represented by government-issued IDs, our physical home addresses, or any form of biometric information. Since these are not crypto-native, they must be brought on-chain. Here, it's crucial to focus on how such information is verified and transferred onto blockchains.
When bringing such information and identifiers on-chain, doing so in an unconditionally trustworthy manner is extremely difficult. Public networks like Bitcoin are trustless because anyone can verify anything by inspecting the chain—all operations and interactions are publicly recorded and permanently stored in blocks.
Off-chain objects or events are harder to audit properly. For instance, to prove trustlessly that someone’s eyes are a certain color, every network participant would need both the ability and freedom to see you personally, verify it, and collectively agree your eyes are blue.
This is why we rely on trusted central authorities, such as government institutions, as formal sources of truth.
-
How do we know this person can drive? Because an institution has tested them and issued a driver’s license.
-
How do we know this license means they can drive? Because we trust that institution.
-
Why must we trust them? Because they administered the driving test.
Ultimately, these trusted entities are crucial—they enable human society itself to develop, scale, and interact in ever-growing numbers toward increasingly ambitious goals.
For these reasons, centralized institutions will always exist to link our off-chain identities with our on-chain identities.
Whenever a physical-world attribute must be verified for use in the open metaverse, a central party will be involved. Thus, at the intersection of these two worlds, assumptions of trust will always exist. They can be minimized, but they will never be truly trustless.
Why Does This Matter?
“He who can destroy a thing, controls a thing.”
—Paul Atreides
When a central authority verifies a form of identity, such as a driver’s license, they also maintain its integrity. If that license is revoked for any reason, the next time I’m stopped and my credentials checked against a verified identity list, it will be flagged as invalid.
If such identities become prerequisites for participating in certain networks, the entity maintaining the validity of your identity will have full control over all aspects of your life tied to those networks. Ultimately, this becomes a matter of censorship resistance and ideology—do we believe central powers should retain the right to uphold our digital identities?
Even if the metaverse itself operates in a decentralized manner, is it truly decentralized if its gateways are tightly controlled?
Even if we use zk-proofs to protect our privacy (allowing us to prove something without revealing personal details), if an official body decides to revoke my driver’s license, it will still appear invalid.
In the near future, verified forms of identity issued by central entities may become prerequisites for interacting with many protocols. This could lead to a split: we may end up with a permissioned metaverse and meta-finance, alongside the DeFi we know today, which might then be called “DarkFi” or something similar.
Reiterating the significance and implications—verifying our identities under the control of central powers will result in a digital world with even stricter control and permissions than the world we know today.
An Optimistic Outlook
Although the scenario outlined above may seem quite dystopian, not everything is bleak. In fact, there’s more than one way into the theme park. Going through the main gate and security checks is one option. Certainly, a simpler choice might offer better user experiences and favorable conditions, such as undercollateralized loans—but it remains just one option among others.
Our on-chain history can be used to create a decentralized, anonymous identity. Have you previously used a certain protocol? Have you ever been liquidated? Do you hold a specific POAP or NFT?
Natively generated on-chain identifiers can provide us with a universal identity we fully control. One can contrast this type of identity with centrally verified ones, much like comparing Bitcoin and CBDCs.
Projects like BrightID and Union are building solutions empowering digital citizens to create and own identities—not only digital and usable across the open metaverse but also more sovereign.
BrightID employs a clever approach, leveraging real-world human verification and mutual attestation of our existence—helping distinguish humans from bots and allowing us to create an identity whose integrity depends not on a single party, but on a network.
As more aspects of our lives move on-chain, the issue of decentralized identity management will grow increasingly important. Public blockchains could serve as the foundation for a digital sovereignty utopia—but they could also lead to a digital dystopia. It is our responsibility to vote with our actions; to choose networks aligned with our ideals and help realize the future we wish to live in.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
Outlier Ventures
