[Note: This page assumes the reader has a basic knowledge of blockchain fundamentals, including the differences between proof-of-work (PoW) and proof-of-stake (PoS), and knowledge about such security-related concepts as Sybil attacks.]
This concept paper discusses a new type of blockchain which involves a different set of tradeoffs from the dominant PoW and PoS. It’s based on a particular approach to leveraging evidence of personhood.
There is currently an ethos in the blockchain world to keep chains “pure” with respect to dependencies on the traditional, non-decentralized world.
Implications of the ethos of independence from the traditional business world
The key advantage
Services offered by the traditional business world are typically controlled by for-profit corporations, each of which is acting in its own interests and whose interests may unexpectedly change over time. Non-profits exist for certain financial services, such as credit unions and “microfinance” entities which provide small-scale financial services to individuals and small businesses who might not have access to traditional banking. But traditional non-profits don’t have access to the kind of capital, manpower and technology required for many important applications.
Decentralization: Blockchains provide an alternative that is scalable to the sizes of the largest traditional, for-profit institutions by harnessing many smaller entities in a decentralized way. With PoW and PoS, any entity that wishes to take part can do so, and thereby have a voice in controlling the blockchain (by choosing what software to run on the node(s) it controls). In PoW and PoS, the amount of influence an entity has is roughly proportional to its investment in hardware and energy (for PoW) and stake (in PoS). So, the financial services provided by leading blockchains are arguably more aligned with the needs of the overall community than is the case with traditional services.
The key disadvantage
The key disadvantage of the ethos of independence is the existence of intrinsic pressures toward centralization within the community of each particular blockchain.
In the case of PoW, the massive hardware and energy expenses required to have a reasonable chance of earning coin by mining have led to the fact that people can’t meaningfully participate in mining using their own computer hardware. Instead, mining has coalesced into extremely well-capitalized “mining farms” which, collectively, use as much energy as the country of Austria. If just the top 3 Bitcoin mining farms were to collaborate maliciously, they could launch a 51% attack on Bitcoin.
In the case of PoS, security derives from the staked coin. In order to protect against Sybil attacks, Ethereum requires solo stakers to stake 32 Eth, worth more than $64K USD. This leads to the existence of “staking pools” which enable people to participate with a smaller amount of stake; but staking pools are a form of centralization. Just one Ethereum staking pool, Lido, has 28.1% of the total stake; disruption of Ethereum’s normal processing can occur when a group of malicious actors controls 1/3 of the stake or if there’s a bug in the software they use.
An alternative balance: leveraging identity data from the external world to maximize internal blockchain decentralization
The aspect of the traditional business world we will leverage is evidence of personhood (EoP). For purposes of discussion, we will refer to the concept as “EoPCoin.”
Because there is no absolute proof of personhood that can be irrefutably and uniquely associated with a particular blockchain account, we do not refer to proof-of-personhood; we more realistically prefer here to evidence.
By accumulating multiple items of evidence of personhood, which come from independent sources, the network can have more and more confidence in the personhood associated with a given account.
Verifiable Credentials
“Verifiable credential” is a term of art representing a cryptographic proof of legitimacy. For example, MIT currently supplies graduates with a Verifiable Credential in digital form that cryptographically proves it was generated by MIT in association with a particular student. Because there is room for various forms of human fraud before it is associated with a particular EoPCoin account (for instance, a hardware device containing the Verifiable Credential might have been stolen and hacked), we regard it as evidence, not proof, for purposes of the blockchain, even though it is a true proof from a cryptographic perspective.
Analogously to the fact that in a PoW system, mining entities are motivated to spend more on mining hardware and energy in order to make more profits, and also to the fact that in a PoS system, stakers are motivated to invest more stake to earn more profits, in EoPCoin, people who supply more evidence of personhood make profit in proportion to the amount of evidence they provide. And every item of independent evidence also makes the blockchain as a whole more secure. The interests of each individual are aligned with the interests of the blockchain itself.
But, even though we refer to individual verifiable credentials as evidence rather than proof, they are typically very strong evidence. As an example mentioned above, it’s possible that a device containing an MIT diploma in verifiable credential form might be stolen and hacked. But it’s extremely difficult for an iPhone to be hacked; the tools to do it are extremely expensive and are typically sold only to governments. So, while EoPCoin doesn’t regard any particular item of evidence to be a true proof of personhood, the level of security that be created by leveraging cryptographic proofs can be very high, particularly when there are a plurality of independent sources associated with one account.
Note that, because of the fact that each account’s profits are “powered” by evidence of personhood, which costs almost nothing, the centralization forces due to monetary expense that are intrinsic to PoW and PoS blockchains are virtually nonexistent in EoPCoin.
If there were only a few sources of evidence of personhood, EoPCoin would have a centralization factor relating to that scarcity. But there are many. For example, even an active account with a local utility company is evidence of personhood and today, such evidence is typically used for such purposes as opening a bank account. But recent cryptographic developments such as TLS Notary enable cryptographic proof to be generated by the owner of a company account by logging on to that account; TLS Notary and its equivalents are able to verify that the user can log on to a page on the web site that proves the user actually has an active account. Just as a traditional bank would accept a physical utility bill in support of a request to open a new account, EoPCoin can accept a cryptographic proof of successful logon to that same utility company’s web site, which would be harder to forge than a physical bill. (Again, it’s worth stressing that an EoPCoin account can be supported by as many items of EoP as the account owner desires in order to increase their frequency of earning coins.)
While a utility company account is a good example of evidence that is often used in the traditional business and government worlds, it must be stressed that there are many potential sources of evidence of personhood. A few of them include:
Passports with NFC chips. Software already exists to reach such chips, which are already incorporated into modern passports, and such software can create verifiable credentials for use with EoPCoin simply by putting a passport near a phone.
POAPs. (The Proof Of Attendance Protocol.) Verifiable credentials are generated as proof of physical attendance of events.
Interactions with human notary publics. Notarized documents generated by notary publics are reliable enough that they are used for many types of legal transactions to provide trust. Moreover, depending on the nature of the notarization, misrepresentations are criminal perjury, and a notary public would be liable for criminal charges for assisting in fraud. For the sake of convenience, there are already companies providing live notary public interactions online, and of course, even more weight can be given for physical appearance in an office. We are also starting to see individual notary publics providing their services online. Such interactions can include, for example, verification of ownership of passport or other types of photo ID that match the person’s physical appearance.
BrightID Meets. This is a process wherein humans who do not need to be notary publics affirm the personhood of other humans through online interaction.
Microsoft Entra Verified ID. This is digital verification of an individual’s workplace.
Financial service accounts. Using TLS Notary or equivalent technology, cryptographic proof can be generated showing financial accounts with particular minimum amounts of funds available.
Obviously, some of these sources of evidence should be given more weight than others. EoPCoin contains technology for doing this.
Standard blockchain functionality included
Other than reliance on EoP rather than PoW or PoS, EoPCoin works the same way as other blockchains do. Nodes on the system run software that each maintain a copy of the blockchain (that is, the ledger). They communicate with each other using a gossip protocol and use a standard consensus mechanism.
Each node has a chance to create a block in any particular interval of time and earn a reward in EoPCoin currency; but probability of earning that chance depends on the amount of evidence of personhood associated with the node rather than the amount of energy used and the hardware made available for work (PoW) or the amount of stake (PoS).
One of the advantages of this approach is that EoPCoin can take very significant advantage of already-existing software. For example, one way to implement EoPCoin would be to start with the existing, open-source Bitcoin Core software and modify it by replacing PoW with EoP. This could be done in a way that even reuses much of the PoW-related code.
Resistance to surreptitious attacks
As mentioned above, a 51% attack on Bitcoin could be accomplished with the cooperation of just the top 3 mining farms. One can imagine an entity such as a nation-state surreptitiously interfering with them through various means including threats and planting people on their programming or management teams.
The equivalent to this would would arguably be far harder to accomplish surreptitiously with EoPCoin because, once the network gets large enough, thousands or even hundreds of thousands of individual node operators (and/or hundreds of sources of evidence of personhood) would have to be controlled by an attacking entity, and given the existence of communications means such as online discussion groups dedicated to EoPCoin, it is very hard to imagine such an attack remaining secret until it controlled enough people to launch a 51% attack.
Summary
EoPCoin represents a fundamentally new type of blockchain, even though it can repurpose much already-existing blockchain code.
The reason it is needed is that experience has shown that proof-of-work and proof-of-stake contain intrinsic forces toward centralization. Since the raison d’etre of blockchain technology is decentralization, this is a significant issue.
In contrast to PoW and PoS, evidence-of-personhood blockchains such as EoPCoin place less priority on being as separate as possible from the traditional business world. They assume, instead, that since the traditional business world has worked well for hundreds and even even thousands of years, it is reasonable to harness one of their best aspects to make blockchains better. (In other words, we don’t think the baby needs to be thrown out with the bathwater.) Those aspects involve evidence of personhood, leveraging the fact that recent advances in cryptographic technology, much of which didn’t exist when Bitcoin was created, makes that evidence available for use by blockchains.
This eliminates the strongest forces toward centralization that plague the current blockchain world, enabling the full participation of very large numbers of individual people as full node operators, leveraging their already-owned computers. Our belief is that this creates the opportunity for at least one alternative, major blockchain, with the potential to reach a scale competitive with Bitcoin and Ethereum. This is EoPCoin.
It is planned that a detailed white paper containing technical details will be available in a few weeks’ time after the release of this concept paper.