DAOrayaki Reserach|BrightID: Proof of Digital Uniqueness

16 min readNov 29, 2021

DAOrayaki DAO Research Grant Fund Address: DAOrayaki.eth

Voting Result：DAO Committee Yes

Grant Amount：150USDC

Category: BrightID, BrightDAO, Social Security Number, Government Identifiers, Security, Privacy, Protection, Social Graph, public goods, SybilRank, Uniqueness Scores, Unique Accounts, Self-sovereign Identity, IDChain, seeds and groups, SeedDAO.

Contributor：Jones@Daorayaki

Chinese Version:https://daorayaki.org/brightid/

Brief Overview About BrightID

BrightID is a social identity network that allows people to prove to applications that they aren’t using multiple accounts. It solves the unique identity problem through the creation and analysis of a social graph. BrightID is a public good that exists for the benefit of humanity. It is a nonintrusive, decentralized, open-source technology seeking to reform identity verification and thus lay the groundwork for a free and democratic society.

From the other hand, BrighID Main DAO will promote the research of different seed selection methods and also the creation of tools that make seed selection scalable. Some principles to consider when creating a seed selection process are outlined below.

Background

Here is a simple, powerful idea: let’s build an open-source identity network, a social graph that does not require any personal information besides your connections to other real people. This network could be the basis for a decentralized system to probabilistically prove whether each member of the network is a real, unique human. Such a feat is possible if we use a graph analysis of our social connections, with the additional input of a limited number of trusted seed identities. The interconnectivity of the graph should reveal which members are real and which are fake (aka “Sybils”), based on their position in relation to the trusted seeds. This is exactly the goal of the project known as BrightID.

The creators of BrightID additionally came up with a modified version of the well-known “SybilRank” algorithm, which they refer to as “SybilGroupRank” (M. Heydari, M. Khanmohammadzade, R. Bakhshandeh, & C.A. Stallard; publication forthcoming). This modification takes into account the interconnectivity of social groups, rather than just individual social connections. In its current implementation, you may join a “group” only if you are personally connected to over half the group’s members. Joining a group is akin to saying “I may not personally know everyone in this group, but I trust the good judgment of the people that I do personally know in this group, and therefore I believe that everyone in this group is a real, unique human.” The SybilGroupRank algorithm performs well at detecting Sybils in a variety of random social graphs.

Notably, the BrightID identity network is an open source public good, distinct from the (also open source) SybilGroupRank algorithm. That leaves the identity system open for innovation: Anyone can access the data and run their own Sybil-detection algorithm on the social graph, using their own hand-picked trusted seeds.

Birth of BrightID

Adam was doing research on universal basic income projects that required KYC or AML. They all asked for scanned copies of user documents. And even if they didn’t, it wasn’t so long before they were exploited by spammers and users with duplicate accounts. He wanted to create something new and more fit for the digital world. He wanted to prevent users from creating thousands of accounts and ruining the system for everybody.

In the beginning, it was just him. But, when he proposed his ideas to Decstack — a community hosted by Daniel Jeffries — he received tons of encouragement, feedback and support from the folks in Giveth, Aragon, and other communities.

A BrightID for Everybody

BrightID is a global identification system very similar to a social security number(SSN). SSN was first instituted in the forties to certify people’s qualification to receive benefits from the US government. However, it is nowadays used for things that have nothing to do with social security just because it has become a defacto unique personal identifier.

BrightID is much different from what people are used to when they think of an ID that is issued by a government. People don’t know what goes behind that scenes with their government identity and how they are issued. They don’t know how that information is taken from them. They don’t know all the ways their ID is used. They honestly don’t know. For such reasons, BrightID brings a new world with fewer boundaries and more transparency. It enables more freedom and more personal control over one’s own identification, it is issued by no government, is in control by nobody and does not show any bit of information other than what users themselves intend to reveal, allowing people to use new experimental currencies, voting systems, benefit programs, and all sorts of projects that don’t even exist yet with only one condition:

No one gets to create multiple accounts. All users have their own unique BrightID.

Imagine a world heritage or a natural resource that all citizens of the world get to govern it fairly and equally, regardless of their nationality, gender, wealth, etc.

Basics

BrightID Machinery

BrightID encourages users to make connections to people they already know well. A graph is constructed of people connecting to each other. It is then analyzed by an algorithm that looks at how users and groups of users are interconnected and assigns scores to demonstrate the probability of uniqueness for each and every user. Simply put, BrightID assigns uniqueness scores to groups of users by checking a social graph.

On a small scale, people are vouching for each other by making connections. And on a large scale, scores depend on how connected people are to the rest of the known good graph. It doesn’t matter to be directly connected to real users with high scores in BrightID. What matters is being in the same part of the graph as high score users and being connected to others in a way that makes sense compared to the way other real people are connected.

The problem is that if you’re on an island by yourself and not connected to anybody at all, then you have a hard time getting identified because the system has no way of figuring out your lack of connections is due to your isolation or being a duplicate sybil or spam.

The more crowded the network, the more robust BrightID gets

Bright Future with BrightID

With BrightID, citizens of the world will enjoy all sorts of possibilities. The first thing they will notice is their ability to receive benefits from a lot of different philanthropic organizations in a fair way and with a fair distribution. Think of Bitcoins being fairly distributed to anyone who can prove they are a real person. Further along the way, you’ll see interesting projects that have to do with democracy and decision-making in national and global organizations.

Social media applications will arise in which everyone is proved to be real and the system is a lot more respectful of users’ privacy. All the systems above will only need your BrightID score. They don’t need your name, nationality, or anything else. Your score will show that you’re a unique, real person that only exists in the network once. BrightID frees users from the plague of spam. No more distorted information coming from someone with a thousand Facebook accounts. It enables social networks that are no doubt comprised of real people.

With BrightID, no central system like Facebook is able to control your data. There will be much freer systems where everyone is in control of their own data. We no longer have to save our data on big servers to prove we are real. BrightID enables you to simply prove you’re real and do not have multiple accounts in the systems.

BrightID enables you to say “This is my account. My only account. I’m a real person. A real citizen of the world. Recognize me!”

Redeemable BrightID

If someone, by chance or intentionally, steals your BrightID, it is very simple to replace. All you have to do is reconnect with a few people that you connected with in the first place and have them attest to the fact that you are the same person with that BrightID and you can have it back. So, in case you lose your BrightID, you can have it back quickly and invalidate the one you have lost.

Do you know how difficult it is to replace a social security number if you’re a victim of identity theft? Have you ever tried to push a camel through a needle hole?

BrightID Mechanics

Creating and storing the social graph

The social graph contains cryptographically signed connections between people. Each user manages their own signing keys, so the ability to create connections is independent from any particular service or application. This results in a form of self-sovereign identity, since each user has ownership of their own digital identifier. The social graph itself can be used as a reference for many different services, but none of these services are in charge of the graph, nor be able to control the behavior of individual users. This architecture allows connection data within the graph to be portable and to exist on a decentralized network.

Decentralized Network

Probability of connection data is essential for creating a decentralized network of computer nodes in which each has a complete copy of the graph. Decentralization allows for a wide variety of coexisting analysis methods. It is crucial for multiple independent parties to be able to use their own analysis methods on the same connection data, both to ensure that authority ever verified identities does not fall under the control of any single entity, but also to allow the regular auditing of analysis methods by independent parties. This also fosters open innovation and improvements to existing analysis methods,

Each copy of the graph is kept in sync by relying change operations through an Ethereum-based proof-of-authority blockchain called IDChain.

Analysis

In order to make a determination about someone’s uniqueness, the graph is analyzed. There are many possible methods; different methods can be compared or aggregated. Nodes in the network are free to employ whatever analysis methods they wish.

Metadata

In the methods BrightID team tried, it was found that it is useful to consider additional data in the form of seeds and groups. Seeds are preselected points in the graph from which trust flows. Groups — in the sense we use them — are small, combined efforts by connected users to help someone become verified. Groups provide richer possibilities for interconnectivity than single connections and we analyzed the graph of interconnected groups.

Thresholds

SybilRank, an algorithm on which part of BrightID trial software was based, was tested with the Spanish social network Tuenti. The algorithm was used to rank vertices (users) in the graph according to their likelihood of representing duplicate users (sybils). The ordered list was given to workers who manually checked and removed suspicious accounts. Having such an ordered list resulted in workers finding many more duplicates than through user reporting.

A manual check like the one used in the Tuenti example may not be practical, so a verification method needs to find a threshold above which users are considered unique and automatically mark them as verified. A higher threshold may result in more false negatives (unique people being mislabeled), while a lower threshold may result in more false positives (sybils being mislabeled). DIfferent apps can decide where on this spectrum they would like to operate.

Injecting simulated attacks

One way to automatically find a threshold is to simulate different kinds of sybil attacks and inject them into the graph at various locations before running the ranking analysis. After analysis, the rankings of the simulated sybils can be compared to the new rankings of previously verified users. The threshold is set to an acceptable level of false positives and false negatives.

Combing results

Applications are free to choose the most appropriate algorithms, parameters, and threshold. Verification methods may sample results from several other verification methods (potentially running on several nodes) and combine them however they like.

Verification persistence

A user typically doesn’t lose a verification for falling below a threshold unless an important local change has also occurred — for example, being removed from a primary group or the loss of a nearby seed group.

Connection levels

People have the opportunity to assess how well they know the user to whom they are connecting. This makes it harder for an attacker to make connections from their sybil region to the honest part of the graph. Detecting regions where there are only sparse connections to the honest part of the graph is a feature of many anti-sybil analysis methods.

Recovery

Each BrightID has a signing key pair associated with it. If a user loses access to the signing private key, or the key is compromised, it can be easily replaced by reconnecting to two members of a set of trusted contacts. Having an easy recovery method makes bribery less effective: a user could simply accept a bribe and then replace their signing key, rendering the previous one useless.

Primary groups

Primary groups are an important part of being verified. A person can only be verified as a unique human if their primary group has been ranked high enough by anti-sybil algorithms. Each person chooses one primary group. Other members are notified when this happens. Over 50% of the members of the group must authorize a person’s choice of primary group. In addition, any member may mark a group as unusable as a primary group and any member may veto another member’s use of a group as a primary group.

A primary group represents the closest personal contacts for a particular person. BrightID users should mark groups and veto other users accordingly.

Seeds

Some social graph analysis systems have a notion of seeds, which are people who serve as centers of trust. Seeds are used by the system to differentiate between honest regions of the graph and sybil regions created by attackers to resemble honest regions. Selecting seeds is especially important during the rapid growth phase of the network when subgraphs of users may arise that are not well-connected to the main graph.

BrightID Main DAO promotes the research of different seed selection methods and also the creation of tools that make seed selection scalable. Some principles to consider when creating a seed selection process are outlined below.

Seed Groups

When analysis is done on a graph of groups (as is the case in several of the initial systems), it makes sense for a seed to be a group of people. This allows a seed to have a continuous lifespan.

Discoverability

A seed group must be discoverable for two important reasons:

First, a BrightID user must have reliable steps they can take to become verified as a unique person. In the stage of rapid network growth, this will often include finding and making connections with members of a seed group.
Second, DAOs given the task to assign and revoke seed status to groups need a way to find a group and ensure that it is operating well.

Seed DAOs

Seed DAOs have the authority to designate seed groups and remove that designation. Algorithms that make use of trusted seeds can use lists of seed users published by DAOs. Multiple seed lists may be combined, it’s up to seed DAOs to prove the trustworthiness of their selection process. Seed DAOs may be eligible to receive grants from BrightID Main DAO.

Governance

A seed DAO may choose its membership and operate however it wishes. A seed DAO’s membership may include members of seed groups that it has selected. Some members of the BrightID core team created an Aragon seed DAO (called SeedDAO) on IDChain where each member has one vote on decisions to add and remove seed groups or DAO members.

Use of the graph explorer

BrightID released a tool for exploring the BrightID graph. Users can see the position of their own connections and groups in the graph.

This tool can also be used to mark regions and export the boundaries to share with other seed dao members. This helps with sharing the location of seed groups and the regions they affect. A seed dao member can define a region by adding people who have been observed to connect to seed group members. This creates an area of known humans around a seed group. Those peoples’ ranks can be measured over time to help gauge the effectiveness of the seed group.

Checking seed groups

A seed dao should periodically send a member to visit each seed group it has designated to make sure it’s still accessible and helping the nearby regions.

BrightID Main DAO

A decentralized autonomous organization (BrightID Main DAO) is used to represent the interests of humanity and the applications they use on the BrightID network. BrightID Main DAO supports BrightID-related open-source software, nodes, seeds, research, and communication.

BrightID Main DAO Budget Categories

Development

Fund the development of:

Applications that allow users to make connections, manage cryptographic keys and authorize other applications.
The peer-to-peer protocol used by BrightID nodes.
Other open-source, general purpose utilities for BrightID.

Research

Fund the research of new techniques for analyzing the social graph and users who wish to run nodes to incorporate these techniques. Award bounties for various general and security activities.

Seed Group Development

Bring remote communities into the BrightID network and fund research on seed selection processes.

Communications

Communicate with businesses, offer support, create public-facing documents including user and integration guides, host and attend events, engage in community building.

Team members

BrightID Team

Adam stallard — Project Lead: Adam has worked in distributed systems since 2010 and client-server architecture since 2002. BrightID is his passion.
Twitter Account: https://twitter.com/cadamstallard
David Wisner — Mobile Lead: David is a Javascript developer with 6 years of experience building web apps. He graduated from the University of Washington with a degree in psychology.
Twitter Account: https://twitter.com/Rnb_Wd
Alireza Paslar — Research, Communications: Paslar does community management, research, and content creation for BrightID
Twitter Account: https://twitter.com/alirezapaslar
Mahdi Heydari — Research, Mobile, Smart Contracts, Web Apps: Mahdi has over ten years of experience in programming. He also has years of research experience in economics and social criticism on banking and monetary systems.
Twitter Account: https://twitter.com/AbramSymons
Mohsen Khan-mohammad-zadeh — Research, Smart Contracts, Web Apps: Mohsen has years of experience as a programmer. He has been researching blockchain and smart contracts for some time and is a trusted and fluent programmer in the blockchain ecosystem.
Twitter Account: https://twitter.com/siftal_
Michael Bauer — Mobile, Smart Contract, Web Apps: Michael studied Computer Science in Germany and has +20 years of experience as a developer and project manager. He is passionate about blockchain and smart contract technology.
Twitter Account: https://twitter.com/TripleSpeeder
Dama Vara — UI Design: Dama has years of experience as a visual designer specializing in marketing and communication content. She designs BrightID mobile apps, websites, and other communication content.
LinkedIn Account: https://www.linkedin.com/in/damavara
Carlos Mesa — Research, Communications: Carlos has been working towards cryptocurrencies adoption since 2013. He does community management, research, and content creation for BrightID.
Twitter Account: https://twitter.com/MonoMesa
Mohammad Hossein Ghaznavi — Community Management: Ehsan does community management, content creation and marketing for BrightID.
Twitter Account: https://twitter.com/rightehsan
Bitsikka — Integration, Mobile/Web Apps, Community Facilitator: Bitsikka has been studying Web3 since 2016, has 8+ years of mobile/web frontend development, and has been participating in various Web3 communities actively for years. He helps with App/Community integration, documentation, and community management at BrightID.
Twitter Account: https://twitter.com/bitsikka
Mohammad Reza Yazdani — Community Growth, Content Creation: Yazdani helps the community to grow through creating content and making advertising strategies. He has over four years of experience in business development, economics, and finance.
Twitter Account: https://twitter.com/yazdaaniam
Brandon Venetta — Network Development: Just an ordinary guy trying his best to do good in this world, Father and Husband.
Twitter Account: https://twitter.com/brandonvenetta

Advisory Team

Philip Silva — Strategy, Mission: Philips helped create ZeroPoverty and the non-profit HedgeForHumanity to advance the ideas of universal sharing, crypto-UBI, and paying social dividends for all of humanity.
Twitter Account: https://twitter.com/UBIpromoter
Griff Green — DAO, Commons: Community manager for TheDAO, co-founder of the White Hat Group, Giveth, and the Commons Stack, as well as advising many other core Ethereum community projects.
Twitter Account: https://twitter.com/thegrifft
Like Duncan — DAO, Commons: Luke Duncan is an advocate for open source technologies and decentralized platforms. He co-founded 1Hive and is working to advance DAO usability and adoption on the Aragon One team.
Twitter Account: https://twitter.com/lkngtn
Auryn Macmillan — DAO, Commons: Auryn is a community builder and user researcher with a passion for open technologies. Founder of DAOhub, BD; SM at Colony, former pro basketball player, MSc Psych & Research Methods.
Twitter Account: https://twitter.com/auryn_macmillan
Ross Campbell — Legal, DAO, LAO: Ross is a Brooklyn-based attorney and programmer at OpenLaw with substantial experience developing code-based contracts and companies on Ethereum.
Twitter Account: https://twitter.com/r_ross_campbell