Bankless - 187 - The Ethereum Attestation Service
Episode Date: September 11, 2023On today’s episode we welcome Bryce Patrick and Steve Dakh from the Ethereum Attestation Service. EAS is a new public good, open, permissionless, and token free. Is this the key unlock for decentral...ized identity through crypto? ------ ✨ DEBRIEF | Ryan & David unpacking the episode: https://www.bankless.com/debrief-eas/ ----- 🏹 Airdrop Hunter is HERE, join your first HUNT today https://bankless.cc/JoinYourFirstHUNT ------ 📣 AAVE V3 is Here! http://app.aave.com/ ------ BANKLESS SPONSOR TOOLS: 🐙KRAKEN | MOST-TRUSTED CRYPTO EXCHANGE https://k.xyz/bankless-pod-q2 🦊METAMASK PORTFOLIO | MANAGE YOUR WEB3 EVERYTHING https://bankless.cc/MetaMask ⚖️ ARBITRUM | SCALING ETHEREUM https://bankless.cc/Arbitrum 🛞MANTLE | MODULAR LAYER 2 NETWORK https://bankless.cc/Mantle 🦄UNISWAP | ON-CHAIN MARKETPLACE https://bankless.cc/uniswap 🗣️TOKU | CRYPTO EMPLOYMENT SOLUTION https://bankless.cc/Toku ----- TIMESTAMPS 0:00 Intro 7:27 What is an Attestation? 11:51 Attestations as a Primitive 14:35 What Are The Good For? 19:15 Defining Identity 22:39 Primitive Before the App 25:55 What is EAS? 30:31 Attestation Form Factors 36:51 Use Cases 40:19 EAS Growth Goals 42:17 Why Do We Need Attestations? 46:10 Why Build This on Ethereum? 52:46 Who is Using EAS and For What? 1:00:04 Web2 vs Web3 Attestations 1:05:17 Decentralized Reputation 1:08:05 The App Layer on Top of EAS 1:15:08 Privacy 1:19:48 Comparing To Sign In With Ethereum 1:21:22 How is it Funded? 1:25:08 Soulbound Tokens 1:30:00 Closing and Disclaimers ----- RESOURCES EAS https://twitter.com/eas_eth https://attest.sh/ Steve Dakh https://twitter.com/stevedakh ----- Not financial or tax advice. See our investment disclosures here: https://www.bankless.com/disclosures
Transcript
Discussion (0)
Probably 99% of all the historical video content that we have right now.
In audio content, it's probably all legitimate, most likely not AI generated.
In the next few years, you can kind of see how that can start to flip.
One of the things that we think about is like right now, if you take some historical content, hash it,
timestamp it on chain using an attestation.
You can now prove, you know, a thousand years from now that this content existed before we had the AI capable to make a perfect replication of that.
So right now we can actually use outstations to almost save history.
And I think we should.
Welcome to bankless, where we explore the frontier of internet money and internet finance.
This is how to get started, how to get better, and how to front run the opportunity.
This is Ryan Sean Adams.
I'm here with David Hoffman, and we're here to help you become more bankless.
The Ethereum attestation service, a new public good, a standard that's open, permissionless
and free.
There's no token on this one.
We talked today about why this might be the key online.
for decentralized identity and non-financial use cases in crypto. As we've said so often on bankless,
first we take back our money, then we take back our identity. This might be a key to that solution.
A few things to take away from this episode. Number one, why decentralized identity isn't a
mystery. It's actually just a bunch of attestations. That word attestations. That's going to be the
focus of today's episode. Number two, we talk about why web two and social networks like Twitter
are actually just attestation silos. Number three, we talk about why financial
use cases are going to absolutely explode over the next 10 years as soon as we unlock the power
of attestations. Number four, we end with thoughts on WorldCoin, on privacy, on sole-bound tokens,
and a host of other items related to decentralized identity. David, why was this episode
significant to you? The arc of crypto is just iteration and unlock after iteration and unlock.
And I think this identity primitive of the attestation is a big unlock. I think a lot of
projects. There's been a lot of teams and organizations out there that have gone straight for
the identity golden goose. And they're skipping a step. They're skipping a layer. And that is what I
think is the Ethereum attestation layer, the attestation service that we are going to talk about here
on the episode. I think without the building block of attestations, crypto is much more muted than
it otherwise would be. And in order to get to a much more expressive version of the crypto economic
future, we need these attestations to unlock new doors, new opportunities, because they bring in
basically everything that's not money and finance into the fold of crypto and allows us to build
on top of those layers. And so getting to that point where we have identity and not just
identity, but everything that is related to attestations, you're about to learn all about that
in the show. In order to get there, we need to first build out these building blocks that the
Ethereum Adetization Service team is working on building today. We have nothing to disclose for this
episode. But of course, you can always check out bankless disclosures at bankless.com slash disclosures.
Guys, we're getting it right to the episode. But before we do, we want to thank the sponsors
that made this possible, including our number one recommended crypto exchange for 2023.
Cracken. Go check them out. Cracken Pro has easily become the best crypto trading platform in the
industry. The place I use to check the charts and the crypto prices, even when I'm not looking to
place a trade. On Cracken Pro, you'll have access to advanced charting tools, real-time market data,
and lightning fast trade execution.
all inside their spiffy new modular interface.
Crackin's new customizable modular layout
lets you tailor your trading experience to suit your needs.
Pick and choose your favorite modules
and place them anywhere you want in your screen.
With Cracken Pro, you have that power.
Whether you are a seasoned pro or just starting out,
join thousands of traders who trust Cracken Pro
for their crypto trading needs.
Visit pro.crakken.com to get started today.
Metamask portfolio is your one-stop shop
to manage your crypto assets
and to tap into Defi all in one place.
And the most important part of that,
experience? Buying crypto, obviously. MetaMask portfolio's buy feature enables you to purchase
crypto easily without going through centralized exchanges. Designed with you in mind, you can fund
your wallet directly in just a few clicks with convenience and simplicity. What happens when you
press the buy button? Rather than being limited to a single payment provider, Metamask brings
together a bunch of vetted, trustworthy providers to present you with customized quotes for your
crypto purchase. Once you've funded your wallet, you'll be able to plug into defy with all the money
verbs like swapping, bridging, and staking. But first things first, you need to be.
skin in the game. Head over to metamask.io slash portfolio to buy crypto the easy way.
Arbitrum is accelerating the Web3 landscape with a suite of secure Ethereum scaling solutions.
Hundreds of projects have already deployed on Arbitrum 1 with flourishing defy and
NFT ecosystems. Arbitrum Nova is quickly becoming a Web3 gaming hub and social adapts like Reddit are
also calling Arbitrum home. And now Arbitrum orbit from orbit allows you to use Arbitrm's secure
scaling technology to build your own layer 3, giving you access to interoperative.
customizable permissions with dedicated throughput. Whether you are a developer,
enterprise, or user, Arbitrum orbit lets you take your project to new heights. All of
these technologies leverage the security and decentralization of Ethereum and
provide a builder experience that's intuitive, familiar, and fully
EVM compatible, faster transaction speeds, and significantly lower gas fees. So visit
Arbitrum.io, where you can join the community, dive into the developer docs,
bridge your assets, and start building your first app with Arbitrum.
experience web three development the way it was always meant to be secure fast cheap and friction-free
bankless nation we are super excited to introduce you to bryce patrick and steve dack they are builders
leading the effort behind the ethereum attestation service this is we're going to refer to this
by e-a-s in this episode and e-as is a free open source primitive that's deep in the ethereum tech
stack and has aspirations to unlock an entire world of use cases using one simple primitive that of the
digital attestation. Bryce, Steve, welcome to Bankless. Thanks for having us. Thank you, Ryan and
David. It's a pleasure to be on the show. We've been a long-time listener, so to have the
opportunity to come up. It's great. We're excited to chat, help educate more about attestations,
and looking forward to the call. I do think that this is going to be an educational episode for
everybody, including David and myself, because part of the reason we're having this conversation
is, of course, the Bankless Nation knows that identity is very important to David and myself. We
often say, first we solve money and then we solve identity. That's kind of like we're
Cryptos is destined to go. We also heard on the back of Ethereum Waterloo from more than a few
folks that you have to talk to the EAS team. They're doing incredible things in the space.
This is a major unlock for our on-chain attestation identity. And so David and I took a look.
We understood a few things. This looks like a open source primitive. It's tokenless. It's free.
It's a public good. This is music to our ears on bankless. So we're hoping by the end of this
episode we know enough about EAS to be dangerous. And we sort of get
the shape of where identity might be going, at least from a public goods perspective. Does that sound
like an okay agenda? Absolutely. Yeah, great. Okay, well, we'll start here. Can you tell us it's in the name
Ethereum attestation service? What is an attestation? And what on earth does that have to do with identity?
All right. So basically, simply speaking, an attestation is simply an entity making a signed statement
about something. In the case of EAS, you're able to make an attestation about literally anything.
know, the reason why that's important might not be immediately obvious, but that's why we have
this story that we like to tell. So essentially, we've been really super interested in solving
decentralized identity and reputation. And we know that it's like a super hard problem to solve.
Identity is relative. Your reputation is relative and it's contextual. So for example, my reputation
to Bryce is different than my reputation to David. And it's a very complex.
kind of abstract concept that, you know, no one has really solved because I think people have
been trying to solve it the wrong way, almost building one layer too high and not building upon
a primitive to be able to describe such complex things. So we started to think about identity.
We're looking at all the platforms that existed out there, you know, today. And we saw that most
of the platforms that are doing identity, they're almost all like glorified KYC companies. They
build these like siloed platforms that you essentially as a company or developer have to adopt
and then you're kind of locked into that platform. So say, for example, there's, you know,
Polygon ID or Bright ID or any of these platforms that allow you to do some sort of K.
They essentially are attesting about you passing your KIC, but that attestation can only be used within
that platform. And so if some other platform wants to KYC you and you want in your like some
maybe a smart contract that wants to allow users only who are KYC to use it,
you'd have to implement every single identity platform.
And that just makes no sense for decentralization.
It's not interoperable.
And also none of it actually solves identity.
Identity and reputation is very complex.
I might like Bryce's selection and music,
but I might not like his food tastes,
but I might still trust him anyway.
So we were thinking like, what actually is identity?
and we started to think really deep about this
and we started to think, well, at some point
we had no identity and then we did.
And so we were thinking, well, at what point was that?
I remember coming to this realization, like,
when I was born, my mom named me Steve, right?
You can say that she attested to my name, right?
And so I went to school and the teachers attested to my grades, right?
And the kids in the class could have attested
to whether they like me or not.
The government attested
to my passport and my driver's license.
University can attest to your diploma and your employer could attest to your employment
or whether you're a good employer or not.
And so we kind of quickly realized that actually you could represent identity and
reputation as an aggregate of attestations about someone.
And so if you really want to be able to solve this problem,
what you really need to start with is a base layer where any entity can just attest
about anything at all.
Yeah, and it's not that all the identity protocols are moving in the wrong direction.
It's just that because there hasn't been this primitive base layer, everyone's building their
own solution towards it, and they're just one aspect of an identity.
And so we realize if you actually want to be able to solve reputation, digital identity,
we need to have a common language and a framework that everyone can communicate off of.
So we've been reaching out to a lot of the identity protocols and beyond with different use
cases to really help try to bring everyone together.
When you guys say that attestations are primitive really gets me excited, especially when you define the primitive so easily as a just a statement that someone attest to something else. And when a statement like this is so simple, you can get this instinct that the expression of this primitive can be massive. And I think why these conversations around identity and these primitives can be so difficult is that a lot of the listeners, especially crypto newbies, newcomers into this crypto world,
aren't used to thinking in these grand terms.
And trying to get people to understand this new form factor for identity is
trying to also get them to understand these new monies that were created.
You almost have to unlearn the paradigm of the dollar in order to understand,
you know, Bitcoin and Ether.
And in the same model, you have to unlearn the fact that your government issues you,
your identity to really learn that actually your identity is an aggregate of all of your
social relationships that are like piecemeal.
together throughout time. So maybe we can actually just go back to this primitive with that shared
kind of context. And maybe Bryce, you can start and Steve will go back to you. Like how does your
identity form? How is it a primitive like an EAS? Actually the basement level foundation that is
actually needed to make one's true identity. Yeah. If we check ourselves out of like blockchain
altogether and we just think about how we interact with each other offline and in the real world,
there's a lot of interactions that we have together. Imagine just like getting alone for
something. You might go to Ryan and say, hey, Ryan, I need to borrow $5,000. Well, a simple IOU might be
justified from Ryan to give you a loan because he trusts you and all the interactions that you guys
have had and the trust that you've built. But if you, David, wanted to go get a loan from a bank,
you might have to go to that bank and provide all these documentation and all these different proof
points to actually show that you're a credible person. And that's because you don't have that same
rapport and there's other regulations that they're following. But the idea is that all these entities
are just making attestations about each other. And the value of the attestation from you giving an IOU
to Ryan is saying, you know, he's trusting that you're actually going to follow through on that.
And so if we think about how attestations can work, it's really just like any interaction where
you're trying to build trust and to make sure that the person on the receiving end, like has some
sort of authenticity that you are kind of who you say you are and like you have some reputation
behind it. You can unlock so much.
from that, but we haven't had a way to do that online and on chain.
Is this just an identity conversation?
Is this a conversation specifically at a stations?
What do they do?
They give us our identities.
Or is there something grander here?
So attestations can be used for a lot more than identity.
We talk about identity first because we like to explain how, like, you can take such
a really complex idea and describe it with something so simple.
But attestations, because they're simply essentially signed statements of entities saying things about things, it can be for anything.
It can be used for supply chain.
It can be used for voting.
It can be used for certification.
All sorts of things that aren't directly tied to identity.
It can be used for ticketing.
And what's interesting is in real life, in the real world, we're testing all the time.
You know, we say things about other people.
We sign documents.
But there's never been like a digital way to do this in a structured, standardizable way before.
And so that's what the magic of like, you know, with EAS being able to create a schema describing what you're testing about, what you might want to attest about, and then being able to attest with that schema. I think that's really the revolution that EAS is like kind of broad. Yeah, if we think of like a notary service, if you were to sign like a mortgage document or some sort of important document, typically you have to get it notarized in front of someone. That notary is essentially attesting that you were the person that signed that document. But we don't have a way to actually.
have, you know, a way to attest in a more structured way on blockchains. We do have digital
signatures, which gives a lot of authenticity to who's signing. And we also have the verified
timestamp, but we haven't been able to actually structure that in a way that is composable
and more interoperable for people. Okay. So I'm trying to like put this together, make this make
sense in my mind. So a few things maybe have been talked about. The first I just want to make
concrete is this idea of an attestation. It's somebody saying,
a thing about someone else or making some claim, right, on chain. What this mechanically looks like
is on chain with, say, a Metamask type of, you know, prompt, I'm signing something with my
private key, right? So I own RSA.a.eath, that's my ENS, and it corresponds to an actual
Ethereum address, and I can sign things on chain. I can, like, digitally verify. And I have to,
let's say, I'm using my ledger for this, hardware device, I have to, you know, or Metamask,
You have to click through and actually attest that something is true.
Is that what you mean by an attestation?
Yes.
Is that all we're talking about here?
Yes, but it's structured in a particular way using the EAS standard.
But yes, every attestation is signed with a wallet with a private key.
Okay.
So you have the authenticity knowing that this attestation came from the entity that's claiming.
And so it's coming from the entity that owns those private keys that has like physical access to those private keys.
Or a smart contract.
It can even be a smart contract that it's.
test. Perhaps the smart contract receives some sort of inputs that it validates. And then once it gets
these proper inputs, it attests to the entity that they've passed some sort of thing.
Okay. And Ryan, so like with social media today, when you're posting something,
you're essentially just attesting to the post, right? And then if David likes your post,
he's attesting that he likes your statement. But we haven't had like a core building block to be
able to do that. And I think one thing that we realize is like on chain is really good for a lot of
things, but we also want to make sure that EAS was accessible off-chain. So EAS is also an
off-chain protocol for making digital signatures as well. Okay, I want to get into EAS, but yeah,
that's an interesting point. I guess all the tweet is an attestation that my account,
the person who holds my username and password and, you know, is two-factor authenticated
into my Twitter account is saying this thing, right? Yes. And that establishes my online
Twitter reputation, basically, and is the basis for my social graph. But I want to
I want to go back to something because for somebody who's thinking like at the primitive layer,
just signing something with a private key and saying, yep, I approve this message, basically.
You're saying that that's essentially what identity is.
I think that's the part that is a little bit mind-blowing at first.
And the part that's kind of like back to the basics of this is like, you know, what is money?
Well, it's a, you know, a social scoreboard, I guess.
And, you know, like we all agree something's money, therefore it becomes money, right?
that's what you have to unlock to actually understand money. And to David's point, it's something
similar involved in understanding identity. So you're saying all my identity is is attestations that my
peers, the social context through which I'm in, like make about me. So like the nation state will
attest that America, hopefully they attest this, that I'm an American citizen and I have a social
security number and they will attest that, right? I mean, whatever, the government database somewhere.
And I'm also a Canadian citizen. So the government of Canada will like attest that I'm
I'm Canadian. And, you know, if I'm a member of a church or something, then my church might attest
that I'm a member here. If I'm a member of some other community, or if I'm a friend of someone,
then they might attest that I'm their friend. Is that really all that identity is? It's just,
like, people attesting certain claims, and there's nothing more than that?
So it's not the claim so much. That is your identity. It's how the entity looking at those claims
values those attestations. So, for example, if I show you an attestation,
from Vitalik claiming that he believes that I'm a good person or something and you know it was signed
from him, you might find value in that. But maybe, you know, some Solana guy might not.
Maybe someone who doesn't care about Vitalik might not value that. And so, like, it's very relative.
Like, if I was to want to take out a loan, I would probably show the entity who I want to take a loan
from attestations that are relevant that prove that I actually pay back my loans and that I'm a real person
and that I have enough attestations where I don't want my record to be smeared.
And then that might be enough for that entity.
But for some other entity, they might require something else.
And that's what makes it super decentralized because, like, instead of just having one entity saying, like, oh, this person's a human,
trust us always, right?
There can be other entities that say you're human.
You know, there could be friends that say that you're human.
And depending on who you are and who's attesting, you might value those attestations or not.
And so this is the only way that I can imagine solve.
the decentralized identity problem. You can't presuppose, you know, what identity really is. It can be
made up of a lot of things. Maybe I have an attestation that I was part of the Mickey Mouse Club or something,
you know, and there's something like maybe that's valuable to somebody somewhere, but, you know,
to most people probably wouldn't care. Yeah, there's been a number of attempts at identity ever,
honestly, even ever since the Bitcoin talk forums, like the early people coming into this industry
we realized the relationship between private keys and identity, you know, if you sign a message and
you are known to be the bearer of these private keys, then everyone can trust that you are the
issuer of that message. Like even the primitive days of crypto when we were in Crypto Stone Ages,
we still figure this out. And then ever since then, there has been like a smattering of attempts of
like people in the application layer trying to go after identity, right? Like WorldCoyne, for example,
comes to mind, which was recently going through the crypto meta. But even before that, right,
circles. It was another attempt. Bright ID. You guys listed them. And these are all like identity
apps. And like that one comic, that one XKCD comic comes to mind where like, there's 14 standards for
identity. We need to make another identity play that aggregates all of them. And then the next panel is
like new problem. Now there's 15 different identity standards. I think what you guys are saying is that
all of those attempts at identity, you can't go straight for identity at the app layer. You need to build the
building block, the primitive down below. And then maybe the applications can blossom.
Can you guys talk a little bit more about why you need the primitive before you have the app?
As I mentioned before, like all these identity solutions, they're all moving in the right
direction. And people will value, like, even with World Coin, right, people have, there's two
schools at camp. One is like some people don't care to have their eyeballs scanned and then the
other people do. None of those people are wrong. It really just depends on the applications of,
like, do they care about World Coin's attestation, that that person's a very,
human and would they consider that as a part of their identity? But if all these fragmented solutions
like WorldCoin, Bright ID, you know, et cetera, don't have a common layer where they can communicate,
you can't have an aggregate view of who someone might be and to give like builders and users
the choice of how they define like who's trustworthy or not. And so while I think like all these
are moving in the right direction, they also tend to either tokenize or like try to extract value
at the protocol layer, which if you think about like trust and like identity,
it's kind of like oil and water.
You can't really mix finance and like trust and identity at the same layer because
someone's going to come in with a bigger budget and try to direct the narrative of like
what is identity.
And it's usually for it might be their gain, right?
But if we truly have a credibly neutral base layer where any entity can make these
types of statements from that World Coin and all these other protocols can actually become
more composable and actually helps them.
One of the things I want to add is in response to your question is with these
companies, if you don't have a base primitive, you end up having to presuppose a lot about what
identity is. I think this was like one of the biggest fails of like Uport. They built in all of these
presuppositions about what identity is trying to use like DID standards. But there's so much more than
just what's in that standard. You can attest about, you know, there's so many different types of
interaction intentions entities can have and you can't just pre-program them all into a smart
contract or an application. I think that's where these platforms have failed because if you have
to sign on to something like a Uport, then you have to just assume, like, Uport has everything that you'll
ever need. And if it doesn't, then you have to use another platform and then you just create more
fragmentation. Whereas, like, EAS, Uport could presuppose whatever they want, build a scheme
around that and a test with it. That's the cool thing about EAS. Like all these platforms that
have their own standards can still build their own standards and use their own standards using EAS,
but they're still on the same layer. Like any smart contract can say, I care about attestations
from this entity or this entity or this entity when it comes to these types of attestations.
And that's what makes it so much more interoperable and actually useful for decentralized identity
and reputation.
Okay, so what actually is it?
EAS. It's not just another identity play.
It's something we've been using this primitive word.
But what actually is the thing?
Like, what actually is EAS?
Is it an ERC standard?
Yeah.
So EAS, it has two basic parts to it.
There's two smart contracts.
one of them is called the schema registry, and it allows anyone to register any type of attestation
that might want to be made. So, for example, there would be a schema for voting, a schema for
testing to whether you trust someone, a schema for attesting to whether you like someone,
a schema for testing to whether a smart contract has been audited, et cetera.
These are types of attestation form factors?
Yeah, essentially, it's a form factor registry for attestations. And then you have the attestation
ledger smart contract, which just has a ledger of attestations, each referencing a particular
schema. So like, you want to make an attestation? You have to first reference a particular
schema because, like, what is this attestation about and what is this data structure? And so the
schema describes, like, exactly what pieces of data are in there. So maybe if I wanted to create
like an off-chain ID card, maybe I'd have like a name field, I'd have an birth date field and
whatever relevant fields, and then you can attest with it. And anyone can create whatever kind
they want and every schema gets its own unique identifier. What's great about that is when you're
testing about a particular schema, anyone can know like, oh, this is this schema. This is an
attestation from this schema. It gives its own category and anyone can essentially attestead with the same
schema as long as it's not protected. So schemas can actually also optionally have a smart
contract associated with them. And essentially, anytime an attestation happens of that schema,
it'll run through the smart contract and the smart contract can prevent.
at the stations from happening. So say, for example, you wanted to have like an allow list.
You can block people who are not in the list. You can make a payment happen. So say, imagine you
created like an Oracle schema. Anytime someone attests to a particular truth and they're inside
of this some particular allow list, they get paid out automatically. So you can do interesting things
like this. And just with these two base primitives, that's the whole on-chain component.
So because of these smart contracts, any smart contract, any EVM-based smart contract with
if EAS deployed can easily verify any attestation and validate it.
And then also, because we understand that actually, most likely over 90% of
attestations that people will make will probably be off-chain.
This is like private attestations, things between friends.
There's so many private things that we don't want to put on chain.
And so what we created is this off-chain attestation protocol, which uses EIP 712,
to be able to sign using your wallet.
you're signing off-chain signatures that still follow the whole EAS format and standard.
What's cool about these off-chain attestations is they're completely portable.
You can pass them from peer to peer.
You can keep them private.
Inside our UI, you can actually, it generates a QR code for every attestation,
and the QR code has the entire attestation and the signature encoded inside of it.
What's cool about that is you can easily pass this.
Anybody can just scan your attestation, and it goes from your phone directly to their phone
without ever living on a server.
or optionally you can put an off-chain attestation on a server and then anyone can verify it.
But what's cool here is it's completely gasless.
It doesn't cost any money to make.
And anybody can verify them.
And then even additionally, timestamp or revoke them on chain, even after the fact.
And one key thing with attestations is that they don't always have a recipient or someone on the other end.
Like you don't always have to say something about someone else.
You could be self-attesting more or less.
So imagine bankless study.
They wanted to attest to the authenticity of this.
episode, you could generate a hash of the episode and a test that bankless actually produced this hash.
But you're just, it doesn't have to be about another subject. The power is that this known
entity is signing some sort of structured piece of data at this time. So this was great. And I think
a lot of people will start to have their imaginations start to go now and start to see this like
world open up. And just to maybe double down on some points that you all made specifically about
the form factor of attestations, maybe to put this into the, uh, trad,
world, the world that we currently have, like different attestations come in different form factors
that we already know of, right? Like, Stephen, your story, for example, your birth record is an
attestation of your date of birth might actually be the originating document that attest to your name, too,
right? A diploma is another form factor for another attestation, right? Maybe your credit score is
another type of form factor for some financial-related primitive. And so the EAS that has all
these different form factors for attestations or trying to mimic this world. There's a very
different needs of attestations in various different form factors. And all of these things are,
are various standards that people are proposing saying, hey, all the other form factors that already
exist aren't servicing the needs of my kind of attestation. So I'm going to advocate for this new
type of form factor, and I'm going to submit it and merge it to the EAS system. And all of a sudden,
that form factor gets uploaded. And maybe there's a network effect that grows,
around that. And then also you guys said that you can also put a smart contract logic into one of
these things. And I'm sure that just opens up a brand new world of territory that we could
start to play in just because now we're starting to do some crypto-native stuff as well.
And then the other thing I wanted to just bring attention to is like the off-chain component,
especially like only so many out of stations actually need to become transactions.
Like actually, we're not really talking about blockchain or cryptocurrency very much at all here.
We're mostly just talking about private keys and private key signatures.
And so whether or not they actually make it onto the data of an adaptation actually makes it on chain actually is not really the focal point of a conversation like this, right?
It actually is like, hey, all we really need are these private keys and these form factors for consumption.
That's kind of how I would summarize the last little bit of conversation.
Bryce, does anything you want to add to that?
Yeah, I think on the Web3 side, like the crypto-native side, the reason why we want to put something on chain is so smart contracts can interact with it, right?
And maybe greater transparency for, especially in decentralized communities where you might want, like, the governance of the community more transparent, like how funds are being distributed in this very decentralized world.
Putting things more on chain makes more sense.
But there are a ton of like normal offline use cases that you just need to prove the authenticity of a signature.
So it really just depends on like the goals of the use case, but they both have value.
I want to be clear.
So you said there was kind of two smart contract registries, like one for the schemas and one for the.
for the individual attestations themselves.
So the schemas that David was describing,
that's completely permissionless, right?
So like anybody could propose whatever schema they want,
and if they can organize enough people
to sort of participate in that schema,
then bam, they've got kind of a standard.
So let's say all of the academic institutions
across the U.S. got together,
and they were like, hey, we want to do on-chain attestations
of our diplomas, then they can,
could propose something, even if there were already a few standards in place, they could
propose some sort of schema. And they could, if they got the consensus together, they could
adopt some sort of standard on top of EAS to attest to whether an individual, I guess,
eth address, owned by someone, has a degree from their institution. Is that sort of how this
works? Yeah, exactly. Yeah, you're spot on, because I think one of the challenges for a lot of, like,
previous attempts at like creating some sort of like diploma like schema and stuff people assume way too much in like the fields that are required in the schema and you actually just need to allow the community to come together to develop the right scheme over time and we've seen that even like in the evy worlds for like your electric cars right there's like a lot of research around like the best charging port for all electric cars and then Tesla comes out and says no actually we're going to build our own standard we're not going to like adopt an existing one you actually need to follow where the users are and like what they care about most.
and then let standards kind of be built over time.
This is so interesting because I almost feel like I'm learning about
HTTP for the first time, you know, like HTML for the first time, right?
Because it feels like it's so flexible and can do so many things at once.
I don't even know where to start or like what to do with at first
because it feels like kind of like Ethereum itself, which is like boundless.
Yeah, it's boundless.
Now we have smart contracts.
You know, we have programmable systems where you can kind of like a programmable property rights system.
And everyone's like, all right, what do we do with that?
And then 99% of people are like, yeah, I don't get it.
You know what I mean?
It feels like it's this type of conversation that we're having.
It's like attestations can do basically anything.
I mean, they are the primitive building blocks to reputation, to identity, to like the way everything is organized across society.
Attestations do everything.
All right.
That's the episode.
We're done.
Yeah. Okay.
So what do we do first?
It could do so many things at once.
Are you guys worried at all that we're kind of like boiling the ocean with this approach?
I totally see the merits of what you're saying is, hey, all of these other on-chain identity
solutions are starting almost at kind of the application layer and they're just like making
way too many assumptions.
We have to go down to the primitive and start with a standard for the primitive, kind of like
HTTP or something like this, right?
And now we have the hyperlink and we've just created this new primitive.
All right, but what about the websites?
Like, what do we build first?
I mean, are you worried at all that we're boiling the ocean here?
What's your take on this?
I don't think we're boiling the ocean.
I think this is just the case with this technology that, like, now there's a new technology
that allows for things that couldn't exist before.
And so there are infinite possibilities.
The cool thing, though, is it doesn't necessarily require like a massive network effect, right,
in order for it to work.
Essentially, if you can find one use case for EAS, it's still useful.
If one entity decides, you know what, we're going to start.
this venue is going to start a testing to tickets that entities have tickets to this event and
they just start using EAS for that. That's it. You know, you only need that entity and their
customers. If you're starting like a new social network, perhaps you might run into issues
like that. But for so many use cases, like you don't necessarily need a ton of people signed on.
So what we found, we've been running hackathons the last few months. And like this recent one that
we did, 25% of the teams built on EAS. And, you know,
was interesting to see is like just the wide variety of like apps people were building some of them
were in medical some of them were like in cross-chain like paymaster systems some of them were like
attesting to open source software it was just so many things and it was cool to see that like there really
is like infinite use cases for this and people are able to just fit it into their application in
some way because otherwise they're going to have to build some smart contract and a test within
their own little platform and then it's not really useful anymore whereas like having them on kind
of one standardized place gives value to these attestations. It makes it much more valuable. If
World Coin started test just being an attester instead of saying, like, you know, we are the
solution for identity for the world. If they're just like, oh, we're just one of the attesters,
scan your eyeballs with us and roll a test. Some people might be like, all right, that's cool. And that'll
be, you know, valuable for them. But then some other entity can also take part and say, you know,
well, we also want to attest that people are human and it creates these like real interoperable
systems. It is a concern for a lot of people, like, if you can do so much with something, you almost
feel like you can't start with anything. And I think what we've really tried to lean into is just
like where the ecosystem narratives have been. And so EAS is not an identity protocol, even though
identity things can be built on it. But we've really tried to help and like bring the identity
ecosystem closer together because that's just where the narrative is. And it makes sense.
But as Steve was describing, we had builders across like so many different categories that are
organically just seeing like how easy it is to create a scheme about whatever they want and then
sign that data. Yeah, it's just exciting to see. But I think ecosystems will follow narratives when
there is something that's so generalized. I think there's something pretty refreshing about having
a team on here that doesn't have a token that doesn't have venture funding or doesn't have any
of the incentives that some of the other like startups that might have that play in this space.
Whereas every single startup's trying to scale and grow and grow and scale to the fastest possible.
Whereas, like, what you guys are just saying is like, hey, we're going to build out this standard, this primitive, and whatever use cases come on top of it, great. That's fantastic. We've built out some utility for this little corner of the internet. That's lovely. But then also at the same time, we're saying, like, well, out of stations, they could be everything. The whole world could be built on out of stations. And so what is, if you guys can speak for EAS, since, you know, you guys are EIS? Does EAS want to take over the world? Do we want to take all of the world's out of stations and make them on top of,
Ethereum signed private keys? Or like, what are your guys' growth aspirations here?
Yeah, totally. Like, I think, you know, we don't want to own anything, right? Like, we're just
creating this base layer infrastructure for anybody to use, but it would be cool, I think, and it would
be great for the world if we were all attesting using the same technology, because it would just
make all these attestations so much more valuable. If identity platforms and KYC platforms and, you
institutions and doctors offices all start using EAS, it would create, I think, like, just like a
new revolution and bringing like web to web three because it hasn't really been possible before.
In the real world, we sign documents and we test all the time, but there's never been a way
to just attest about anything in a digital format that's, you know, standardized.
And I think the world is we're looking for a more trustful online experience.
So whether it's on-chain or online, I mean, if you go on to any platform,
today, it's filled with mistrust, misinformation, fraud, scams, right? Like, every click is a risk.
Every download is a risk. And, like, if we can actually use digital signatures and start to build
this reputation network using attestations, we can actually start to help people stay more safe
online and to actually be able to do things in a more, you know, decentralized way. But without these
types of, like, trust mechanisms, it's going to be increasingly difficult with how much fraud
and misinformation is going to be launched with AI, that I think, like, we need to start
testing now to everything, just so we have a better chance at, you know, building trust.
Yeah, Bryce, you started to paint that picture. Let's keep going with that. Why do we need
at a station in this digital age? Like, when we daydream about the future world that EAS could
bring, why do we need it in the internet to, like, progress forward as our next steps as a species?
Let's Steve talk about relative trust networks. And I think what we're noticing is, like,
Like with this rise in AI generated content, it's going to be increasingly difficult to prove
the authenticity of what we're consuming online and interacting with.
And if we can actually use digital signatures, let's say I'll use the bankless example.
If bankless was attested to this podcast, right, a proof of that like the audio file of this
podcast and it's signed by bankless, people have a verified stamp of it.
But what you can't prove is like, how do you know that, you know, Steve and I were actually
real people on this podcast?
right? You would want verification that, because in the future, I could be totally AI generated.
You'd want to know that Bryce and Steve actually attested to the proof of that podcast and verify that these people
were actually real. And I think just from digital signatures alone and verified timestamps,
we're going to be able to build some of that. One of the examples I like to give about this whole,
like, AI situation that's coming and how EAS can be useful is just like think about right now,
like probably 99% of all the historical video content that we have right now in audio content it's probably all legitimate like most likely not AI generated but in the next few years you can kind of see how that can start to flip right and because we have the ability to hash any kind of content and sign it and put it on on chain actually before we go there like just imagine in just the next few generations that maybe even the next generation people can start to deny the holocaust and say like you know what the holocaust
never happened. Look at these videos that we actually have. Look at Hitler. He's like a great guy in this
video. He's helping these grandmas walk across the street. Like, you know, whatever. And there'll be no
way to tell whether or not this is actually indeed historical footage or not. So one of the things
that we think about is like right now, if you take some historical content, hash it, time stamp it
on chain using an attestation or whatever method, you can now prove a thousand years from now that
this content existed before we had the AI capable to make a perfect replication of that.
So right now we can actually use attestations to almost save history.
And I think we should.
I think it's like a really important thing because AI for sure is going to make things
really hard.
Like imagine in the next couple of years where you get a FaceTime call and it's like your
family member who is talking just like them, but it's a bot and you have no way to know
whether or not it's really them. So, you know, digital signatures, you know, are going to become
increasingly important as time goes on and technologies that allow you to, like, prevent being,
like, defrauded and keep content authentic. And that reality is here. We were talking to a team
that we won't disclose, but they were saying that they jumped onto a Zoom call and the CEO of this
known project was actually the Zoom, like CEO was like a fake fraudster. In like the Web 2 worlds,
we've all like received like the CEO emails and employees.
saying, hey, I need a gift card, like, go get me one.
But now imagine, like, jumping onto a Zoom call and not knowing that the authenticity of that
meeting request or even that, you know, the person who's signing into the meeting was actually
the real person.
Mantle, formerly known as BitDow, is the first Dow-led Web3 ecosystem, all built on top of
Mantle's first core product, the Mantle Network, a brand-new high-performance Ethereum
Layer 2 built using the OP-Stack, but uses Eigenlayer's data availability solution instead of
the expensive Ethereum Layer 1.
Not only does this reduce Mantle network's gas fees by 80%, but it also reduces gas fee volatility,
providing a more stable foundation for Mantle's applications.
The Mantle treasury is one of the biggest Dow-owned Treasuries,
which is seeding an ecosystem of projects from all around the Web3 space for Mantle.
Mantle already has sub-communities from around Web3 onboarded,
like Game 7 for Web3 Gaming and BuyBit for TVL and liquidity and on-ramps.
So if you want to build on the Mantle Network,
Mantle is offering a grants program that provides milestone-based funding to promising projects
that help expand, secure, and decentralized Mantle.
If you want to get started working with the first Dow-led layer 2 ecosystem,
check out Mantle at mantle.xyZ and follow them on Twitter at ZeroX Mantle.
You know Uniswap.
It's the world's largest decentralized exchange,
with over $1.4 trillion in trading volume.
You know this because we talk about it endlessly on bank lists.
It's Uniswap.
But Uniswap is becoming so much more.
Uniswap Labs just released the Uniswop Mobile Wallet for iOS,
the newest, easiest way to trade tokens on the go.
With the Uniswap wallet, you can easily create or import a new wallet, buy crypto on any available exchange with your debit card, with extremely low Fiat on ramp fees, and you can seamlessly swap on main net, polygon, arbitram, and optimism.
On the Uniswap mobile wallet, you can store and display your beautiful NFTs, and you can also explore Web3 with the in-app search features, market leaderboards, and price charts, or use Wallet Connect to connect to any Web3 application.
So you can now go directly to D5 with the Uniswap mobile wallet, safe, simple custody from the most trusted team in D5.
Download the Uniswap wallet today on iOS.
There is a link in the show notes.
Are you planning to launch a token?
Is your token already live?
And are you granting your employees and contractors vesting token awards?
And are you trying to figure out how to take care of taxable events for your team?
Toku makes implementing a global token incentive award simple.
With Toku, you will get unmatched legal and tax support to grant and administer your global team's tokens.
Toku will help you navigate across the life cycle of your token from easy-to-use pre-launch token grant award templates
to managing post-cliff taxable events with payroll.
For legal, finance, and HR teams,
it's a huge complex task to have to comply with labor laws,
payroll, and tax obligations, tax reporting,
and crypto regulations in every country that you employ someone.
It's difficult, time-consuming, manual, and costly,
and it's drawing more attention from global regulators and governments.
Toku makes it simple for leading companies in the space,
Protocol Labs, Hedera, Gitcoin, and many more.
So if you want some help navigating the complex world of token compliance,
go to Toku.com slash bankless,
or click the link in the description below.
So what role does Ethereum really play in all of this?
Is Ethereum sort of, or like blockchain in general,
just kind of, I guess, seeding this infrastructure for digital signatures?
Because to your point, I don't necessarily need to do the attestation on-chain.
I don't necessarily need to update a smart contract, do I?
But I can sign an off-chain message using my, you know, Ethereum, like, private keys.
like how related is this attestation to what Ethereum's doing?
And like, why did you choose to build this on top of Ethereum?
So EAS is completely EVM based.
One of the important things that does need to be on-chain,
it technically doesn't have to be,
but the fact that there's a schema registry on-chain,
that any time you see an attestation,
whether it's off-chain or on-chain,
you're able to instantly know what it's about
by, like, instantly checking the schema registry.
I think that's super important.
Ultimately, off-chain attestation.
stations, they don't get stored. So, like, they don't need technically, like, to be Ethereum-based,
but because it only works when you sign with your Ethereum wallet, it's using EIP 712 for signing.
Those off-chain attestations can actually be verified by smart contracts on-chain at a later time.
And so we chose Ethereum because, you know, we believe it's the number one blockchain infrastructure,
you know, base layer. And we were also launching on other EVMs that are, you know,
Ethereum layer 2s and perhaps maybe some other EVM-based chains that are not directly layer
twos of Ethereum. But we chose Ethereum because most of the apps seem to be built like an EVM-based
systems and that's where all the developers are. So that's where we are.
I guess I'm also asking, so I think the world is outside looking and kind of mainstreams sort of like,
yeah, crypto, where's your use case? You know, you keep saying you're good for the world.
and we keep being like, yeah, but you know, store value, right?
And they're like, but we have the dollar and we have a bank,
and we're like D5, but we have a banking system, all of these things, right?
And of course, we sort of see the future.
We sort of see why the world needs these things.
But what they see is kind of like, you know, Ponzi games and get rich quick schemes
and all of these things.
I'm wondering if we've, as a byproduct of this whole property rights system
that we've created where we've got private keys that are secured in more people's hands,
if we've actually, like, created a bootloader for a identity system, an attestation system,
like, bankless is so often thinking about Ethereum as sort of a global permissionless property rights system,
but we mostly think of it in terms of, you know, like a property settlement system
or almost like a decentralized banking system without the banks, right?
Hence bankless.
But I kind of wonder if we've also bootstrapped and bootloaded,
a global decentralized attestation operating system computer. And like that seems to me,
that is actually undeniably good for the world. Even if you're not into kind of the money games,
you care nothing about finance, to have a decentralized, unstoppable, permissionless way of attesting,
as long as you're kind of online, there's something incredibly valuable there. And almost,
it might be more public goods oriented than actually this whole money use case that we've spent
the first three years of the podcast talking about. I don't know, reflect on that for me.
Is this how you see the world?
I'd love for Steve to also give his opinion just because like Ethereum just in general,
in the past 10 years, we've really focused on decentralizing assets.
But there's like this, in the real world, there's so many other things like information and
non-financial use cases that we just haven't been able to decentralize yet.
Yeah.
And I feel like it's because a lot of times,
we do try to extract value, like, immediately out of the system.
We revert back to, like, financial use cases.
When, like, Ethereum was built so you could actually create, like, land registries
and, like, all these very, like, decentralized, you know, aspects of life.
But here we are 10 years later, and we're only decentralizing money.
And I think it is because we've been missing this attestation layer.
Yeah.
One of the things now is that, like, because so many people now have these private keys in possession
and people have used NFTs.
Now is a really good time for entities to be able to just start to get into like identity.
So I was in the space for a really long time.
And I remember actually, you know, when Ethereum was coming out, the narrative was around how do we decentralize more than just money?
How do we decentralize everything?
And, you know, nine years later and, you know, it's like we decentralized a little bit more, but we haven't solved every problem.
And it's because, you know, while Ethereum brought, you know, the ability for anybody to launch a smart contract, like,
how does that work when you want to be able to attest to someone's diploma?
Like, do you make a smart contract specifically to attesting the diplomas?
Because that's kind of what's going on.
People like, oh, you know, I want to do KYC.
So they build a smart contract around KYC.
They build a smart contract around attesting to whether someone's a human or not, you know,
but they haven't built a smart contract for just arbitrary attesting about literally anything.
And, you know, that's why I think now, like with EAS, you can actually solve these really
hard problems. And anyone can. It's not just limited to developers. Before, it was like, oh, you know,
you want to build something in the space and you want to build some credentialing thing. Oh, you have to be a
developer to build a smart contract specific to this. Now you can literally be an institution and just say,
oh, I'm going to use this no code schema builder, build this schema and then a test with it.
You know, it's just nothing like that has ever existed before. I would imagine the big signal that
this is actually being adopted are non-crypto institutions, are testing.
to non-crypto people about stuff.
I would imagine that that would be a huge sign of success.
Maybe we've gotten there.
I don't know.
I'll ask you guys that later in the show.
But for right now, what projects might listeners be familiar with that are using EAS and
what are they trying to do with it?
Yeah, so we're building a standard.
As you're describing before, like how do we just end up not being like another standard
that tried to become a standard?
That was a real fear in the early like beginnings because we were building EAS and
then optimism was building their attestation station, which was a
different primitive related to attestations. And we reached out to them. Long story short, we did
code reviews and things like that. They came to the conclusion that, hey, wow, this infrastructure
is extremely, you know, versatile and powerful. They deprecated the attestation station and adopted
EAS as the core infrastructure for attesting about anything in the OPP stack. So you guys want a
thumb war with optimism. More or less. A code thumb war for sure. So we're integrated into the native code
base has two special addresses. So anytime a new chain gets deployed on the OP stack, they automatically
inherit the EAS contracts. And that was a really big win for us because optimism is like really
trying to push the attestation narrative. And they're really leaning into like identity related things.
And we wanted to make sure that if we didn't get them to use EAS, then we would be building two
different standards again. And it's the amount of like identity protocols that we've reached out to have
received us, you know, very welcoming because we don't have a token. We don't have all these things
and they can instantly start building with it. So optimism is probably the biggest well-known one,
for sure. This really just goes back to the power of credible neutrality and public goods,
wins you hearts and minds. It sounds like what you guys and optimism were trying to build was
the same thing, but maybe they were kind of trying to roll their own identity and you guys had
already been thinking about this. So it sounds like the EAS smart contracts are a part of every
OP stack chain that gets deployed? Is that true?
Yeah. Correct. Wow.
What kind of attestations are people doing optimism right now?
Like, what are they attesting to?
There are people experimenting around, like, governance-related things, like attesting to roles
in a Dow as an example. There's people attesting to, there's a project that's attesting to,
like, optimism, domains and, like, different aspects of, like, a domain registry.
Quadratic voting. We have this dev folio for all their hackathons now. They use EAS for at the
end of the hackathon, all the teams get to vote using EAS quadratically, and then anybody can tally up
the votes and verify, you know, who gets paid out. There's also GIC-coin, so GIC-Coypassport stamps.
We reach out to them, we're talking, you know, hey, these stamps are essentially just attestations,
right? And they've been very welcoming to us as well, and GICTOSPers are migrating to be
attestations as a primitive, because what that does is it also unlocks them to be more
composable with other identity solutions.
So when Gitcoin stamps becomes EAS compliant with the standard, I don't know if that's the
right word or not, does this just help with like discoverability?
I don't know if there's like a search engine for EAS attestations out there, but what does
actually coming into the fold and being compliant with the ERC standard get you?
Maybe you can use the Gitcoin example, like what were they not able to get?
What network effects were they not able to tap into?
And then once they complied with the standard, what were they able to get?
So just like other platforms, like Gitcoin passport is like its own siloed little ecosystem.
So if you want to implement a Gitcoin passports, you have to understand their docs.
You have to implement their SDK.
And like it's not super interoperable.
So say you want to make a smart contract that cares about a Gitcoin passport, you have to make sure to implement specifically Gitcoin passport related code.
And then maybe you want to verify that they have a Gitcoin password and a WorldCoin ID or something else.
And now you can't because you have to implement too many pieces of technology.
Whereas now it's just an attestation of a particular schema.
And then, you know, so you can just say, we care about get coins attestations from this
schema.
So if it comes from Gitcoins address and it's from this schema, you know, we trust this type
of attestation.
Or if it comes from this schema and this other address, we trust it too.
You can never do that before when everybody's using completely different protocols.
I remember probably the most interesting attestation I've done recently, maybe in the past
a couple of weeks. I guess this would be an attestation. Actually, you know, it's an O.P. Stack chain,
I guess the application is on top of friend.com. Do you know the thing that everyone's doing these
days, right? And so in order to like start your friend.com profile, you have to attest from Twitter
that this is actually your account. I think that counts as an attestation, right? So basically
when I create my friend.com profile, I also log in using Twitter. And I essentially attest from
this eth address on base in friend.com is corresponding to my Twitter account. And so I make an
attestation there. That does count as an attestation. That's the kind of thing that you guys are talking
about, right? Right. It just seems to me that there's a ton of Web2 types of profiles,
social reputation, different things that you might be able to attest to just through an API.
And it's not perfect, of course, right? It can be boughtable. But, you know, I have my Twitter
password right now and two-factor off. It is pretty verifiably my account over on the other side.
Is that a good example of an attestation? What are you seeing in the world of like web two attestations?
It's an attestation, but technically because Twitter can just go into your account and make you
a test to whatever you want. Yeah. Or buy your X handle. Or like lock you out, block you. It's not
permissionless. And it's certainly not, you know, like using any kind of private key infrastructure.
So, like, you know, ultimately, like, someone is in control of your keys, not your keys, not your attestation.
It's also, it doesn't participate in the interoperability if you actually did use, like, a base layer where if a friend.com attested to this person passing some sort of verification, other people could start to build, like, their own parts of a social graph, knowing that they were verified in this way.
Similar to how, like, social graphs today are building, like, very unique use cases around.
It could be blogging.
it could be, you know, a social app, whatever it is, you still need a way for people to be more
interoperable. And if you just use an API from one specific partner, you're going to struggle
with like making sure that all your APIs are always up to date and making sure that they're
not changing the code and things like that.
So what's a better design for friend.com to kind of attest to my, like, that I own this,
this Twitter account? Like, what would it be a better way of doing that?
It's literally the only way, though, right? Like, you would have to make some sort of post
from Twitter that references your address because you need.
two-way attestation. Because I can just say I own, you know, David's Twitter account,
but if there's no way to like reverse it and say like from that account that you own this
address, there's no way to prove it two ways. So it's really the only way you can right now.
Here's a way though, because or a potential alternative. I think if the requirement for you to
sign up with friend.combe.combe.combeck was for you to have a verified Twitter account, right?
Well, that's what get coin passports doing. They're providing the OAuth to allow that a
Gitcoin passport stamp for your Twitter account is, if that's an attestation, friend.
com. Tech could have just looked at Gitcoin passport and integrated that into their, you know,
onboarding process to say, like, if you have a Gitcoin passport stamp, you pass.
If you don't have one, then you need to go get one from anywhere.
We just, like, here are providers that we would accept in this way versus them creating their own
internal verification.
I think maybe that starts to illustrate the role that many attestations might play in the
world of the attestation landscape, as soon as you have more and more and more data about,
you know, different attestations, all of a sudden it paints the picture of identity, not just
for you, but for everyone. Steve, going back to your story, like, you were born, and then you
were given a name, and then you were given your next attestation, and then your next attestation,
and then your next attestation, and then all of a sudden, here you are, your name, Steve, and
you have an identity. I think, like, if we're going to build this on-chain society with
trustless identity is just going to come from attestations on top of aditations on top of aditations
providing applications and smart contracts and anyone with the data that they need in order to
actually receive attestations so that they can know who you are and what you're up to.
Imagine in the future you can look at any address that you're like going to do business with
or operate with and you can instantly see all the attestations related to them and you can see like,
well, how is this entity relative to me?
Like, for example, has Bryce attested them?
Has Bryce's friend attested them?
Has someone that I've attested, like, down my attestation, you know, downstream,
my downstream attestation.
Attestation, degrees of separation?
Degrees of, degrees of attestation separation.
Like, how far away?
Atestation separation.
Nice.
Yes, it's the DAS, of course, the degrees of attestate.
So you'll be able to build, like, a really true decentralized reputation.
Like, right now, if a friend of mine asks me, like, in West Palm Beach where I live and
they say like, hey, like, do you know any plumbers? You know, maybe I know a plumber and I'll tell
them and then they'll trust me or maybe I know I have a friend. Maybe Bryce knows of a plumber. And it
kind of works like that, right? But in the real world, we can only really do that a few degrees out.
Like once we get past three degrees, we don't really know what's going on. But digitally,
you can still kind of find some like value in entities that you don't even know. So like there might
be like five people who have attested somehow even like multiple degrees away to some entity. And on
average, it's a positive attestation. Therefore, I should see some sort of positive value in that
entity. And then if I choose to work with them and then maybe they screw me over, I can then see
exactly why this person get rated so high and I can tweak my attestation weights to different entities.
And now I have a new view that might be more in line with reality.
Imagine in the near term future where like the web of trust gets more visual and you put on
like your Apple, you know, Vision Pro and you're just navigating your different web of trust. But the
difference is like in the real world today, we get assigned a trust score, right? Like your credit
score as an example. And what if you could actually control, like, how you define what is
trustworthy to you? And as Steve was describing, like, turning those attestation weights, you
could figure out, like, as long as they have these types of attestations or they can, like, prove
these attestations to me before I interact with them, then I'm going to give a greater trust score to
them. Imagine this, like, imagine you start like this brand new, like, decentralized trust
network and everybody you look at in the network, it starts with a zero. Everybody's just a zero. And then
you say, you know, like, well, let me like initiate my weights. Like, I'm going to give my mom like a high
rating. I'll give my brother a good rating. You know, I'll give the influencers that I listen to. I'll
give them somewhat of a trusted rating because I trust them. And then now every time you interact with
some sort of DAP, maybe MetaMass starts to show you, well, this is this person's rating based on all the
people that you've attested. David Hoffman thinks that this is a great app, you know, like, and then, you know,
like opens up, there's an attestation from an open Zeppelin audit on the smart contract too,
so you get like a nice little checkmark. And like users can start to like build, you know,
start to gain trust in these things and know exactly why do I trust this. Well,
you can see these attestations from these entities. And then even negative attestations so you can
kind of make up your mind based on who's testing. I think that starts to really illustrate
the need for an application layer on top of EAS. As soon as the number of attestations out
there starts to get pretty unwieldy. All of a sudden, we're going to need, like,
attestation service providers to help re-coeless all of the 10,000 different attestation
that are made every single day. And so, like we talked about earlier, there's all these
different identity plays that are out there. Like, everyone's trying to go, and we are the
identity app. What do we do? We provide identity to Web 3. And I think we've now go ahead and
kind of nailed that business model in the coffin where you can never go straight for identity.
you have to allow it to emerge. It should be emergent. But what we are going to need, once there are
enough attestations out there, we are going to need the application layer to help us actually provide a
lens for viewing all of these attestations. And so rather than just there being one identity application,
there's probably going to be a many handful of them and they're each going to provide their
individual lens for viewing this attestation landscape. I don't know if that inspires any thoughts.
Steve, you're not in your head. Absolutely. That's a huge thing. And we're working.
working with a few different teams. That's their thing. They've typically like looked at on-chain
data for like all sorts of defy platforms and aggregated and come up with all sorts of scoring.
But now if everybody starts at testing about all sorts of things, you can start to define like
all sorts of scoring, connections and metrics in all sorts of different categories. Right.
So like what is his defy score? What is this social score? What it says it can be infinite categories.
And so yeah, like providers that aggregate all this data and make sense of it are going to be really
important, but then also open source tools that users can themselves run and also aggregate the
attestations and derive scores too. I think that'll be interesting too. And so you can have all these
other entities that like attest to like what this entity score is. So, you know, in the example that I gave
you before of like, you know, being able to get a relative trust from somebody, maybe that person
isn't within your network. So you have other trusted entities like maybe like the Equifaxes of the
world that now instead of like just doing credit scoring, they start to aggregate attestation data and
build different views about entities from that data. It's interesting how on kind of the web,
the internet, which is a web of trust, I guess, a lot of the attestations that we're doing kind of
happen in the background as we're like consuming content. So, you know, I consume someone's
content. I might decide to follow them so I get more of their content, right? Well, that is an
attestation that this particular content creator has me as a follower. And then, you know,
more people who follow them, obviously their social rank moves up. They have more follow.
or that sort of thing. Or like, if I am writing a blog post and I choose to link to a specific article, right?
The way Google indexes these things is links really matter, right? On page rank system.
And so by effectively linking back to Wikipedia page, I am attesting that Wikipedia is a great
source for this particular topic, right? I wonder if we get to the stage in Crypto and Web3
where the attestations are kind of like happening in the background. So we're not actually
always signing things and clicking addresses. And yes, I know.
this person, but it's just as a function of navigating our way around like an optimism chain or
like doing this, interacting with this protocol. I'm like in effect attesting to it in some way.
If you take a look like, so we've actually built some really cool things on top of the AS.
One of the things that we created as an example is called speaketh.eath. Or sorry, speaketh.org.
And essentially it's like a decentralized social network similar to like a Twitter where every
post is an attestation, every like is an attestation, every follow is an attestation, every follow is an
attestation, every name, you know, changes an attestation. Is that just what Twitter is? Whenever I
tweet something, I just attestating to the fact that I... It's an attestation network. Oh my God,
it's just attestations. It's attestations all the way down. And even the community note feature,
right? Like now in Twitter you can have like these arbiters of truth that say whether
something's like trustworthy or not, like the piece of contents of people could, you know,
attest their voice that this content is credible.
Well, in the decentralized world, even Wikipedia, as you were bringing up, Ryan, like,
it's a great way to post, like, some sort of information, but you look to the wisdom of the
crowd to make sure that, like, the history is actually the history, and you want people
to be able to make those types of attestations.
The problem with all of these attestations, though, right, in Web 2, is that they're all
kind of siloed.
And so there's no way to export the social graph of attestations outside of Twitter.
And this community notes feature, as grand as it is, it's just,
locked inside of one ecosystem, which is Twitter and Elon Musk's platform. And so it's tied to Elon Musk
governance tokens, right? We can't export it. It's not very much like web 1.0. It's not a standard.
I like bring up the example of like eBay. Like there's like people who build up like a really good
reputation on eBay and then they want to sell something on like Amazon or they want to sell something.
They got nothing. They got from zero. They're nobody. Why am I nobody? Why can I bring my attestations
with me? And also what's cool about this is like say someone builds like a Twitter on top of
attestations and then like that serve the front end goes down or someone wants to make a better
version they don't have to start like a completely new network effect like to get at a station
they can basically bring all those same tweets and all that same follow adstations everything
just build a whole new front end on top of it i'm never going to be able to see twitter as a
web to silo siloed at a station network that's i'm always going to be able to see that see something
you just said i really want to double down on whereas like you have this primitive eAS and maybe
you have a form factor for ad stations call them tweets and then that's
then we just have 10 bagillion tweet attestations get signed by digital signatures. There could be
many different front end UIs to look, like I said, lenses for looking at all of these attestations.
And so no longer there's like the protocol, the primitive EAS, and then there could be like a
handful of applications all looking at the EAS attestations. But no, one of them is actually the silo
anymore. They're just now lenses for looking at the primitive. Yeah, exactly.
Exactly. And we want to be able to, as users, choose what we're consuming, right? Like, today, we get fed the content based off of our own, like, echo chambers in Twitter, right? But what if we want to filter for, like, I wonder what the Salana ecosystem is up to or, like, these different narratives. Like, if you actually could just filter that out in the UI versus preventing it or, like, forcing it. Like, giving users the choice of the type of content versus prevention, I think is really interesting.
What about this point in the conversation? Some listeners here are probably getting nervous because not once have we talked about private.
right? And we're talking about all these attestations and of course, you know, your on-chain address holds assets and like, how does privacy fit into this conversation? Is what you're building kind of, does it consider privacy at all or is that another layer on top that would need to be built as an application?
Yeah. So in general, the way we tell people like what to attest, like if you're going to put something on-chain, like you obviously don't want to put any private data, right? Say like Coinbase wants to do a K-YC attestation for a particular address. Maybe there's some like,
a uniswap, but only for securities. And in order to use it, you need like an attestation from
some like accredited like KYC. Gary Gensler. Gary Gensler's seat address would have to sign off
on that. Yeah. Coinbase is attesting to your KYC. For example, they don't need to attest to who you are.
All they need to do is say that this address has passed the test, right? So maybe you would have
the schema has passed KYC and then it can just be true. Right. Another entity can use it too.
And so the services that accept these attestations would just do their due diligence and be like, well, we trust Coinbase's attestations. We trust these attestations from these entities. And then they would just build that into the app rather than putting private data. And that's also one of the reasons why we built off-chain attestations because like in the real world, right, you can say that your ID cards, your passport, your driver's license. These are essentially attestations. But you can say they're off-chain attestations. They're not public. You own them and you show them on a need to
no basis. So that's one way, right? Another way is we created like really cool tools to be able to
attest to a lot of private data. So imagine a doctor's office can attest to like all of your medical
records. And we built a really cool tool for being able to take all of those records and just
turn them into a Merkel tree and a test on chain to just the root, the root hash of that tree.
And then we added the tools where anybody can then prove pieces of that tree to end.
any other entity. And so basically, my insurance company might say, oh, we want to make sure that
you actually got this treatment that you're getting insurance money for. And then you can just
reveal specifically just the pieces of the medical data. And then they can verify for sure it came
from the entity. We have a tool for this without using zero knowledge proofs. And it's pretty great.
But then there's also zero knowledge proofs where, you know, you can attest to private data and then
you can reveal information about that data without actually revealing that data. The thing about
zero knowledge proofs is that there
so far every single
solution for zero knowledge proofs is currently
like really application specific
and there's no like generalized
like ZK everything solution
right now and so like we have no opinion
right now on ZK systems to use. There's a bunch
of different things you can use. We don't
presuppose what's inside of an attestation.
So your attestation could be like
a full ZK proof. It could be
one of these privacy preserving
attestations that we showed. It could be off-chain
or you can simply like if it
comes to like a tweet, right? If you're tweeting, that's public in general anyway. So like,
you know, you wouldn't really expect privacy from your tweets. They're pretty much public
at the stations. But yeah, we care about privacy. We write in the docs, like be careful what you
attesteads about because the on-chain atestations do go on-chain and they'll live there forever.
And so you've got to be very careful. But what's cool is we're building tools and there's
other teams that are building tools even on top of EAS, like additional developer tools that
help developers solve these types of problems. Yeah, we have a lot of
hackers that use AAS that were creating ZKPs off of attestation data, which was really cool to see.
So you could still preserve like your identity was for like a credible attestation.
But then we also received a lot of positive feedback on that Merkel tree approach just to selectively share information.
And also like with SISMO, for example, you can use Sysmo is like integrated with the EAS.
So like you can actually make zero knowledge proofs.
So I can say, for example, that I have an attestation, you know, of a particular thing without revealing.
which address actually has it, just that I own it.
Not too long ago, we did an episode with the Sign In with Ethereum team.
And I see a lot of overlap between Sign In with Ethereum and EAS.
Maybe you guys can talk about where these platforms do overlap and if you guys are working together.
But why am I getting such a strong vibe between this episode and our Sign In with Ethereum episode?
I wouldn't say that we overlap much in the sense that you know, you use Signin with Ethereum and you sign a message with your wallet and then it's verified on the server.
You can say that you're like a testing that you are the owner of this key,
but that's the only thing you're testing with and sign with Ethereum.
It's not like arbitrary stuff.
Like I can't use sign an Ethereum to a test and say like you've passed KYC.
You know, you can make a signature and say, just write those words, but that's not structured.
And what EAS allows you to do is to create a schema of representing this intention
and then attesting with that, you know, encoded data.
I think it's similar in that it's permissionless.
It's open source.
There's no token.
I think in those ways it's similar, and it's also similar because you're using a private key,
your Ethereum private key for something that just feels kind of web-tui.
Like, that's not a financial use case.
We've chatted with the Spruce ID team quite a bit.
In those discussions, nothing felt like competitive at all.
It's more just complimentary.
And like where attestations beyond signing into something, you know, could make sense.
So how are you guys funded?
If you guys have no token, no VC capital, like where does, how do you guys pay your
Yeah. So EAS has been bootstrapped today. We have received grants. So like one of the key things that we're trying to solve right now is around like schema coordination. Or like how if you have all these like schemas being created, how do we actually help people organize around the right ones? So optimism just gave us a pretty good grant to help build that out. And then we're really leaning into the new funding mechanisms like retroactive public goods funding. We're hoping that that's like significant for us. I'm hoping for that. And then there's also like the PGN network in like, like,
like these new primitives, but to date, yeah, it's been self-funded and then just through, like, grants.
Being the out of station layer as a public good for the O.P. Stack and the Optimism Collective,
combined with Optimism's retroactive public goods funding, if you can just smash these two things
together and fund public goods from now until infinity, that would be one of the bull cases for
Ethereum and that has been articulated from the very, very start. So I wish you guys the best on
this endeavor. If people want to help fund this effort,
What should they do? What should they know? Where should they go?
We're live on, so Gitcoin grants, like their round 18 is live right now.
So we're actually, we have a page that's up for that for quadratic funding there.
And then really just the way that public goods get funded through these mechanisms is through impact.
And so like being able to just build useful applications in turn just helps us as a protocol gain for
their adoption. So like really learning about attestations and building with it, I think is pretty critical.
You know, I've been around in the space in Bitcoin, actually, since 2011, and I built some of the first Bitcoin wallets, like the first ever Chrome extension wallet in 2013.
Vitalik was actually an advisor at the time.
I've been building in the space for a really long time.
I'm very passionate about this technology, and everybody on the team really is passionate about this because of, like, what it brings to blockchain.
Money was never like a thought, really, when we were building this.
It was just like, there's a bunch of the cool things that we want to be able to be.
build and we can't build it.
Can't just build the project because otherwise we're just going to build another silo.
And so we had to build this thing so we can build non-silod apps.
So like ultimately like we want to be able to build cool stuff on top of it, but not
until we finished our work here like, you know, getting EAS adopted and, you know,
understood by the majority of developers in the space.
It's really important for us to like see adoption with the AAS because then like we just like
any other builders can start to build like really amazing for profit businesses.
But for now, like this, to become a standard, we have to like keep it credibly neutral and make
sure that ethos never changes because then we're just going to end up in the graveyard of like
projects that tried. And I think like now we have like these really cool mechanisms like
retroactive public goods funding, the PGN network and some others that like can help projects.
But it is hard for public goods to go from zero to one for sure. I think we've talked about a lot
of other identity, I guess, providers in the space and sort of the overlaps we talked about WorldCoin.
we talked a little bit about this idea of proof of personhood.
And I think it's pretty clear that those sorts of identity solutions can be a testers on top of something like EAS.
One primitive we haven't talked about, though, is soulbound tokens.
And how does the idea of soulbound tokens fit into what you guys are doing?
Is it related or is it completely different and orthogonal?
Yeah.
So I remember actually, Battalick, I think it was in 2020, announced like Soulbound tokens.
at ETCC.
And, you know, I think it was like the wrong solution, right?
Because, you know, NFTs became really popular.
Everybody built, like, into their wallace, the ability to view NFTs, EtherScan
adopted it, right?
And so when people think of, like, what tools can I use to solve, like, identity or
reputation?
They're like, all, right, how can we use NFTs for this?
Because, like, you know, when all you have is a hammer, you know, everything looks like a nail.
And so, like, the NFT, the NFT, the,
is the only tool that anyone ever had.
But NFTs aren't good for this.
So if I want to be able to test that I trust Bryce, for example, right, what do I do?
Do I deploy a whole new smart contract that inherits the sole bound token interface?
Where do I store that he's a friend or not?
Like, and how do we know that this particular NFT is a friend type of NFT?
Do we have to register in a completely different smart contract?
And every new sole bound token can be part of a completely different smart contract.
So like if I want to see what are the identities that Bryce's address have received,
like there's no way to pull this, you know, and everybody can be designing like a completely
different smart contract with a completely different interface, different functions that don't work
with each other. And there's no way to know easily. And so EAS, like attestations are a whole new
primitive for being able to describe any kind of, you know, intent, whereas NFTs are still
useful when you have some sort of an asset that you want to move around. But when you want to be
able to just say something about something, an attestation makes a lot more sense. So you guys are
bearish on soul-bound tokens as kind of a concept. Yeah, yeah, yeah. I will join you on that bearishness.
I would say, like, you know, there's no such thing as a soul-bound token because I can just sell you my
private key, and now it's not soul-bound to me anymore. You can always sell your soul, I guess.
You can sell your soul. Yeah, I think a lot of devs were just building with SBTs because they're, like,
the existing solution. But if you talk to a lot of engineers in the space today, they just see it as,
like, it's just a little too clunky. Like, if you do have something a little bit more elegant,
But it's not that they were wrong.
And to begin, it's just what was available.
Okay.
Well, I feel like we very much haven't reached into kind of the age of attestations or the age of identity across crypto.
I mean, the first 10 years of this whole crypto project since you've been here, Steve,
has all been about the kind of the property rights layer and sort of the money layer and the assets layer.
Do you think we're entering the age of attestations as a service?
And what makes you optimistic about that, if so?
You know, what's amazing now is like we do.
tell the story about EAS to developers, like seasoned CTOs who don't even know who I am or that I've
been in the space, you know, they hear about the idea and they're like, their eyes open really wide
because they get it. No one's really thought about identity this way. We don't know anyone else
that's thinking about it this way. And I think it's a really simple solution to a complex problem
and it's super easy to use. We have a website. We have the smart contracts, but we also have
EAS scan, which is like the ether scan of attestations. You can browse through all schemas,
attestations. You can make attestations on them. We also have like everything indexed like in
GraphQL endpoints. So it's super easy for anybody to be able to pull out of stations and
display them in their UI. We built a ton of tools and you know, EAS is useful for so many things that like
I think it's like the if you build it, they will come kind of thing. That's how I feel about it.
The narrative is definitely shifting towards non-financial use cases.
And I think that we're helping solve a lot of the edge cases to get builders building faster.
And so it's exciting to see, like, just through the hackathons, how many people have actually, like, explored use cases we haven't even thought of.
And so I think it's going to be really fun to watch.
Well, that's great, guys.
I think we'll end it there.
Really exciting project.
And thanks for giving us a tour into why attestations are so important for crypto.
We appreciate your time.
Ryan, David, pleasure.
Thank you.
Thank you all.
Thanks, bankless community, too.
Thank you.
A lot of fun, seeing it grow over the years.
See, yeah.
Bankless Nation, some action items for you today.
We'll include a link to the EAS website with the docs in the show notes.
Also, view our episode, David mentioned it, signing with Ethereum, unrelated, but also related in some ways.
Spiritually related.
This, of course, is a public good, open source, permissionless, tokenless, and also free.
So what could be better than that?
Got to end with this, though, bankless nation, some risk and disclaimers.
Crypto is risky.
You've got to be very careful what you attest to.
You could definitely lose what you'd be.
put in, but we are headed west. This is the frontier. It's not for everyone, but we're glad
you're with us on the bankless journey. Thanks a lot.