WTF is a Holonym :: An Expandable Identity Layer for DeSci DAOs Powered by Web Token Forwarding
The WTF Protocol was a finalist for the Harmony Grants Category at ethDenver 2022. Today we are asking for funds and support to help expand our technology to a unique use-case and demonstrated need within the DeSci Community. This grant is responding to the identity bounty posted here.
OpSci’s is an Open Science DAO building on Harmony with a mission to incubate the development of web-native tools for scientific identity, reputation, and credentials management from March to October 2022. OpSci will work closely with the community to integrate existing Web3 technology with academic account and credential systems.
Science needs web-native verifiable credentials that empowers researchers to control their social personas, assert ownership of their scholarly work, and track their contributions across science ecosystems and applications. Scientists need to be able to curate their own social identity, choosing to remain pseudonymous when needed. Researchers should be able to easily query with general search terms to pull up a complete picture of a scientist’s digital footprint, with the ability to request access to papers, code, or other knowledge artifacts.
To solve this problem, OpSci has proposed Holonym, a decentralized science identity directory that allows a user to sign in with academic credentials, such as ORCID or their institution’s Google Account, and produce a cryptographically-signed record that links their chosen identity features to prove who they are. Holonym utilizes an immutable record of aggregated identity schemas to provide a public read-only directory of science personas. Each user can strengthen their identity by adding additional verified accounts, such as Github, Open Science Framework, and Twitter accounts. Furthermore, schemas are portable and public records can be read and forked by any application to create platform-specific schemas. Lastly, identities are associated with public/private cryptographic key pairs that allow other users on the internet to uniquely decrypt files or messages and confidently assume the identity of the sender.
- Seamless, user-friendly log-in with mainstream web accounts (SSOs)
- Imported activity feeds, papers, repositories, and other knowledge artifacts
- Cryptographic verification of linked identities and their files
- Composable and modular building blocks for integration with other dApps
- Onboard the first 1000 academic identities, drawing the from the DeSci community
- A publicly available distributed, immutable, and versioned social graph
- Identify potential SaaS and tokenomic models to support continued development
The developed tools are intended to be provided as open source in their release-ready format and as a free, or minimal cost service, for early DeSci adopters.
Holonym. A wireframe displaying the landing page for a scientific persona.
ResearchGate has over 15 million users with data trapped in a siloed ecosystem that can be activated to deploy resilient, interoperable, and censorship-resistant knowledge graphs on decentralized blockchain networks. These 15 million users produce over 6.5 million scientific articles, 2 million datasets, and 8.5 million patents a year that drive an (under) estimated $10 trillion dollar research economy in 2021. The transition of science to digital research protocols will also bring with it a significant portion of the research economy.
The establishment of a Science community on the Harmony network will demonstrate a wide socioeconomic benefit of blockchain technology that transcends financial use-cases, increasing public trust and faith and veering attitudes away from blockchain as a stereotype for illegal and dangerous web activity. The issues are not unique to science and can be extrapolated to many other economic enterprises that have transitioned to primarily digital workflows.
Our solution utilizes existing protocols such as Ceramic, web3auth, and Lit protocol to solve issues with decentralized versionable identity schemas. We have also introduced web token forwarding (WTF) as a novel solution for verifying Web2 accounts with on-chain verification of asymmetrically-signed JSON Web Tokens (JWTs). WTF retrieves JWTs (the receipts of “Sign in with Google/Facebook/Twitter…” buttons) and records them on a blockchain as an entry by a cryptographic identity. Many JWTs use RS-256 signatures. We have written smart contracts on Harmony testnet
https://explorer.harmony.one/address/0xdf10310d2c72f5358b19bf6a7c817ec4570b270f to verify such signatures on-chain. These proofs are written on-chain to prove that you own both the blockchain account and the web2 account.
One reason we chose Harmony because of it’s fast finality and low gas. Fast finality is key for the WTF protocol to prevent frontrunning while retaining adequate UX. The user must to wait for their JWT’s proof to be finalized before revealing the actual JWT in the next block. Fantom also has fast finality and low fees, but our protocol is not relevant to the interests of their incentive fund. For security reasons, we can only be on one chain (JWTs should only be used once, and that cannot be easily enforced cross-chain). We will stick with whichever chain we launch on at ETHGlobal Amsterdam, which we are planning on making Harmony. On its surface, you just have to click a button to sign in with Google, Facebook, Github, Twitter, Discord, Twitch, etc. After signing in with an account, you have to click another button to confirm a metamask transaction.
Our current proof-of-concept, which is running at
https://whoisthis.wtf. Its purpose was to prove on-chain JWT verification is feasible, which it has succeeded at. The next step is to add Google, Facebook, Github etc., not just ORCID.
Our project seeks to solve three problems: identity, security, and discoverability. Some example use-cases include:
- Identity verification for DAOs
- NFT plagiarism prevention (thereby preventing billions of dollars of scams)
- 2FA for NFT or cryptoasset transfers (preventing billions of dollars of transfers from hacked accounts)
- Pay your friends in crypto by their twitter handle, contribute to open source by paying crypto to a github account, etc.
Security. With centralized providers, you can recover your account by proving your identity via email, text, or security questions. Holonym wraps Lit Protocol and web3auth with WTF to bring the same capability to the blockchain with social-account recovery. This feature uses the Lit protocol’s access gating method for storing secrets on a decentralized network using threshold-encryption. Therefore, we can make an on-chain condition that somebody needs to prove 3 out of 5 of their social accounts in order to retrieve the seed phrase. 2FA and security questions (perhaps using zero-knowledge proofs) are future integrations we are working on. WTF cannot just prevent loss of funds – it can also prevent theft of funds. It can be used to require social logins to transfer funds. So even if your wallet gets compromised, it is still safe if the funds are in a smart contract that requires further authentication to transfer anything. This is analogous to Web2 financial services which will not let you transfer without 2FA. Finally, this can come to Web3.
Discoverability. A decentralized user database with aggregated identity schemas allows for greater discoverability of users. Holonym users can be queried by any of their linked social accounts, or using metadata associated with their credentials - such as institution, scientific subfield, scientific paper keywords, or affiliation with a specific DAO. Holonym provides a landing page for a scientific persona that is curated by the owner and allows searchers to explore their verified files, documents, and activity.
Ceramic, Web3Auth, Proof of Humanity, BrightID and Lit Protocol all offer specific solutions for blockchain identity management…Web3Auth creates app-specific keys to solve onboarding. Ceramic allows for scalable decentralized storage of data streams that link metadata feeds associated with accounts that can resolve across any dApp. Bright ID and Proof of Humanity seeks to demonstrate real world association between a person and their digital identity and does not offer pseudononymity. Lit Protocol is a mechanism for access control, using blockchain identities to gate access to files and services. WTF fills in an important missing gap, validating web 2 accounts on a decentralized and immutable public database. Holonym wraps these protocols to link many web2 accounts and provide a “gestalt” identity for an existing public key. Users curate their own scientific persona, can choose to remain pseudonymous, and decentralized applications can utilize interoperable user data.
Holonym is being developed to service a growing community of Web3 scholars, scientists, and academics. We have partnered with several institutions to bring portable identity solutions to their users:
ResearchHub. A GitHub for Science. Holonym will provide linked academic credentials, reputation tracking, role verification, and social graph analytics for its users.
talentDAO. A decentralized organizational psychology DAO. Holonym will provide an identity layer for its decentralized journal, “The Journal of Organizational Psychology.”
labDAO. An autonomous wetlab in the cloud that executes smart protocols for biological research clients. Holonym will provide a reputation and verified credential layer to support decentralized auction mechanisms for matching service providers with requestors.
DeSciLabs. A platform for creating, sharing, and publishing decentralized research objects. Holonym will provide academic identity verification and pseudonymity.
We are also collaborating with Lit Protocol to introduce access control and wallet recovery features, preventing billions of dollars lost with seed phrases.
Holonym is currently in the incubation stage over the next 6 months, where we are conducting user interviews and building a minimum viable prototype with a landing page, user onboarding, account verification, imported activity feeds, and signing verified files (such as preprints, papers, etc.).
- Pilot Community Launch. We plan on launching the first version of the Science Registry MVP at ETHGlobal Amsterdam DeSci conference. The DeSci community has been growing at a rapid pace, from a handful of pioneering members a year ago to nearly a whole week of official events at ETHDenver 2022 with nearly 1,000 attendees. There is a growing need to integrate this community into a social graph to facilitate growth and interconnection. Users will be prompted to link their ORCID, twitter, google, and github accounts to a scientific persona that displays their activity and academic footprint.
- Early Partner Integrations. Next, we seek to expand our early adopter user base by integrating with existing dApps such as ResearchHub, The Journal of Organizational Psychology, and the openlab protocol. We will also explore integrations with other publishers and dApps requiring identity solutions. These integrations will demonstrate how interoperable user profiles will function in practice and what new design patterns and user behaviors may emerge.
- User Adoption Campaign. We seek to raise awareness of the platform by targeting the 15 million users of ResearchGate to claim their accounts on Holonym in order to receive unique NFT profile pictures to complement their persona and achieve eligibility for future airdrops (token tbd.).
- Institutional Partner Integrations. Lastly, we seek to achieve ISO certification for identity verification in order to obtain endorsements and identity solution partnerships with institutions. This will generate trust in our identity solution as we seek mainstream adoption amongst scientific communities.
We are currently in the MVP testing stage, pre-launch. The Smart Contracts are currently live (
https://explorer.pops.one/address/0xdf10310d2c72f5358b19bf6a7c817ec4570b270f) on Harmony test net. There is a GUI which works for scientists’ ORCID accounts at
https://www.whoisthis.wtf. We predict about 500 users within our first week, based on interest from existing users. With our upcoming integrations with ResearchHub and TalentDAO, we predict between 1-5 K users in the following months.
What is our roadmap?
For the next 6 months, We will require $135,000 USD in funds to cover salaries for three full-time contributors, contract developers and UI/UX designers, cloud services overhead, and a security audit as we incubate the project. This budget can be broken down in milestones to be achieved over the next 6 months:
- M1: User & Market Research. Interviews with at least 20 users and potential clients drawn from three categories: 1) Active Web3 DeSci Users, 2) Agnostic Academic Users, and 3) Institutional and Organizational Clients. We will use these interviews to construct personas for DeSci, Web2 Academics, and Institutional users. These personas will allow us to identify pain points and potential business or tokenomics models.
- M2: Minimum Feature Prototype. We expect to launch the minimum feature prototype on Harmony testnet at an Ethereum Conference to onboard our first 500-2000 users within the DeSci space. We will demonstrate custom defined user personas, identity verification, and imported user digital footprints.
- M3: First DeSci dApp Integration. We will seek to integrate with existing DeSci partners, such as ReseachHub, talentDAO, DeSciLabs, and LabDAO to onboard their users with a Holonym. Code modularity, interoperability of schemas, and emergent design patterns will be studied and used to inform the subsequent roadmap.
- M4: User Requirements for Iterative Design. The MVP will be used to gather User feedback in an additional round of UX/UI and Market Research. Key deliverables will include updates user personas for how people use the app, identification of key user pain points, most requested features, and any other feedback that can be used to inform the requirements for the application. Client integrations will also be assessed and used to inform continuing development.
- M5: Develop User Growth Campaign. User Requirements will be also leveraged to develop a User-Base Growth Campaign to identify the best use-cases and communities to onboard unto our application. The User Growth Campaign will include a detailed plan for identification of distinct user communities, channels for tapping these communities, requirements for integrations and activation of members in those communities, and finally an execution plan to launch the application and attract new users.
- M6: Execute User Growth Campaign & Solicit On-going Feedback. Our last milestone for this grant will execute a growth strategy by leveraging on-going partnerships, platform integrations, and community momentum to establish a measurable network effect. Some strategies for this include a (legal and ethical) “vampire attack” by linking email account credentials to send and receive emails and money on the Harmony network linked to possible airdrops, rewards, or other incentives for using the platform.
These milestones will position us to enter an accelerator and target VC funding to research and develop additional features such as 2FA, Account Recovery, Integration with Institutional Clients, and generic account management features. In the medium term, we will target 5 million users, or about 2% of real people who currently hold cryptocurrency accounts. As web3 grows more mainstream and network effects happen with identity platforms, one billion users becomes a possibility. Eventually, we envision all products, platforms, protocols, and individuals interacting on web3 to use our service in lieu of other identity services to the flexibility and user-owned design principles.
Another reason we chose Harmony is because of its $300M fund. We are grateful to Harmony for providing $1000 already to our project as an ETHDenver hackathon bounty and for encouraging us to apply for more funding. We had a helpful discussion with Labesh Patel who reviews grants at Harmony and runs a KYC business. He advised us on future directions and business models for verification services. He then recommended we apply for a Harmony grant, due to our shared interests with Harmony in the academic community and potential for bringing users to DLT.
Most importantly we require funding to support this project. We are also seeking advisors that can help us plug into the existing Harmony ecosystem, develop business models, and establish partnerships beyond Web3.
Shady El Damaty, OpSci,
Neuroscientist, data engineer, founder of OpSci - an early Decentralized Science community. Performing project management, strategy, and user-guided development for Holonym.
Nanak Nihal Khalsa,
Neuroscientist, creator of WTF protocol underlying Holonym. Computer science and blockchain nerd. Overseeing technical vision and execution.
Hacker at heart, I take apart the layers of reality, currently focusing on computer science and distributed systems. Thinking about architecture and data structures involved with WTF and related protocols
Software developer and technical writer. ConsenSys Blockchain Developer Bootcamp Alum.
Niklas Rindtorff, LabDAO,
We are requesting $135,000 USD in funds to support our development work over the next 6 months to be broken down across 6 milestones.
Our milestones listed above will be assessed with the following metrics.
- User interview database, validated user personas
- Functional prototype on Harmony Mainnet
- Onboard first cohort of users (500-1500)
- User growth rate
- Account verification requests
- Number of linked papers and knowledge artifacts
- Social media engagement
- Number of integrations with other dApps and requests made through bridges
ORCID Smart contract live on testnet
Brief description and source code is available at
Holonym repository is available at
A video is available at
A demo is available at