- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Sun, 21 Apr 2024 17:49:12 -0400
- To: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
On Sun, Apr 21, 2024 at 1:56 PM Adrian Gropper <agropper@healthurl.com> wrote: > I don't see how this reputation system is resistant to Sybil attacks. It could be if you had a "trusted witness"[1], an "issuer-known pseudonym"[2], or a "link secret"[3] (I think?). Quora is a great example of a social network that uses meronyms, granted, all of it is self-attested. You've got people on there with a picture and a name (but in the age of AI, who knows if that's real!?), and then you can see their occupation (again, is it real?), which gives you some confidence that they actually know what they're talking about. There are other tools employed, such as the person asking the question/engaging in the discussion is the comment moderator for the question they answered, which puts some level of stress on them, but results in tamping down a fair bit of troll-y behaviour. This part is important for sybil resistance as well. Non-meronym-based VCs could be used to establish some level of trust in the individuals qualifications and then additional VCs could be issued by a trusted third party to establish the meronym, which might be associated with an ephemeral DID. All that feels fairly workable and an iterative update to the way some of the less toxic social networks work today (Quora, Stack Overflow, Reddit, etc.). Nice find, Steven! :) -- manu [1] https://ieeexplore.ieee.org/document/9031545 [2] https://www.w3.org/TR/vc-di-bbs/#pseudonyms-with-issuer-known-pid [3] https://hyperledger.github.io/anoncreds-spec/#term:link-secret -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
Received on Sunday, 21 April 2024 21:49:53 UTC