NFTs as Keys. Web3 Authentication in the Pseudonymous Economy.
Since the beginning of web authentication and login systems, having to remember multiple passwords and login credentials has been one of the biggest UX flaws on the internet, if not THE biggest.
On every platform, we use a different account. In order to access our accounts, we use centralized credentials which at the end of the day belong to big tech companies (like e-mail addresses or phone numbers). On top of that, the login systems themselves are often owned and designed by these same companies. This combination allows a few very powerful entities to exclusively control and monetize our authentication flows and user data.
With this article, I want to share some ideas on why I believe that authentication services on the internet desperately need an update, how this update can be achieved and what it means for future online societies.
Before we dive into the matter, a disclaimer:
I wrote this article in a relatively optimistic manner, knowingly ignoring many of the current problems with web3 technology and cryptocurrencies.
These problems are political, economic, and social:
- Hyper capitalist on-chain governance through financial power
- Market manipulation with NFTs and obvious Ponzi schemes fuelled by bots
- Lack of customer support, eg. on the loss of password/private keys
I am happy to discuss these issues and might address some of them in future articles.
Web3 wallets, NFTs, and the pseudonymous economy.
The innovation that I will talk about in this article is related to the so-called “Web3” and blockchain wallets.
In case you have never actively interacted with Ethereum or another blockchain that has working smart contracts, chances are high that you will have a hard time understanding many of the ideas that are going to follow. But please bear with me as I try to elaborate on most of the premises.
However if you’ve already used a tool like Metamask or have interacted with decentralized technology (no, trading cryptocurrencies on centralized exchanges doesn’t count), you have surely already had one or more “Aha” moments. But even then, you might still struggle to realize the enormous and mostly unexplored potential that lies ahead in this space.
First things first: What’s Web3?
Web3 is the next iteration of the internet. The future of the worldwide web is a combination of blockchain technology and existing web infrastructures which, together, create completely decentralized use cases and apps we call “dapps” (decentralized apps).
In order to interact with this technology, you need specific browser addons: web3 wallets. These wallets (like for example Metamask mentioned already above) allow you to store cryptocurrencies (fungible tokens) and Non-Fungible Tokens (“NFTs”, extreme simplification: unique digital assets represented by a specific TokenID) on a blockchain network of your choice (most popularly Ethereum).
Using these wallets is fairly simple. They’re supported by every major Desktop browser, like Chrome or Firefox. Some alternative Browsers like for example Brave (which I can highly recommend) have them preinstalled. A flaw: Most mobile browsers don’t have native support yet.
When you install such a wallet you are assigned a private cryptographic key or seed phrase (that you need to store safely because it’s your recovery code) and with this private key, you effectively own a blockchain address. This private key can be moved to — and used on whatever web3 wallet you like, it doesn’t have to be the same wallet provider, in our example Metamask.
If your first thought now is: Wait, what if somebody steals my wallet? Don’t worry: it’s way more difficult to find out your 256-bit private key than it is to find out your email and “pw1234” combo.
With this blockchain address of yours (or more specifically with this so-called “Externally Owned Account” — EOA) you can now securely store digital assets and sign blockchain transactions. Such transactions can have different purposes. The most prominent one is sending tokens (Fungible or Non-Fungible) to another wallet. However, transferring assets or cryptocurrencies is by far not the only option. In the following article I want to address one specific use case:
Authentication through NFTs on web3 wallets — “NFTs as Keys”.
While some users may have made first experiences with Web3 NFT products through Cryptokitties or lately through Axie Infinity, I feel like the general public is still mostly oblivious to the possibilities.
If you have never heard of NFTs, you may want to pause reading here and do some homework first: https://en.wikipedia.org/wiki/Non-fungible_token
“Show me your NFTs and I will tell you who you are”
A blockchain account (EOA as explained above) can be used to authenticate and connect to different dapps.
In your Web3 wallet application, you can store more than just 1 account. You can then choose 1 account to connect to platform A, and another to connect to platform B. On truly decentralized apps, there is no initial KYC (Know-your-customer), no real-name policy, and no identity for these connections. At the very beginning, a new account is empty and anonymous.
That is until you decide to add certain assets to your wallet.
At this point, it’s important to understand that anything you do on a public blockchain like Ethereum is by default indeed public. When created, an account is empty with 0 transactions. However, all of the account activity that follows (like for example signing transactions, sending money, or buying NFTs) can be analyzed for example via Etherscan.io. Such an analysis also includes displaying all your assets, fungible (eg. cryptocurrencies) or non-fungible (eg. NFTs).
Now for NFTs, they represent digital data that can be owned by these wallets. NFTs can have properties and metadata, and through said metadata, they gain value(s). The properties they can have are vast, they can be fictional or practical. For example, NFT use-cases range from the Ethereum Name System (ENS) “.eth” domains to digital art pieces over to digital items, liquidity positions, and even debt with a negative value. In fact, they can be anything their creator wants them to represent/store.
Slide from Balaji Srinivasan: The Pseudonymous Economy — https://www.youtube.com/watch?v=urtXRg9Nl3k
Holding specific NFTs in a wallet thus means combining/linking these properties to a blockchain address. The NFTs you hold define who you are. A quick look through Etherscan.io with your account address will display all the NFTs you own.
For example: buying the yourname.eth domain with your account can make it quite obvious that a specific address belongs to you aka “yourname”.
We can therefore say:
A wallet is a priori anonymous.
NFTs make it pseudonymous.
NFTs assign attributes, values, properties, items and thus turn anonymity into meta-identity. These assignments can, as already mentioned, happen through the Ethereum Name System, your wallet liquidity, your profile picture NFTs, your Metaverse accessories, and many more factors.
NFTs add properties to otherwise blind and anonymous authentication software.
An open item layer
The NFTs themselves are available on an open, decentralized, global market. Through visual platforms like Opensea.io, users can today easily interact with Ethereum Smart Contracts and established standards like ERC-721 or ERC-1155. They can auction, buy or sell tokens according to basic (still unregulated) rules of code.
Since all of these non-fungible items are available on a decentralized ledger, we can go as far as considering blockchains like Ethereum open and public “Item layers” or “Asset layers”. We can also say: There’s now a virtual gigantic auction house on the internet that everyone can interact with.
From this layer, developers can actively choose which assets to support on their own platforms through these open and standardized protocols.
As a user, this means that specific NFTs in your wallet allow you to unlock specific areas, features, skins, and items on future web platforms or in online games.
These features already exist today.
Example of AR fashion by RTFKT (pronounced “Artefact”): https://www.tiktok.com/@rtfkt
Similar to the principle of “you are what you wear” in real life, the NFTs & properties you store in your wallet will define who you are online.
This is an extremely powerful concept and it’s the idea behind what Balaji Srinivasan calls the “Pseudonymous Economy”. Our future online interactions will not be made by our identity cards or our anonymous wallets, they will be made by our pseudonymous accounts.
The NFTs you own define who you are. They define your credibility, your legitimacy, your online identity. You can transfer them, move them, sell them and build upon them.
At this point, we can therefore summarize: your wallets and NFTs mirror your digital personas on future online platforms.
They will store your clothes/skins, items, VIP access cards, credit scores, housing keys, etc. in a new pseudonymous economy.
“NFTs as keys”
Going back to authentication services: Web3 Wallets are de-facto password aggregators where you can use one password to unlock several credentials on multiple platforms.
“NFTs as keys” extend the simple wallet/password authentication use-case. Once you use your wallet to connect to a specific platform, this platform will be able to read your wallet content (as soon as you press a “Connect wallet”). It will then identify your pseudonym.
Again: You choose which wallet to use; you decide who you want to be, at what time, and in which universe (the political left should love this hehe).
Holding a specific NFT on an account gives access to special functionalities, as already demonstrated through these projects:
seen.haus — Order a physical item with your NFT
MetaKey — Access certain areas in Decentraland, get airdrops, access to web platforms, …
BAYC — Gain exclusive access to “The Bathroom”
For companies, this is a powerful concept that can extend existing payment models. Imagine a “Coupon”-like Scenario, where instead of entering a “Coupon Code”, you connect through your web3 wallet and the coupon is automatically applied. In this case, you can think of your NFTs as the coupons that trigger a piece of code on the website you’re visiting.
Think of business models like these:
“Own our NFT — get free access to our fitness program”
“Buy my NFT & watch all my courses for free”
“Holding our NFT means receiving one free razor blade every month”
Or as demonstrated by Gary Vaynerchuk: Owning one of his “VeeFriends” NFTs gives access to a dinner, a Google Hangout Call, and other perks: https://www.veefriends.com/
For economic success, a crucial part here are the programmatically included royalties an NFT creator can add to his/her smart contract: each time an NFT is sold to another person, the creator earns a predefined royalty.
This is both a blessing and a curse from an economical point of view.
Let me explain the business case through an example of an NFT premium membership card:
Imagine your business is selling 100 exclusive NFTs that give access to your e-learning website “NFTacademy”. Since you’ve sold them as NFTs on a blockchain, these access rights are now tradable. This means that your community and active members will ultimately define their price on the secondary market. They define the amount of royalties you will earn in the long run (Remember: they technically own the NFTs, so they can sell them freely including all of the included perks).
In this case, our membership card is a key to the e-learning platform. Users can only connect to our exclusive member area if they own our “NFTacademy” NFT.
However, as the creator, you control the market/prices. You can mint new NFTs and reduce scarcity or you can improve your product so that the existing NFTs become more valuable. Or do both.
- If you mint new NFTs that provide access to your product/service you will make a quick buck, but by doing so reduce the price of the existing NFTs in circulation. Thus you may earn fewer royalties over time because there is less activity on the secondary market.
- If you decide to improve your actual product/service without new NFT memberships, you will earn more royalties over time (because demand will increase), but you won’t onboard new members.
It’s not trivial to predict what the best financial outcome for you will be. Your best bet will be determined by many factors, including your marketing strategy.
In the past months, we have seen many NFT projects rise on the internet. Prominent examples like the so-called “Profile Pic” Projects, eg. Cryptopunks, Bored Apes Yacht Club, Cool Cats, etc., or tons of artists who joined the hype train in 2021. A lot of innovation has happened in a very short time.
Unfortunately, many of these projects were rushed to make a quick buck off the hype. So for most of these circulating NFTs: You cannot do anything tangible with them (not even sell them, because there is no market/ no demand), which at the end of the day makes them, sadly, quite useless.
The problem here is: many NFTs do not have any practical value.
They lack the “web3” aspect. They lack authentication features. They lack a use-case.
Now what’s beautiful is that, because these NFTs live forever on the blockchain, this use case can be constructed whenever by whomever. So useless NFTs don’t need to stay useless forever.
At this stage we can sum things up:
- Web3 wallets can be used to create online personas
- EOAs (Externally owned accounts) are the backbone of a pseudonymous online society
- NFTs turn anonymity into pseudonymity
- Developers can attach a use-case to any NFT they like on this open “Item layer”
- Businesses and creators can sell NFTs and add value to them as a business model
- NFTs are tradable on a secondary market, the available use-cases influence their value
- NFTs can be used to raise seed or VC funding as an alternative to platforms like Kickstarter
“Not your keys, not your data”
Now you may still wonder: Why would I want a new authentication tool? Why should I bother?
“I already have my Facebook Login”.
A big problem you might be ignoring with existing centralized web2 login systems or rather centralized identifiers, in general, is that the users do not actually own the data they upload and the identifiers they use (eg. telephone numbers, email addresses, usernames on social media). On most existing web2 platforms it’s not possible for the individual user to actively control the flow of his/her data. This has not only led to many ethical and economic incidents in the past, for example when platforms did not take necessary security measures to protect user data from hacks or leaks, but it has also allowed Big Tech to accumulate an incredible amount of owned data. Data they can use to fuel their software products, most importantly their machine learning and big data algorithms. Furthermore said data is being used to sell targeted ads on centralized platforms, to the profit of some monopolistic, panoptic platforms.
These issues with centralization are also on the mind of the W3C. A week ago, a recommendation draft was released on the topic of so-called Decentralised Identifiers (DIDs): https://www.w3.org/TR/did-core/
Now it is important to understand that web3 wallets will by no means suddenly replace the existing identifier solutions. In fact, they don’t even want to (Proof of pseudonymity on web3 vs. Proof of identity on web2). However, they add a cryptographically secure, standardized, public, and open-source authentication layer on top. A layer that is pseudonymous. A layer that does not require government-issued identity cards, no telephone numbers for authentication, no clear name policy, and most importantly it has no need for a bank account or VISA card because payments are processed directly through the network (on every device anywhere in the world as long as you have free internet access).
As a result, over time, we might be able to make the world a bit fairer and a bit more user-friendly by collectively embracing cryptographically secure web3 wallets and the Non-Fungible Tokens that come with them. And who knows, maybe we might even be able to keep decent “freedom after speech” in most countries of the world.
“NFTs as keys” have intrinsic value. They can unlock exclusive features, memberships, subscriptions, items, and more.
They allow developers to build a more secure web and more open/fair web.
They provide new marketing possibilities and fuel new community behavior for brands.
They extend simple authentication mechanisms of anonymous wallets and make these wallets pseudonymous.
They are the tool that will enable the pseudonymous economy.
They are tradable, immutable, economically interesting, cyberpunk, and in my opinion inevitable if we want to build a better, more sustainable, and freer internet.