The dangers of “decentralized” ID systems

Tags: #privacy #did #identity #inclusion #kyc

Many decentralized identity protocols are being developed, which claim to increase users’ privacy, enable interoperability and convenient single sign-ons, protect against identity theft and allow self-sovereign ownership of data.

However, many of these protocols rely on government ID as a base layer (as proof of name, age or address, referred to as “Verifiable credentials”). In this system, users are required to upload a video with their passport or national ID card. After this, their name, age or address is marked as verified. Then platforms can query this API and ask is_over_18, full_name or country_of_residence, but have no access to the user’s ID scan or any additional information (e.g. is_over_18 only returns true or false, and doesn’t disclose the user’s name, home address or photo).

This reliance on government IDs means that DIDs cannot protect users against state surveillance ( And just like the existing system, it continues to exclude millions of people who can’t get government ID:,,

Problem 1: Reliance on government ID as a base layer

If decentralized ID is just an extension of the existing government ID system, it provides neither privacy nor financial inclusion.

Via government ID KYC, the state already excludes regular people from jobs, banking, apartment rentals, healthcare, receiving mail, sim cards, contracts and more.

If the state refuses to print ID for someone (which affects millions of people today), there are no appeals, alternatives nor NGOs who can help. Flag Theory (such as St Kitts passports, Panamanian residency, Estonian e-Residency or requires an existing passport or birth certificate. Even IDs for undocumented people (such as Californian AB 60 driver’s licenses) require a foreign passport, national ID card or birth certificate, and can’t help people who have no state-issued identity documents at all. In addition, Red Cross, United Nations and other NGOs don’t issue identity documents.

This existing ID system is harmful, inaccessible and a single point of failure — and if decentralized protocols rely on this broken layer, they will continue to harm and exclude people.

Problem 2: The state won’t give up its monopoly on identity

Fortunately, some decentralized ID protocols aim to be inclusive, and instead of requiring government ID to verify a user’s name, age or location, they use social media or a web-of-trust. This removes the ability for state censorship, and instead allows your friends to vouch for you. With a web-of-trust, friends and family could vouch for your name, age or location; landlords could vouch for your address; employers could vouch for your skills; customers could vouch for businesses; and so on. As it doesn’t rely on government databases, but rather the people you know, it is truly decentralized and accessible.

However, it is unlikely that the state, who forces government ID regulations onto businesses, employers, landlords and healthcare providers, will accept these web-of-trust vouches as “proof of identity”. Instead, the state wants to uphold its monopoly on identity and its disproportionate ability to totally surveil and censor people from the mainstream economy. Even the United Nations ( and World Economic Forum ( are aware of the damage caused by the state’s monopoly on identity, but are unable to convince the state to print IDs for millions of stateless and undocumented people, nor issue their own recognized non-government IDs. Therefore, it’s unlikely that web-of-trust or social media-based ID protocols will be usable for mainstream jobs, banking or apartment rentals.

That isn’t to say that non-government DIDs can’t be used for commerce or daily life. The internet has made it easier to connect with people worldwide and cryptocurrencies have made it possible to send money to anyone around the globe without a bank account or government ID. Despite the war on cash, local markets still accept cash and informal cash-in-hand economies exist around the world. In addition, agorism ( and Bitcoin and Monero circular economies (, focus on building truly free markets outside of the state and corporations, where you can work, rent and travel without government ID. In these non-government markets, a web-of-trust could help with business reviews and reputation, proving education and skills when applying for jobs, or establishing trust for invite-only markets.

Problem 3: Decentralized ID can be censored

Some decentralized ID protocols use cryptocurrency addresses as identifiers, such as Ethereum or Bitcoin Lightning. However, there have been cases where platforms have censored users based on transaction history (such as using a KYC-free exchange, cryptocurrency mixer or buying from specific online stores).

Connecting your identity and social life to your finances already creates privacy concerns (as anyone who you interact with could easily find out your wealth and surveil your earnings and purchases). Even worse, censorship via chain analysis or KYC means that users could be shut out of exchanges, marketplaces, social media websites and more. Imagine that you are permanently banned from Facebook or Twitter, because you recently sent money to a gambling website, bought a CBD product or didn’t want to disclose sensitive information such as government ID (or are one of the 1 billion people worldwide who can’t get government ID, through no fault of their own).

From a technical perspective, cryptographic identifiers may provide better security than passwords. It is much easier to crack an insecure password compared to a (much stronger) Bitcoin private key. Cryptography also enables you to sign messages, proving that the content (such as a social media post, order or contract) really came from you, and not an impersonator.

That being said, PGP already offers cryptographic identifiers, to which you can optionally add your name (or pseudonym) and participate in a web-of-trust. You can use this PGP key not only to login to websites (by decrypting a code that the website sends you), but also verify content via PGP signatures and securely encrypt messages, emails and files. As PGP keys aren’t connected to your finances via a transparent blockchain and you can easily make pseudonymous and throwaway PGP keys, they offer a private and accessible identity framework.

Problem 4: Surveillance and the dangers of linking all your activity to one identity

But why do you need to verify a name? Why not take someone at their word, and allow them to choose what name they want to use? Why do all actions need to be linked to a single persistent physical identity?

Under the state’s government ID system, the state tracks people from birth certificate to death certificate — compiling details of individuals’ jobs, savings, purchases, home addresses, cars, vacations, medical history, phone calls, internet history and more. This level of surveillance is disproportionate and unethical.

An individual’s life should be private. Information should only be shared voluntarily on a need-to-know basis. For example, only your employer, colleagues and customers need to know about your job; only your doctor, pharmacy and insurance (unless you pay out-of-pocket) need to know about your medical history; and many people only share their home address with close friends and family.

Online, in the existing “username and password” model, users are free to create self-chosen identities, pseudonyms and throwaway accounts. It’s natural to want to compartmentalize your activities, such as using separate work and home profiles, not sharing your real life name or location with online chat groups, using a pseudonym for activism, artwork, music or writing, or creating an anonymous account to join a support group (such as for health issues, addiction or domestic abuse). Tying everything to a single identity could cause self-censorship, discomfort (in the case of sensitive or health-related topics) or even serious safety concerns (in the case of activism, discrimination or escaping from abuse).

For commercial transactions, such as shopping, jobs or apartment rentals, there are many ways to establish trust without a persistent or state-assigned identity, such as:

For many commercial transactions, a persistent or personal identity is not necessary. In cases where a name is required, simply saying your name should be enough (with optional verification via a PIN, PGP signature, web-of-trust or social media profile). In any case, neither a single persistent identity nor a state-assigned identity should be required for participation in the economy or social networks.


The surveillance and exclusion currently caused by gatekept government ID systems clearly shows the dangers of identity databases. If you are working on decentralized identity, allow users to participate without linking government ID, allow pseudonyms and throwaways, and keep a regular “username and password” login available for people who prefer it. Don’t create a clone of the existing broken system, but take this chance to create an alternative, inclusive and privacy-friendly ecosystem that everyone can participate in.