Overview of Gitcoin

Gitcoin, a key player in the Ethereum ecosystem, launched its innovative Gitcoin Grants program in 2019, contributing over $59 million to public goods in the Ethereum network. The platform promotes open-source software development and supports Web3’s innovative ecosystem. Gitcoin’s primary objective is accelerating decentralized technology by providing funding, incentive programs, and community resources that help developers and innovators worldwide bring their ideas to life.

Gitcoin has explored various models, including tech accelerators, hackathons, and bounty programs. In 2019, Gitcoin discovered quadratic funding (explained below) as an attractive method for funding public goods, marking the beginning of “Gitcoin 1.0.” This model gained widespread recognition, including an endorsement from Ethereum co-founder Vitalik Buterin and adoption by leading protocols like WalletConnect, Uniswap, Yearn, and 1inch.

By 2024, Gitcoin successfully transitioned from “Gitcoin 1.0” to “Gitcoin 2.0.” This shift reflects the expansion of the Ethereum ecosystem driven by Layer 2 solutions, the growth of open-source development, and the increasing adoption of funding programs. Gitcoin 2.0 transforms the platform from a centralized system into a modular, open-source suite of tools and protocols anyone can use or build upon.

As of January 2024, Gitcoin has successfully conducted 19 rounds of quadratic funding, distributing over $59 million and supporting numerous early-stage developers and projects like Uniswap, Optimism, and Bankless. Over the years, Gitcoin’s brand and influence have grown significantly, making it one of the most prominent organizations in the Web3 space.

Gitcoin has also partnered with various organizations, from crypto-native entities like Coinbase and the Ethereum Foundation to traditional organizations like UNICEF and the American Cancer Society, which have shown interest in blockchain technology. Gitcoin 2.0 showcases the potential for blockchain in traditional funding models. By combining programmable money, smart contracts, and decentralized governance, Gitcoin offers a more efficient, scalable, and transparent solution for capital allocation, aligning resources with community values and needs, and highlighting Web3’s potential in solving resource distribution challenges.

Quadratic Funding

Quadratic funding (QF) is a decentralized funding model designed to maximize the fairness and impact of community funding, primarily for open-source projects. Proposed by Ethereum co-founder Vitalik Buterin, Zoe Hitzig, and Glen Weyl, it aims to democratize decision-making by allocating funds more equitably.

The quadratic funding pool is split between community donations and larger fund contributions. Instead of just considering the donation amount, the matching is calculated quadratically based on the number of donors. Projects with a broader base of smaller donations receive a higher proportion of the funds. This system ensures that funding goes to projects that are more valuable to the community and better reflect their needs.

Introduction to Gitcoin Passport

Gitcoin Passport is an identity verification tool, and Sybil’s defense protocol is built on the Ceramic Network. It is designed to protect users’ privacy while providing reliable identity verification.

Users can prove their identity and trustworthiness without revealing personal details by collecting verifiable credentials, or “Stamps,” from both Web2 and Web3 platforms (explained below). These Stamps help project owners protect their communities from Sybil Attacks, where malicious actors create fake identities to manipulate the system and unfairly gain influence or rewards.

Gitcoin Passport is crucial for helping projects evaluate identity providers. For instance, the Gitcoin Grants system assumes that every participant is a real and independent individual, and rewards are distributed accordingly. However, this system is vulnerable to Sybil Attack. To combat this, the Gitcoin team has spent years developing expertise in Sybil defense and uses Passport technology to safeguard the Gitcoin Grants program, ensuring only real people can influence which projects receive funding.

With their extensive experience in Sybil defense, the Gitcoin team feels a responsibility to help other Web3 projects protect their communities from bots and bad actors. They believe private identity verification is a core service every project needs, so they developed Passport as a standalone product. Currently, dozens of identity providers are using Passport to secure their communities, and it is expected to become a leading open-source identity verification protocol worldwide.

What is Gitcoin Passport?

Passport is an identity verification aggregator that allows users to collect “Stamps” from various Web2 and Web3 verifiers, such as Holonym (KYC), Civic (biometrics), Google and LinkedIn (Web2), and Snapshot (Web3), as well as models that score wallets based on Web3 transaction histories.

Passport prioritizes privacy. When users connect their Stamps to their Passport, they create a verifiable credential confirming specific actions they’ve completed, without sharing personal information. Essentially, it acts as a unique decentralized identifier (DID) linked to the user’s Ethereum address, stored on the Ceramic network.

What is DID (Decentralized Identifier)?

Understanding DID

In the Web2 era, identity management was controlled by centralized platforms like Facebook and Google. These platforms had access to users’ data and could use or share it without consent, posing risks to privacy and data security. Additionally, users had to create different accounts and passwords across multiple platforms, leading to inconvenience and fragmented data, making it difficult to manage and integrate.

To address these issues, DID (Decentralized Identifier) was developed. DID is a decentralized identity management system that gives users full ownership and control of their digital identity. Using encryption, DID allows users to verify their identity and authorize actions without revealing personal information, ensuring privacy and enhancing data security.

Key Functions of DID

• User control over identity and data: DID allows users to have full control over their identity and data, such as transaction histories and NFTs, without relying on centralized third parties.
• Privacy-protected identity verification: DID enables users to prove their identity while protecting their privacy, only sharing necessary information. For example, they can prove they are of legal age without revealing their exact birthdate.
• Data integration and reputation management: In Web3, users can log into various platforms using a single wallet, simplifying identity management and consolidating their digital footprint under one identity. This data integration helps build a more comprehensive reputation system, including user risk preferences and creditworthiness.

Challenges of DID

Although DID brings many benefits, it faces several challenges in practice:

• Balancing privacy and transparency: While users control their data, the transparency of blockchain means all actions can be tracked, potentially exposing sensitive information and compromising personal safety.
• Information silos across blockchains: DID aims to unify on-chain and off-chain identities, but the separation between different blockchains creates information silos, making it difficult to manage identities across networks.
• Limited incentives for identity value: Currently, DID systems quantify user behaviour into “credentials,” but their value relies on community consensus. If credentials are not widely recognized, their actual value is limited, which may reduce user motivation to engage.

What is Sybil Attack?

Understanding Sybil Attack

Sybil Attack is a network attack method in which attackers create a large number of fake identities (like fake accounts) to influence or manipulate the network. These attacks are quite common, such as using multiple fake accounts to skew the results of a vote, increasing the chance of winning a lottery by using fake accounts, or generating fake interactions like posting fake reviews.

Sybil Attack Risks in Blockchain

Blockchain is a decentralized system that depends on many nodes to process and store information. These nodes also verify transactions and package blocks. However, if most of the nodes are controlled by the same person, the supposedly decentralized system becomes centralized. This not only undermines the decentralized storage of data, but malicious actors could also launch a 51% attack or manipulate voting outcomes by controlling the majority of the nodes, posing a major security risk to the blockchain network.

For example, projects may reward early adopters through airdrops as part of their marketing efforts to increase awareness. Similar to how a restaurant might offer coupons or prize draws, a Sybil attack is like one person (or their fake accounts) collecting all the prizes, which defeats the original marketing goal and only benefits a specific individual.

Gitcoin Passport and Decentralized Identity Protection

Gitcoin is a fundraising platform within the Ethereum ecosystem that offers various features such as bounties, hackathons, and grants. Gitcoin Grants is the platform’s core feature, allowing users to donate to open-source projects. Many well-known blockchain projects, such as Metamask, Aave, and Uniswap, have been funded through Gitcoin, with some offering retroactive airdrops to early donors as a way to reward their supporters.

Notable Projects Funded by Gitcoin

To maintain fairness and authenticity, Gitcoin introduced a decentralized identity tool called Gitcoin Passport. This tool helps users create a decentralized identity (DID) by linking multiple Web2 and Web3 services (e.g., social media accounts, Google, GitHub, and cryptocurrency wallet addresses). For each linked service, users receive a “Stamp,” which serves as both a prerequisite for certain activities and a way to increase their Passport score. A higher score indicates greater legitimacy and access to larger donation shares.

Because users must link multiple services and regularly update their Stamps, it becomes much harder for malicious actors to manipulate the system with fake accounts. Gitcoin Passport also updates Stamps periodically to ensure ongoing accuracy. This system effectively guards against Sybil Attack, ensuring that the platform operates safely and securely in a decentralized way. As decentralized identity technology becomes more common, Sybil Attack will become harder to execute, improving the overall security and trustworthiness of the blockchain ecosystem.

Stamps: The Identifier of Gitcoin Passport

Understanding Stamps

A Stamp in Gitcoin Passport is a verifiable credential that serves as proof of a user’s ownership or activity on other platforms. By collecting these Stamps, users can consolidate their online identity within Gitcoin Passport. The more Stamps a user collects, the stronger their identity verification, giving them higher access rights and influence within the network.

Types of Stamps

After logging into Gitcoin Passport, users will see the Stamps they have collected (shown in the red box in the image) and the corresponding score (shown in the blue box). Stamps are categorized into four types:

1. Blockchain and Cryptocurrency Stamps: Credentials linked to the user’s blockchain activities or cryptocurrency holdings.
2. Government-issued Identification: Credentials from official government identity verification.
3. Social and Professional Platform Stamps: Credentials from social media or professional networking platforms.
4. Biometric Verification: Credentials based on biometric verification technologies.

Gitcoin Passport Stamp (Source: Gitcoin Passport)

Stamp Verification Process

1. Connecting with Identity Providers and Projects: The Passport app guides users to link their accounts from various identity providers.
2. Data Access Authorization: Users are asked to approve limited access to certain account information for verification purposes. The Passport app doesn’t store or export any data; it merely confirms the data’s existence.
3. Stamp Issuance: The app communicates with servers to issue Stamps, which prove the user’s ownership of connected accounts. These details are encrypted, and the Passport app only shares proof of account ownership, not the actual account details.
4. Using Stamps: Stamps are stored in the user’s Passport and can be presented when accessing protected data or communities in third-party apps.
5. Stamp Updates: Stamps need to be updated every 90 days to keep user identity verifications up-to-date and improve defenses against Sybil attacks. Long-term users have the convenience of “One-Click Verification” to avoid re-verification delays.

Example: Verifying ENS

1. The user purchases a .eth address through ENS.
2. Afterwards, they open the Gitcoin Passport app and select “Connect Account.”
3. Before the system verifies the ENS Stamp, users sign an authorization message in their wallet to complete the verification process.

Use Cases of Gitcoin Passport

Gitcoin Passport can be used to manage access, boost transparency, and establish trust across various Web3 applications. Developers can integrate Passport into a range of Web3 platforms, including:

• Protecting against Sybil attacks in faucets, bundlers, and airdrops
• Controlling user access to exclusive content, events, polls, or communities
• Weighting votes for decision-making
• Verifying user credibility

Use Case 1: Reward Mechanism

Whether the project rewards users with NFTs, airdrops, or other incentives, project owners want to ensure that only deserving individuals receive rewards. By limiting access to rewards based on a user’s Passport score, owners can distribute community rewards more fairly.

Use Case 2: DAO Governance and Communication Channels

Managing a DAO can be challenging, especially when guarding against Sybil attacks. Gitcoin Passport helps mitigate these attacks by verifying identities during key activities like proposal submissions and voting.

Additionally, it can restrict access to certain roles or operations within communication platforms, ensuring quality interactions.

Use Case 3: Reputation Proof

In situations where users need to determine trustworthiness, displaying Passport scores and verified Stamps provides proof of activity across Web2 and Web3 platforms. This helps users and projects make more informed decisions about whom to interact with.

Use Case 4: Marketplace

When project owners operate a free and open marketplace, such as selling NFTs or concert tickets, they risk Sybil attacks where bad actors create low-quality projects or unfairly acquire high-quality goods (e.g., scalpers). Gitcoin Passport can help prevent these attacks, ensuring fairness in the marketplace.

Conclusion

Gitcoin Passport is a decentralized identity verification tool that has successfully introduced a system into the Web3 ecosystem, ensuring user privacy while effectively countering security threats like Sybil attacks. As the Gitcoin team continues to refine and improve this product, Gitcoin Passport has become not only a vital tool for identity management but also a foundation for trust and transparency in decentralized applications.

In recent years, Gitcoin has been a leader in supporting open-source software and fostering Web3 innovation. Through its Gitcoin Grants program, the platform has distributed millions of dollars in funding, helping to launch and grow many notable blockchain projects. The introduction of Gitcoin Passport has further cemented Gitcoin’s role as a major force in the Web3 space.

The philosophy behind Gitcoin Passport reflects the core principles of blockchain technology: decentralization, transparency, and user control. It’s more than just an identity verification tool—it’s a protocol that enhances the trustworthiness of the entire ecosystem. By bringing together identity verification sources from Web2 and Web3 into a single, unified system, Gitcoin Passport allows users to manage and showcase their digital identity with ease while safeguarding their privacy. The Stamp mechanism ties decentralized identity to practical applications. By collecting and verifying these Stamps, users can prove their activities and credibility across platforms, increasing their access and influence while offering decentralized applications a reliable trust system.

As blockchain technology and decentralized identity verification continue to advance, Gitcoin Passport will remain at the forefront of Web3 innovation, helping to shape a safer and more equitable digital future.