Multidimensional Identity?

Bot-proofing your site?

CUBID

* Proof of Unique & Alive Human *

A Litepaper

TL;DR

This site describes a new protocol that will solve the "unique human conundrum" - allowing apps and sites to know that they are dealing with a unique and alive human. Such a feature will then enable a ton of good in web3: democratic voting, fair airdrops, quadratic funding, universal basic income (UBI), and much more!

We need your support to make this reality.

Why? What's The Problem?

A whole slew of things are simply not possible in web3 today due to the lack of readily accessible Proof-of-Unique-and-Alive-Human protocols:

No democracy. Fair voting online is still an unsolved enigma in both web2 and web3. Web2 falls back on privacy-invasive KYC and national boundaries. web3 reverts to simple plutocracy where whoever has the most tokens wins, where rich means powerful, where votes can be bought for very cheap.
No Conviction Voting. Principles like quadratic voting, pluralistic voting and others were invented years ago but lack adoption. Why? Largely because they rely on knowing who is a bot vs not, and that's a hard problem to solve.
No fairness. “Fair launch” is still largely an ideal that fell by the wayside due to the only way of accomplishing it is by requiring KYC, as most other attempts quickly get hacked. Airdrops are not fair nor widely distributed.
No shame. Social networks are flooded with bots. Comment sections are filled with trolls.
No UBI. Distributing small amounts of money to large groups of people - Universal Basic Income - is very hard in web3. It’s all too easy to make a bot that creates me hundreds or thousands of accounts just to gain more that my fair share, to the detriment of everyone else.
No funding. Quadratic funding is a breakthrough way of funding but requires uniqueness in order to prevent gaming the system.
No earning. X-to-Earn (move to earn, play to earn, learn to earn) would be a lot more prevalent if it was easier to verify that people only signed up once.
No play-once gaming. One-time play game features is a largely unexplored creative domain. Such as: when you die you can’t come back, how does that change users in-game behaviour. How is cheating minimized if when you win you can’t play again. Etc.

Another way of describing the problem is this: It's really hard to solve for Sybil resistance online without relying on national KYC. It's been described as the infinite game against hackers equipped with better and better AI-powered tools.

The Ideal Solution...

A Proof of Unique and Alive Human (PUAH?) solution would have the following key characteristics:

Allow sites and apps know that their users are
- UNIQUE, no duplicate accounts are possible
- ALIVE, still breathing, not yet dead
- HUMAN. Not a bot, not an AI, not a machine
Be decentralized, self-sovereign, and censorship resistant. Everyone should have sovereign rights and access to their individual identity, no one should be able to block or censor this. (Apps can block people from accessing their site / app on the other hand)
Be recoverable, in case their account gets compromised
Be anonymous. It must be up to the user to volunteer which parts of their identity they want to disclose. Which means that the system by default should disclose ZERO information about the user, and offer ZERO possibilities to trace the user to other data points such as their wallets, transactions or connections
The protocol should be governed by the users themselves, by the community that the protocol serves
Be systemically defensible. Another way of saying this is that the system should be cheaper to defend than to attack
Scalable. The system should become stronger and more reliable with size, not the other way around
AI-proof. Capabilities of AI systems are evolving at breakneck speed. A PoUAH system must be able to always stay at least one step ahead.

Unfortunately there is no protocol to date that satisfies all criteria...

What? No Existing Solutions?

Sure there are a lot of existing solutions out there already. But here is the problem: None of them satisfy all of the simple minimum criteria. And so they all suck!

First of all, the common question we get: Isn't government issued ID good for this? Isn't that why we have KYC? Simple answer, NO! Slightly longer answer: You're misunderstanding the problem. KYC identifies you as human, but not unique. One person could easily enter two different KYC twice, first with a driver's license and then with a passport. And if you have double citizenship you could duplicate this and have four different logons. Plus KYC sucks in many other ways.

OK, second question: What about leveraging KYC plus a national identifier, such as a social security number in the US. Yeah this is the old way of solving the problem. But it doesn't work either.

Isn't compatible with decentralization (because... governments).
Isn't compatible with web3, because most governments won't let us cross reference against their databases. In many countries it's even illegal to even ask for someone's national identifier.
Won’t work cross-border, because there is no global identifier system (other than passports, and most people actually don't have passports). Web3 is global by it's very nature, so that's a no-go right there.
And most importantly, won’t work AT ALL with the 1.7 BILLION people that are paperless around the world. They don't have a national identifier to begin with.

Third question we get: Couldn't we just use smart phones? Most people only have one. Well, there is your answer. Not everyone has one. Others have two cell phones, so that makes them able to cheat a uniqueness check. And hackers, who we are really designing for (against) can easily spoof 100 or 1,000 numbers. So unfortunately phone-gating only works for your average user, not for everyone and certainly not against hackers.

But surely there have to be a number of web3 attempts? Yes, there are. Some notable examples include BrightID, Idena Network, Gitcoin Passport, Proof Of Humanity, GoodDollar and WorldCoin. These have all solved uniqueness in their own way. However, they all come with their own set of yet-to-be-solved challenges, including but not limited to

Relying on capturing biometrics (which many users don't want to give up)
Lack of continued liveness check after the initial verification
Non-user-friendly experiences
Lack of account recovery strategies
No support for people who share a device, or don't have a smart phone
Standalone esoteric solutions without any utility or user adoption
Reliance on one single protocol strategy
Lack of qualification of how reliable their uniqueness certificate is
Plus more...

Check out our more detailed competitor review of the existing key Sybil resistance protocols and their various failings.

So What's Our Secret Sauce?

Well... we're not quite ready to spill all the beans yet. But here are a few components we are including:

An awesome user experience. It should be both pleasant and fast to sign up. We are leveraging lessons learned the last 10 years from the best web2 experiences. No mnemonics or seed phrases to back up, at least not for casual users.
Self-sovreign identity. Users have full control of whom to share which data with. All their data is reusable across platforms. Their identity data is kept safe and encrypted at all times.
A few different account recovery options. Users can choose if they want to rely on friends and family, or a more centralized option, or if they are advanced they could also choose to back up their own seed phrase in cold storage. Account recovery sounds boring and simple, but becomes both complex and very important for a decentralized PoP protocol.
Gamification. Users will be encouraged with positive reinforcement to come back and complete various guided tasks, all of which are designed to strengthen their identity.
Opt-in to importing credentials from partner protocols, each of which solve uniqueness in their own way.
Opt-in to also provide full KYC and liveness check for increased verification levels.
Open sourced

To make this certificate easily accessible for web3 protocols to ingest, we can then mint a Soulbound Token (SBT) to any wallet of a certified user. This SBT can then in turn be queried by any dApp.

The answer to the problem you didn't know existed: CUBID!

C is for Crypto-powered
U is for Unique Human
B is for Breathing and Alive
ID is for Self-sovereign ID-entity Management
UBI in the center is for Universal Basic Income

Potential Market Size?

The potential for end user adoption is huge: 350 - 390 million possible users.

In 2021, the number of internet users worldwide stood at 5 billion, of which 4.5 billion are active social media users. This means that almost two thirds of the global population is currently connected to the world wide web.
Of these, well over 78% are lower middle class or below, which means that they are either experiencing financial hardship, food insecurity or lives hand-to-mouth with little or no invested savings, and would thus benefit from the opportunity to supplementing their income with UBI.
We can assume that users that are already using social media would also not hesitate to use a self-sovereign online identity solution - if it gives them further benefits.
Sum total of 3.5-3.9 billion possible users.
If we assume a moderate to low target state adoption of 10%, this leaves us with an addressable market size of 350-390 million users.
Opportunity to charge a very small signup fee and also an equally small minting fee for users that wish to mint their proof on chain.

Some Use Cases?

We are a SaaS protocol. Our customers include a multitude of protocols and Apps with use cases such as DAOs, DeFi, games, and various other sites who wish to qualify their users as unique and alive.

DAOs and other governance bodies requiring one-person-one-vote, or requiring human gating, or quadratic voting. There are already thousands of DAOs, with $10 Billion held in DAO treasuries, and 1.7 million governance token holders as of June, 2022. (source)
Airdrops, Token launches, ICOs, etc. of which Airdrops are largest and typically range between 10k and 200k users each. If we assume that 50% of these are Sybil accounts, we can expect somewhere betwen 5-100k users to sign up with us for each of the first few major airdrops that require CUBID (with a decreasing marginal signup rate thereafter due to overlapping users.)
UBI protocols. There are currently 4-5 active and viable global UBI protocols, with a combined user base above 500,000 users and $2M+ TVL.
DeFi. The global decentralized finance market size was valued at USD 11.78 billion in 2021 and is expected to expand at a compound annual growth rate (CAGR) of 42.5% from 2022 to 2030. (source)
X-to-Earn such as learn-to-earn, play-to-earn, move-to-earn all require some uniqueness validation to prevent Sybil attacks. Top protocols to benchmark against include Rabbithole, Stepn, Sweatcoin, Axie Infinity, Sandbox, Gods Unchained, Binance Academy, Coinbase Learn. This whole segment is still nascent and largely untapped. The learn-to-earn category was first out the gate and it alone is currently valued beyond $4Bn.
Social networks and other web2 sites who wish to qualify their users into an premium verified tier, e.g. Twitter Blue. Or newspapers who wish to reliably give people one free article per week or gambling sites that want to give users $1 per day, and have this work across all platforms. Twitter alone has 400M users. If they adopted CUBID for Blue verification and only 1% signed up, we would still get 4M users overnight. Sites range from Facebook with 1.5Bn users, through Discord / CNN / FOX each with 200-300M monthly average users, to smaller sites like Mastodon with 400k users.
Many other yet-to-be invented features. What would you do with a web3 where you knew that behind every account there is a unique human?Q

Roadmap

Q1, 2024

MVP dApp, Self-sovereign identity with recoverability ✅

Support for social OAUTH, web3 wallet connect, BrightID, proof-of-humanity, and many others ✅

Build Admin Console and Allow Page ✅

Q2, 2024

Integrate first 2-5 customers through API ✅

Iterate to find product market fit ✅ (ongoing obviously)

Add DAO support for human-gating memberships by minting soul-bound NFT certificates ✅

Add KYC as an opt-in ✅

Q3, 2024

Upgrade APIs to v2 ✅

Build out our documentation (started)

Build Webhooks (started)

Q4, 2024

Add UBI protocol(s) to attract millions of users?

Add Marketplace, buy/sell features?

Q1, 2025

Add identity sharding, support for fractional identity (e.g. "I'm over 18")

Can you help us, you ask

Yes! Absolutely

We have a well developed idea and design but are still super early in our technical development. We are looking for support in any and all areas.

Grants and donations
Investments - currently raising pre-seed @$5M
Developers
Advisors
Partners
Volunteers
Adoption. Use cases. Preliminary signups.

What's your unique strength? Please hit us up with a proposal.

We are currently raising funds to be able to continue developing. Our pre-seed target is $100k. If you are feeling particularly generous, HERE are our fundraising options

Contact

Feel free to email us at [hello at Cubid dot me]

Book a quick meeting here

Check out out Twitter: https://twitter.com/CubidProtocol