Chainlens Spaces - Arthur Remy - Linea Attestations

M. Conor Svensson: Arthur, do you want to start by just introducing yourself and telling the listeners a little bit about who you are and we will go from there?

Arthur: Yeah, sure. So nice to meet everyone. So I'm Arthur, based in France. So I started my crypto journey in 2017. I would say, following the space closely as a user first, like professionally, I joined ConsenSys, three years ago, focusing first on helping builders achieve their goals, with our different products. And like more recently I joined the Linea team as a Product Manager. So on the Linea side, I'm focusing mostly on identity and reputation topics. And in this capacity, I'm also collaborating on the Verax Attestation Registry, which is like a community led open source project, that I guess we will talk more about later.

M. Conor Svensson: And of course, attestations are something that we're keen to talk about today. And this is something that was new to me as well. What are attestations? What's the significance of them? Is there certainly one of these emerging topics in the world of web3?

Arthur: Yeah, totally. So attestations, at their core, it's pretty simple, I would say it's information of public interest that is put on-chain. And usually when we say attestation, it's referring to a specific format, which is stored on the attestation registry. So to give some examples, attestations can be information about one's identity. For instance, as a user I performed a KYC and first my address can be considered as a human, I'm over 18 years old. For instance, it can also apply to things like reputation, for proof of persons, I don't know, like I own an account with at least that many followers, like 10K followers. So like I have some reputation or it can also apply to companies reputation, for instance, like the previews that can be stored on-chain and in a permissionless way. Application as well, like if you want to attend that your smart contract has been audited by some entities. So the scope is quite broad. At the core it's just information that you want to verify on-chain to have it stored in a verifiable and immutable way.

M. Conor Svensson: That's awesome. You touched on a few different use cases there, but at this point in time, the Verax Attestation Registry is obviously a live registry, but what use cases are you seeing at this point getting the most interest and traction within the context of maybe web3 more broadly?

Arthur: Yeah. So the big topic at the moment, on-chain with all the airdrops is like what we call proof of humanity, let's say. I think it's the biggest use case, at the moment, for any attestation registry. And this can explain basically because there is a real clear need, for all the DApps protocol chains to be able to identify real user base, to be able to incentivize them. And also you can explain that, because if you want to build a very dense identity and reputation model on-chain, you need to start with the very basics, which is identity. And I often say that POA is like the V0 of identity that you need to start with. Apart from that, there are more and more use cases that are emerging, with richer identities or proving Twitter followers, things like that. Also on the security front where you want to, for instance, attest that a smart contract has been audited so that all the platforms like wallets, explorers and so on, can use this information that is stored publicly to protect the user or at least inform them of like the legitimacy of smart contracts because it's like audit, it’s obviously a very strong signal. So those are like two examples of use cases, but there are many more.

M. Conor Svensson: So it's almost like anywhere that you can see like a check mark, be that on X or be it like a green tick in your browser window where there's someone attesting to the validity of a TLS certificate or just the validity of an account. There's all these kinds of things that people take for granted online, I presume could potentially be, use cases as well for attestation. It just gives that extra kind of confidence in what's being displayed to you.

Arthur: Yeah, totally, totally. And I think this is the level one where at first you're starting with check marks that are strong signals of the thing that you want to prove. And then later on, as the set of information that is published on chain for attestation grows, you can have more complex systems that are creating reputation score based on all the different attestations that you have that can be summarized on the a scale of 0 to 100, for instance, on your overall either reputation as a user or as an address, your DApp security, things like that.

M. Conor Svensson: And you mentioned that users right now, that's definitely an area where it's probably getting more traction. And is this, do you think, because of some of the perceived challenges with anonymity that you see in the world of web3. Because at one level people, you know, like the fact that you don't have to disclose information about who you are and that there's a level of privacy and anonymity that comes with that. But then conversely, people also want to use it to be able to prove who they are as well when it makes sense.

Arthur: Yeah, totally. There is a tension between being able to prove one's reputation without like doxing themselves or exposing in different ways. Usually attestations can be summarized as proof of X, like proof of humanity, proof of Twitter account ownership and so on. So you are not revealing really core data of who you are, but just a proof that can be done by zero knowledge proof, for instance, or more traditional approaches. Still  there is this question of one managing identity on chain, or several identities on chain.

And it's where attestations are an interesting concept that complements things like verifiable credentials, which are basically a way off chain to store information that can be selectively disclosed. So for instance, you can create a verifiable credential of your passport with all the information, such as like your surname, your age and so on. And then you can use the verifiable credential to prove only one part of this, like, my age is above, like some number of, I'm from this nationality, for instance.

M. Conor Svensson: Okay. And that's a really interesting point as well, because one thing that I did want to steer the conversation towards, partly for my own interest, was how it kind of fits in with decentralized identity technology. With what you're saying there, giving the passport example, for instance, which is obviously one that most people can relate to. With a verifiable credential, a credential gets issued and then you can ultimately prove that that is about yourself or a wallet that you can control. But with the attestation, that's a fact that is put on a registry on a blockchain. So, where there is something that someone might not want to make public, is it something that at this point in time, the attestation itself is public information there or is it still sort of privacy preserving?

Arthur: So the main use case is to put public information. So, in the case of the verifiable credential, they are basically storing all the information about you and you want to attest on-chain only the very part that is relevant to you and that you want to share. And it's a way to publicize that. That being said, I mean, we are working on research to understand how we could embed more privacy into attestation. There are obvious, very simple things that can be done, like putting some hash information of the thing you want to prove on-chain and not all the information that can bring some level of privacy. One example is that you want to prove that at some point you took a picture. Of course, you don't want to put the full picture on-chain. A way you could do it is just hash the full picture and anchor the hash as an attestation on-chain so that it's recorded. And later on you can just show people the picture and the timestamp that proves on-chain that, like I add this picture over time. I'm not sure that privacy in this case is the main use case, but just, trying to illustrate one way of doing it.

M. Conor Svensson: Yeah, and that's certainly super helpful. And so at this point in time, effectively what you're saying is that attestations are used for information that can be public in terms of it's a fact that you choose to disclose that can then be proven, that someone can prove, but it's the proof of that that is stored on a public blockchain or in a registry that we'll get onto in a minute.

Arthur: Totally, totally.

So, yeah, maybe to speak about the specificity of the attestation registry, we need to go back to the previous way to store credentials on-chain. And like, the historic way of doing that has been NFTs, but the reason why attestation registries have emerged as a new primitive for storing information on-chain is that NFTs at first had been designed to define ownership of a specific asset. Right. And so it's not really the right tool, in our opinion, to attest information. And the reason is that it has not been built for that. And so, inherently, it doesn't come with all the benefits of an attestation registry. The attestation registry stores all the attestation in a single place, a single smart contract on-chain. And so it brings multiple benefits. The first one is that since everything is in the same place, you can access it, read from it, discover new attestation quite easily with only one interface, where with NFTs, each time you have a new NFT, this is a new smart contract and so it fragments a lot the information which in turn makes it really harder to build interesting use cases on it, like composed attestation to compose data points together, to really create for instance, a reputation system or more complex, use cases. I went a bit farther, so please tell me if I missed the point of your initial question.

M. Conor Svensson: No, no, this is exactly where I wanted this next part of the conversation to segue into, which was really what is the intent of the registry? And you mentioned of course that attestations are doing something that people had been using NFTs for, but weren't so well suited for it because as you say, the attestations, you really use a registry with a single contract rather than like a contract for every single set of DApps. But how does this relate to POAPs as well? Because I know that you've spoken about POAPs too, and they're something that people use currently, of course, to prove that they were at an event. And people love collecting their POAPs. So how do they kind of tie in with attestations as well?

Arthur: So at their core, POAPs are also an NFT contract, right? So since it's a single use case, which is proof of attendance, they don't really care about fragmentation, because they have their own NFT contract. But if the POAP team were to use an attestation registry for their protocol, it would enable POAPs by default to be compatible, composable with a lot of different attestations. So for instance, you could see that someone has attended a Linea event, but someone has also an attestation of being aLlinea builder because they created some like pull requests or commits on like our GitHub repository. And this information together is more valuable and gives more information about someone's reputation than just having the proof of attendance badges.

M. Conor Svensson: And so with the POAP model, it's effectively you have a POAP that gets issued for a specific event. Whereas if you were using attestations, you could create a set of attestations for someone's attendance at a specific event. But then because the attestation is associated with a specific wallet or account or on chain identity, you could then tie that to other attestations associated with that same account, so to speak, without having to have a common framework. I'm trying to think out loud here, but with the POAP approach, effectively you've got to mint new types of POAPs for all these different things. Whereas with a registry you could almost be accumulating all of this information over time. So everything sits in one place and then, down the line there's these ways in which you can link that data quite easily.

Arthur: Yeah, totally. I would say that POAPs should be a use case for attestation registry. At the moment they are using NFT, but they could totally migrate to Verax or a similar registry.

M. Conor Svensson: So one of the things that you mentioned there was Linea as well. And the Verax Registry is on Linea. What are the reasons for starting off with the Linea chain?

Arthur: So we are on Linea, we are also on Arbitrum and a few other chains. But most of the traffic is done on Linea. And I think the main reason is that Linea, as a team, and ConsenSys, as the company was a major contributor, of Verax to start with and is still a major contributor.

So ConsenSys is a key contributor to the Verax registry and as an open source protocol. And so like at Linea, we really want to foster identity and reputation use cases on the chain. And so we see Verax as a key primitive to achieve that and enable the more interesting end user facing use cases that will emerge with on-chain reputation where people can really control their data and keep the benefit of their own data compared to web2 value extraction. And so that's why we have been very keen to push Verax forward.

M. Conor Svensson: And to talk about that web2 value extraction side. So really the goal here is that people have their own identities that they can use at a sort of Internet scale to sign up for services or whatever else. But ultimately those accounts and those things that they have confirmed live on a decentralized registry instead of this data having to be stored like with Google or whichever providers you're giving email addresses and passwords to.

Arthur: Yeah, like a good example of that is all the marketplaces, for instance, whether it's like consumer to consumer like Craigslist or like even like B to C where for a vendor, their reputation is super important. If you have five stars on Airbnb, you will be able to rent your place much more easily. And the thing is that all this data lives in silos right now. And so if you get deplatformed for some reason, you are losing all of this good reputation that you had previously. And so that can really help the end user. And that's also a way for this big platform to keep the gate closed. So it would be amazing, for instance, think about a system where if I'm selling some clothes on Vinted and I have a super good history. I can bring my reputation to other marketplaces that maybe offer a better selling term or just some different approach and I will be able to sell without being tied to a platform. So that's just one example. And of course, like attestation registry on-chain could be a way to store your reputation as a vendor and then have other platforms that want to use it or display it look at the registry and display the data so that users can own it.

M. Conor Svensson: Awesome. That's super helpful.

Right. We've got about 1 minute left. So I was going to ask you in terms of which use cases and areas you're most interested in, but I think you've just answered that question. What's happening right now in terms of the big things that are on the horizon with Verax and how can people find out more about it just before we wrap up?

Arthur: Yeah, so for the second part of the question you can find out more on our website, our Twitter account. So it's ver.ax, super simple URL. So I encourage you to go there. And so the next step for us is we have this powerful primitive, that is now accessible to all for free, totally open. So our goal now is to foster more interesting use cases to emerge on the registry. Security, as I mentioned previously, is one of them. But there are many more, like reputation system, of course. So I am really excited to see the creativity of people that will surprise us with use cases that we didn't even anticipate.

M. Conor Svensson: That's it. So it's amazing, the stuff that people come up with. I'm just going to say thank you so much, Arthur, for your time today. It's been super helpful, and I hope our listeners, too, have come away with a good understanding of how attestations and where Verax fits into the picture and why they should get involved with building on this new technology. Yeah.

Arthur: Thanks, Conor. Super, great time.

M. Conor Svensson: Thanks, Arthur. Have a great day. Okay. See ya.

Arthur: Bye.