Without a central authority to keep out malicious actors, decentralized reputation systems are vulnerable to Sybil attacks. A Sybil attack is a method of manipulating a reputation system by creating fake identities. A Sybil resistant network must have a way to determine legitimacy. But how can legitimacy be determined in a way that could not be gamed by creating fake identities? This is a circular problem. Existing solutions to this problem usually involve a federated model, where some decentralization is sacrificed in exchange for Sybil resistance. The motivation behind Pistis is to implement a solution that is both Sybil resistant and 100% peer-to-peer.
What it does
Pistis operates on a web of trust and uses graph analysis and probability theory to assign a probability from 0 to 1 from any source identity (a node in the graph) to a target identity. Stated another way, every identity can look at every other identity and see a probability of legitimacy for that identity. Pistis models declarations of trust in the web of trust (the edges in the graph) as statements with some degree of confidence, or some probability of being free of errors. Given any assumption about what these edge probabilities are, Pistis calculates the aggregate probability that every independent path from one identity to another is free of errors.
How we built it
We implemented Pistis on top of Ethereum using a single smart contract to store edges in the web of trust. The Graph is used to efficiently retrieve events from the Ethereum blockchain. We have an npm package called pistis.js for easily querying trust confidence. We also have a UI to demonstrate the capabilities of Pistis, built using React.
Challenges we ran into
We spent time thinking about problems such as whether trust claims should be stored on-chain, and if so, how they should be stored. We ended up creating the simplest possible smart contract we could think of simply as a proof of concept. We also had debates about the scope of the system we were building. Should we consider "negative" trusts? What about weighted trusts, or context-based trusts (e.g. I trust my friend to drive me across town but not to perform heart surgery on me)? We ultimately decided to narrow the scope to simple claims of trust (for now at least) to keep the design as simple and generic as possible.
Accomplishments that we're proud of
We are proud to be pioneering a novel solution for decentralized trust and reputation.
What we learned
We all learned from each other's perspectives on the wide-ranging applications of decentralized trust.
What's next for pistis.protocol
The 2 biggest challenges around Pistis are currently:
- building the web of trust
- Storing the web of trust
Building the web of trust is a challenge because it requires significant amounts of data to be useful. Pistis is interested in exploring creative mechanisms to make it as seamless as possible for users to participate in and build the web of trust.
Storing the web of trust is an important engineering consideration. The current Ethereum implementation comes at the expense of gas costs, a possible barrier to entry for users. There may be off-chain methods to explore; or if Pistis is kept on-chain, various implementation approaches need to be considered.