Cover photo

Passport Control for Onchain and Social Identities

Securing your web3 Proof of Work without going insane

Thank you to those of you that collected my writings, it helps me out and keeps me going!

Grateful to all 282 of you for reading, hope you're having a great start to your week!

Join the /nerdery channel on Farcaster.


Key Takeaways

  1. Onchain identity is the accumulation of an entity's Work that collectively makes up who they are.

  2. Ethereum Name Service (ENS) is the onchain address lookup tool to help you keep identity organized and subdomains are an excellent tool to do that.

  3. Reputation attached to your identity is the most scarce resource you have, guard it well with a cold wallet.

    • Keep three separate wallets for different activities to keep funds & identity safu.

    • Split up the ENS Owner role from the ETH Address to ensure your onchain identity can't get phished!

Individuals are defined by their actions. In other words, identity is the accumulation of all the things an individual has done. The sum and product of all their Work performed. Onchain actions and attributions give individuals a way to point to their Proof of Work (POW), be it write an article on Paragraph, go viral on Farcaster, or even hack and drain a crypto payment provider.

History in web3 is tied to static wallet addresses generated as Externally Owned Accounts (EOAs) by wallet apps like Metamask, Rainbow, and others. Losing access to that history hurts because now you've lost any and all Proof of Work tied to that address. But, you can build an identity layer and abstract it from the Ethereum address 0x123... to a moveable human-readable name like ispeaknerd.eth.

ENS - Ethereum Name Service

  • Names (ispeaknerd.eth) Ethereum addresses (0x123...)

DNS - Domain Name Service

  • Names (google.com) IP addresses (127.0.0.1)

Owners can redirect the names to new addresses if needed, like how google.com can point to a new server if something goes wrong. In this way, owners can maintain their history and identity even if they lose access to their Ethereum wallet or it becomes compromised in some way.

Secure your web3 identity to navigate the web3 digital landscape without compromising your peace of mind. In this article I'll show how Farcaster is integrating onchain and social identities and how people on Farcaster are leveraging ENS to safeguard our Proof of Work (POW) and onchain identities.

Onchain + Social Identity

Onchain identity using ENS is a self-sovereign identity, acting like a self-issued onchain passport. The current scheme uses NFTs to represent one's registration, which, while easy to transfer, can also be easily stolen if not properly secured.

More and more tools are also using Farcaster as an identity source. Unify your social identity on Farcaster with your onchain identity by adding an Farcaster record to ENS.

This will only continue to become more valuable as more and more tools learn that they can leverage Farcaster for a user's social graph and preferences.

For example, Airstack now uses Sign In With Farcaster (SIWF) to unify onchain and social identities for users. Neynar is popularizing Sign In With Neynar (SIWN) for app developers, and Drakula has shown how apps can bootstrap their entire userbase from the Farcaster social graph.

This interconnected approach ensures a robust yet flexible identity system that evolves with the web3 landscape. But it means that users now must protect both their funds and their identity.

Securing One's Identity + Assets

Ensuring your web3 identity remains secure without causing unnecessary stress boils down to smart management of your digital assets and identities. By utilizing tools like ENS and maintaining separate wallets for different activities, you can protect your funds and POW effectively.

My hot wallet ispeaknerd.eth was becoming too large of a target as my original DEGEN airdrop ballooned in value, if someone noticed and hacked my account, I'd lose it all. I moved my DEGEN out of my hot wallet for safekeeping following the Rule of Three for wallets as described in my previous article:

  1. High-value assets ("blue-chips") and large amounts of crypto should be kept in a hardware wallet, a vault account that is not directly connected to the internet. This is the least-accessed account, think of it as your safety-deposit box at the bank.

  2. Your day-to-day funds can be kept in an operational wallet, a separate internet-connected account that you use to interact with trusted entities, be they dapps, exchanges, or people.

  3. Finally, you want to have a third, risky degen wallet. This is the condom for all your other assets, preventing those untested NFT minting contracts, those unsafe airdrops, etc. from putting the rest of your money at risk. If you interact with the wrong contract and lose ALL the funds in this account, it shouldn't hurt too bad because your funds are elsewhere.... they are elsewhere, right? :|

Guide for Wallet Separation using ENS

Ok, I've convinced you. You want to protect your identity and your onchain POW. But what's the best way to keep track of all these 0x123... accounts and keep it all secure?!??

We can use ENS to get the flexibility of changeable names with the security of hardware wallets and smart accounts.

I touched on it in my initial article about Farcaster, but basically we need to separate the ENS Owner from the ETH Address record.

What are Owner, Manager, and ETH Address of an ENS?

  1. Owner: ​The owner of the ENS name - the wallet that hold the ENS name NFT.

  2. Manager: ​The manager of records - the wallet allowed to make changes to its records (but not transfer the name)

  3. ETH Address: The wallet address the ENS name points to - where funds sent to a name are received.

Full details are on the ENS support docs.

Farcaster ENS Setup

  1. The ETH Address is the wallet the ENS name points to, this will be the operational wallet we use to sign into Farcaster.

  2. Owner is the wallet that holds ENS NFT, can transfer the token to give ownership to another address. This should be your vault account, a hardware wallet or a personal multisig like SAFE for even higher security.

    • If you already have an ENS, you can send the ENS NFT to your vault account using the ENS Manager app.

Put the ENS Owner on a hardware wallet, point the ETH Address to a low-value wallet you can use daily.

The especially paranoid can easily create a new ENS subdomain for Farcaster specifically or even for their high-risk activity. For example, @sdv.eth uses hot.sdv.eth for his degen activity.

Additional Resources

  1. ENSdata.net by @pugson is a fantastic, free resource for looking up ENS and Farcaster data using simple json API call. I'm using it for my /tabletop backend services already.

  1. Local-only portfolio tracker Rotki by OG ETH dev @lefteris.eth is great and constantly adding new features! I've used it for ~2 years now.

  2. Take the Boring Security classes to level up your security knowledge and stay safe out there!

  3. Follow @zachxbt on Twitter and Farcaster

  4. Follow the /infosec channel on Farcaster

  5. Use delegate.xyz to maintain minting connection between hot & cold wallets



If you enjoyed this,

  1. Please subscribe

  1. Give me a shout on Farcaster

  2. Come join the /nerdery channel and the /infosec channel

  3. Share this post with someone who will enjoy it! You earn a referral fee when someone collects this post using your referral link.



Loading...
highlight
Collect this post to permanently own it.
0xNerdery logo
Subscribe to 0xNerdery and never miss a post.
#identity#ens#security