Cover photo

Passport Control for Onchain and Social Identities

Securing your web3 Proof of Work without going insane

iSpeakNerd

iSpeakNerd

Thank you to those of you that collected my writings, it helps me out and keeps me going!

Grateful to all 282 of you for reading, hope you're having a great start to your week!

Join the /nerdery channel on Farcaster.


Key Takeaways

  1. Onchain identity is the accumulation of an entity's Work that collectively makes up who they are.

  2. Ethereum Name Service (ENS) is the onchain address lookup tool to help you keep identity organized and subdomains are an excellent tool to do that.

  3. Reputation attached to your identity is the most scarce resource you have, guard it well with a cold wallet.

    • Keep three separate wallets for different activities to keep funds & identity safu.

    • Split up the ENS Owner role from the ETH Address to ensure your onchain identity can't get phished!

Individuals are defined by their actions. In other words, identity is the accumulation of all the things an individual has done. The sum and product of all their Work performed. Onchain actions and attributions give individuals a way to point to their Proof of Work (POW), be it write an article on Paragraph, go viral on Farcaster, or even hack and drain a crypto payment provider.

History in web3 is tied to static wallet addresses generated as Externally Owned Accounts (EOAs) by wallet apps like Metamask, Rainbow, and others. Losing access to that history hurts because now you've lost any and all Proof of Work tied to that address. But, you can build an identity layer and abstract it from the Ethereum address 0x123... to a moveable human-readable name like ispeaknerd.eth.

ENS - Ethereum Name Service

  • Names (ispeaknerd.eth) ↔️ Ethereum addresses (0x123...)

DNS - Domain Name Service

  • Names (google.com) ↔️ IP addresses (127.0.0.1)

Owners can redirect the names to new addresses if needed, like how google.com can point to a new server if something goes wrong. In this way, owners can maintain their history and identity even if they lose access to their Ethereum wallet or it becomes compromised in some way.

Secure your web3 identity to navigate the web3 digital landscape without compromising your peace of mind. In this article I'll show how Farcaster is integrating onchain and social identities and how people on Farcaster are leveraging ENS to safeguard our Proof of Work (POW) and onchain identities.

Onchain + Social Identity

Onchain identity using ENS is a self-sovereign identity, acting like a self-issued onchain passport. The current scheme uses NFTs to represent one's registration, which, while easy to transfer, can also be easily stolen if not properly secured.

More and more tools are also using Farcaster as an identity source. Unify your social identity on Farcaster with your onchain identity by adding an Farcaster record to ENS.

This will only continue to become more valuable as more and more tools learn that they can leverage Farcaster for a user's social graph and preferences.

For example, Airstack now uses Sign In With Farcaster (SIWF) to unify onchain and social identities for users. Neynar is popularizing Sign In With Neynar (SIWN) for app developers, and Drakula has shown how apps can bootstrap their entire userbase from the Farcaster social graph.

This interconnected approach ensures a robust yet flexible identity system that evolves with the web3 landscape. But it means that users now must protect both their funds and their identity.

Securing One's Identity + Assets

Ensuring your web3 identity remains secure without causing unnecessary stress boils down to smart management of your digital assets and identities. By utilizing tools like ENS and maintaining separate wallets for different activities, you can protect your funds and POW effectively.

My hot wallet ispeaknerd.eth was becoming too large of a target as my original DEGEN airdrop ballooned in value, if someone noticed and hacked my account, I'd lose it all. I moved my DEGEN out of my hot wallet for safekeeping following the Rule of Three for wallets as described in my previous article:

  1. High-value assets ("blue-chips") and large amounts of crypto should be kept in a hardware wallet, a vault account that is not directly connected to the internet. This is the least-accessed account, think of it as your safety-deposit box at the bank.

  2. Your day-to-day funds can be kept in an operational wallet, a separate internet-connected account that you use to interact with trusted entities, be they dapps, exchanges, or people.

  3. Finally, you want to have a third, risky degen wallet. This is the condom for all your other assets, preventing those untested NFT minting contracts, those unsafe airdrops, etc. from putting the rest of your money at risk. If you interact with the wrong contract and lose ALL the funds in this account, it shouldn't hurt too bad because your funds are elsewhere.... they are elsewhere, right? :|

Guide for Wallet Separation using ENS

Ok, I've convinced you. You want to protect your identity and your onchain POW. But what's the best way to keep track of all these 0x123... accounts and keep it all secure?!??

We can use ENS to get the flexibility of changeable names with the security of hardware wallets and smart accounts.

I touched on it in my initial article about Farcaster, but basically we need to separate the ENS Owner from the ETH Address record.

What are Owner, Manager, and ETH Address of an ENS?
  1. Owner: ​The owner of the ENS name - the wallet that hold the ENS name NFT.

  2. Manager: ​The manager of records - the wallet allowed to make changes to its records (but not transfer the name)

  3. ETH Address: The wallet address the ENS name points to - where funds sent to a name are received.

Full details are on the ENS support docs.

Farcaster ENS Setup

  1. The ETH Address is the wallet the ENS name points to, this will be the operational wallet we use to sign into Farcaster.

  2. Owner is the wallet that holds ENS NFT, can transfer the token to give ownership to another address. This should be your vault account, a hardware wallet or a personal multisig like SAFE for even higher security.

    • If you already have an ENS, you can send the ENS NFT to your vault account using the ENS Manager app.

Put the ENS Owner on a hardware wallet, point the ETH Address to a low-value wallet you can use daily.

The especially paranoid can easily create a new ENS subdomain for Farcaster specifically or even for their high-risk activity. For example, @sdv.eth uses hot.sdv.eth for his degen activity.

Additional Resources

  1. ENSdata.net by @pugson is a fantastic, free resource for looking up ENS and Farcaster data using simple json API call. I'm using it for my /tabletop backend services already.

  1. Local-only portfolio tracker Rotki by OG ETH dev @lefteris.eth is great and constantly adding new features! I've used it for ~2 years now.

  2. Take the Boring Security classes to level up your security knowledge and stay safe out there!

  3. Follow @zachxbt on Twitter and Farcaster

  4. Follow the /infosec channel on Farcaster

  5. Use delegate.xyz to maintain minting connection between hot & cold wallets

post image


If you enjoyed this,

  1. Please subscribe 💜

  1. Give me a shout on Farcaster

  2. Come join the /nerdery channel and the /infosec channel

  3. Share this post with someone who will enjoy it! You earn a referral fee when someone collects this post using your referral link.



iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 3 months ago

hey anyone need a video creator, dev community person, and a docs writoooooor hmu @cameron @dawufi @cassie @samuellhuber.eth @thatguyintech @linda https://ispeaknerd.github.io/

Samuel ツFarcaster
Samuel ツ
Commented 3 months ago

okay I am in live. https://ispeaknerd.github.io/posts/work-sample-2-developer-documentation/ adding a little bit more context explainers to this and a image of the results in between and it's gold Video as cherry on top. That's kind of also what I try to achieve in our docs. Do you want to write about Farcaster by chance :D

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 3 months ago

would love to, have done a fair bit of fc writing nontechnically, love to transfer that over to tech side https://paragraph.xyz/@ispeaknerd.eth/curating-chaotic-channels https://paragraph.xyz/@ispeaknerd.eth/passport-control-for-onchain-and-social-identities

dawufiFarcaster
dawufi
Commented 3 months ago

u mean u?

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 3 months ago

Yessir

dawufiFarcaster
dawufi
Commented 3 months ago

wuf

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 7 months ago

Thanks for collecting these two articles @katwolfie.eth 🙏 What was particularly valueful for you? What made them worth collecting? https://paragraph.xyz/@ispeaknerd.eth/passport-control-for-onchain-and-social-identities https://paragraph.xyz/@ispeaknerd.eth/acculturate-to-accelerate-on-farcaster

Kat 🔥Farcaster
Kat 🔥
Commented 7 months ago

I added them here! I’m going to try making a frame that’s not so clunky. I want the links to go directly to the articles. Maybe add buttons that link to the author’s pages too. https://gallery.so/katwolfie/galleries/2grAHuCQEy1EjDrcXeAK8NuqKmm

Reid DeRamusFarcaster
Reid DeRamus
Commented 9 months ago

Another Wednesday, another Weekly Digest, where we spotlight a few great pieces of writing over the past month or so. First up is @stc and his fascinating explorations into the concepts and methods behind his algorithmic plotter graphics series “Procedural Drawings”. https://paragraph.xyz/@stc/time-shifting

Reid DeRamusFarcaster
Reid DeRamus
Commented 9 months ago

Next, @rtfkt dives into the lifecycle of online communities — Inception, Establishment, Maturity, and Mitosis or Revival — and highlights the importance of communication and value to prevent community stagnation and fragmentation. https://paragraph.xyz/@kalen/the-pulse-of-online-communities-navigating-the-lifecycle

Reid DeRamusFarcaster
Reid DeRamus
Commented 9 months ago

@zoz.eth writes about how decentralized social graphs are evolving into dynamic ecosystems, but the primary challenge is achieving a self-sustaining growth cycle. Success in this domain will come from focusing on high-quality, engaging content rather than superficial feature tweaks, ensuring the amplification of ideas that attract and retain thoughtful users. https://paragraph.xyz/@0xzoz/the-infinite-client-1

Reid DeRamusFarcaster
Reid DeRamus
Commented 9 months ago

@ispeaknerd.eth discusses strategies for securing onchain and social identities in the web3 landscape using Ethereum Name Service (ENS) and Farcaster, emphasizing the importance of managing multiple wallets for different activities to safeguard one’s reputation and digital assets. https://paragraph.xyz/@ispeaknerd.eth/passport-control-for-onchain-and-social-identities

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 9 months ago

gas is dummy cheap rn fam go get the ENS for your side project! and/or update your security posture to protect your onchain identity. details in the article https://paragraph.xyz/@ispeaknerd.eth/passport-control-for-onchain-and-social-identities https://app.ens.domains/

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 9 months ago

cc @limes.eth @kevinoconnell @slobo.eth @greg

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 9 months ago

thanks for collecting @sabosscoin! appreciate it 🙏 what was valueful about the article for you?

Alex 🏴‍☠️🐺Farcaster
Alex 🏴‍☠️🐺
Commented 9 months ago

Oh great to know cheers bud. Might be a good time to extend

Cyber ParadoxFarcaster
Cyber Paradox
Commented 9 months ago

I was considering getting a new ENS to use as my main name (Kylith is what I used as my gamertag, but I feel like I could probably find something cooler since "we're so early"). Any advice for finding a good replacement?

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 9 months ago

Up to you, 6 char and less gets stupid expensive. Mine has a story and I like that but then others use memes and shit like @warpcastadmin.eth and @we who uses his address as his ENS 😂 0x42.....eth Personally think crypto identity should be separate from past history (it's a scam, going to 0 😆) but you do you Think personal significance is the most imp part, @vitalik.eth probably like the name 😆 but us pseudoanons prefer building a fresh reputation ¯\_(ツ)_/¯

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 10 months ago

This week I shipped on the #superchain 🚢🚢 shipped code for /tabletop: - use @pugson's ensdata.net to update my /tabletop subscriber data in db tied to fc data from @neynar - rewrote db write fns use header name instead of column # in gsheets Wrote: - shipped 2 articles that mint on base https://paragraph.xyz/@ispeaknerd.eth/passport-control-for-onchain-and-social-identities?referrer=0x3eEFAa9d6e2ab7972C1001D41C82BB4881389257 /tabletop community: - streamed playtests of @brennen.eth's /nouns board game Nounish on @unlonely (tokens on base) T/Th - community game night Thursday w/ @nounishprof @matthew & @jtgi - using Hypersub for community gating on base https://warpcast.com/ispeaknerd.eth/0x31bc00d7 shippers get strippers 🚢🚢

OptimismFarcaster
Optimism
Commented 10 months ago

This is quite a lot of work onchain. Kudos and keep building and creating!

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 10 months ago

Thank you! shippers get strippers 🚢🚢

binji 🔴Farcaster
binji 🔴
Commented 10 months ago

LMFAOOOOOOO

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 10 months ago

How to unify your social and onchain Proof of Work using Ethereum Name Service /ens and then secure it from scammers by following the Rule of Three for wallet security. https://paragraph.xyz/@ispeaknerd.eth/passport-control-for-onchain-and-social-identities

Spaceman Spiff 🎩🍖Farcaster
Spaceman Spiff 🎩🍖
Commented 10 months ago

Thank you for writing this, I will try and dig in later when I have more bandwidth. 222 $degen

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 10 months ago

Thanks fam appreciate it

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 10 months ago

How to unify your social and onchain Proof of Work using Ethereum Name Service /ens and then secure it from scammers by following the Rule of Three for wallet security. cc @limes.eth @slobo.eth @yb @ted @adrienne https://paragraph.xyz/@ispeaknerd.eth/passport-control-for-onchain-and-social-identities

adrienneFarcaster
adrienne
Commented 10 months ago

Are you the first to publish? 😱 🏆

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 10 months ago

shippers get strippers 🚢🚢

SteveFarcaster
Steve
Commented 10 months ago

Love the thoroughness! 3000 $degen

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 10 months ago

Thank you fam! strive for actionable value always! 💪

Christina BorrowLucid | ChonesFarcaster
Christina BorrowLucid | Chones
Commented 10 months ago

6003 $DEGEN respect!

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 10 months ago

Thanks fam!!

TovenFarcaster
Toven
Commented 10 months ago

great piece!

iSpeakNerd 🧙‍♂️Farcaster
iSpeakNerd 🧙‍♂️
Commented 10 months ago

Thanks fam, what was valueful about it for you?

TovenFarcaster
Toven
Commented 10 months ago

generally speaking security people don’t think to explain how you can be secure while increasing convenience/creating ease of use, i.e using this ENS system you can be paranoid and rotate keys often while maintaining consistent name schemes for yourself and others, so you don’t have to actively update people with your new address etc. also makes it easy to ensure you are always paid / sent shit to the safe / newest addy

Passport Control for Onchain and Social Identities