Background
Interep is a service that ties web2 identities to a reputation tier, and each reputation tier on a given web2 platform(Github, Twitter, Reddit) is a Semaphore Group which allows the user to anonymously prove that they are a part of a given “reputation set” on Interep.
By restricting access to certain resources to peers which belong to the higher reputation groups, we obtain sybil-resistance for those resources. However, this does increase the barrier of entry. For example, a new user on Github may not have the stars and followers required for a good reputation, and therefore, may miss out on membership to the “reputation set”. In support of Interep, the barrier of entry is much lower than that of a financial barrier of entry, i.e Financial stake. Financial stake is a predominant solution for sybil-resistance, but it allows actors with large coffers to create sybil identities.
RLN (Rate Limiting Nullifier) is a modification of Semaphore which effectively allows peers to derive the secret share of a peer that spams a network. This enables anonymous rate-limiting in a decentralized scenario, but can be applied in conventional situations as well.
An implementation of RLN is found in Waku, which makes use of a smart contract to handle changes to a membership set. When a peer wishes to send messages on a spam-protected content topic, they simply need to stake a nominal amount, along with their identity commitment, and relayers will validate messages sent by the peer. However, if the peer is malicious, and spams the network, their secret share is derived, and their financial stake is withdrawn by the relayer which derived their secret share.
How Interep fits in with RLN
As mentioned, to be a part of an RLN membership set in a decentralized scenario, one needs to financially stake. With Interep, we can reduce the barrier of entry by allowing only peers which belong to a medium/high reputation group to join the RLN membership set, without staking.
When this “socially staked” peer participates in spam, their secret share is revealed, and they are removed from the membership set, as usual. A third-party on-chain reputation service could then reduce the reputation for the slashed peer.
Work Done
So far, the RLN contracts have been updated and currently reside in rln-interep-contract. It is possible to register your membership on Interep, and use the same credentials for rate-limiting via RLN. A demo video is accessible here.
Future Work
Currently, Interep’s reputation service is centralized, i.e For a user to prove that they have a given reputation, they need to send an auth token to Interep’s service, through which they are added to the appropriate reputation set. There may be some effort done to decentralize this service for censorship resistance.
As mentioned previously, a third-party on-chain reputation service should reduce the reputation for a slashed peer. However, that service has not been integrated so far, and it can be done in the future.
Some careful consideration must be taken care when dealing with web2 providers, as their metrics for a non-sybil account may change over time, and a user’s reputation may change with time as well. For increased security, we may attach a timer for each registration to the membership set via Interep so that they can renew their membership with an additional proof that they still belong to the same reputation set.
There are also on-chain Interep groups available through POAPs, but they have not been integrated with this PoC. For example, If a DAO wishes to participate in rate-limiting, and should allow only its members to do so, they can issue a POAP to all the members, and the members may then use this to generate a proof that they belong to the DAO. The service can then filter traffic appropriately.