Iris-Bound Tokens

"Wallets are the window to the soul" said no one ever. So why are we making "Soulbound tokens" bound to a wallet?

"The eyes are the window to the soul" sounds much more familiar. That's why we are creating Iris-bound tokens (IBT), to make SBTs truly soulbound.

The problem with the current design of SBTs is that they are simply non-transferable tokens attached to an address, and not to an actual person. This becomes problematic if the wallet is lost, hacked, or simply if the owner wants to migrate them to a different address. Binding them to Worldcoin's privacy preserving Proof-of-Personhood allows you to recover them in case your address is compromised, or to migrate it if you want to change your wallet address.

This is all possible by using Worldcoin's Proof of Personhood. After scanning your iris with the Worldcoin Orb and hashing it to the blockchain, you can mint unique iris-bound tokens linked to your soul.

Some of the use cases for Iris-bound tokens include:

• Recovery of NFTs when your wallet is stolen or hacked
• Videogame items that are actually soulbound
• Provable 1-person-1-vote governance
• Privacy-preserving identities (e.g. for social media)
• Curation layer for protocols to avoid sybil attacks / farming with multiple addresses
• Lens Protocol curation: preference for verified profiles

We are using Worldcoin's WorldID to create truly Soulbound Tokens, attached to a person, rather than an address. To do that, we're using the WorldID SDK.

EF's Semaphore Protocol instance in the WorldID SDK, creates Zero-Knowledge Proof-of-Personhood to people who are willing to have their identity verified in the blockchain, by hashing their iris. By doing this, it generates proofs of membership for the Semaphore instance.

WorldID SDK guarantees that the nullifier hash stays constant for a specific action ID. Using this information, we're able to bind a token to a WorldID identity instead of an Ethereum Address.

Instead of using one of the many ERCs that implement a "soulbound token/badge" (e.g. ERC-1238, ERC-4973, etc), we are implementing this system as a ERC-721 but with the transfer functions disabled (as opposed to the Soulbound Badge standard, which is simply a Non-transferable NFT). This allows the IBT (Iris-bound Token) to be recoverable if an account gets compromised, or makes it possible to migrate it to a different account.

Under the hood, we use the fact that the nullifier hash generated by the Semaphore proofs (the membership/signalling zk-SNARK protocol that WorldID uses) stays constant for a person & actionId combination. This way we can track if a person has already minted an IBT, by mapping a nullifier hash to a minted tokenId (or zero, if they haven't yet minted an IBT). An Ethereum address can also only ever own an IBT once - they can never again reclaim an IBT to prevent the possibility of replay attacks by malicious users who wish to steal back IBTs.

To make the user experience better, we're also implementing protocols like WalletConnect through Rainbowkit and WorldID, and Push (EPNS). We're also using the Pocket Network RPCs.