Posted on Leave a comment

What Is Distributed Identity? How Decentralized ID Works

Distributed digital identity, decentralized identity, blockchain, and distributed ledgers: what do they mean and how can they help keep my company secure?

What is a digital identity? A digital identity is information that combines all your personal online activities and data. Examples of what would make up your digital identity include usernames, passwords, online searches, date of birth, and social security number.

What Is the History of Digital Identity?

Digital identity is a critical and ever-present part of our lives. Identities play a role in almost every aspect of our lives, from business to commerce to entertainment. Additionally, many jurisdictions are turning to digital identity as civic documentation to cover identification purposes outside of the private sphere.

The history of digital identity has followed security, privacy, and usability questions, with different technologies attempting to address various aspects of these categories. One of the central challenges to digital identity has been centralization.

Centralization brings a host of problems to administrators, enterprises, and users alike:

  • Central Points of Failure: Centralized identity relies on central control over the implementation of that identity, which often means on-premise databases of login credentials (typically usernames and passwords or PINs). If that database is hacked, then those credentials are compromised and all user information has most likely been exposed.
  • Usability and Security Practices: Centralized identity schemes force organizations to either adopt outside identity management systems or implement their own—a reality that has led to a fragmentation of identity management. Users have to remember individual credentials for multiple systems, leading to poor security (from simple or reused passwords) and identity theft.
  • Lack of Ownership: The question of digital identity ownership is a lively one, with different regulations and business practices vying for control of private information. Centralized identity management requires that organizations mediate control between digital identities and users rather than placing ownership in the users’ hands.

Modern identity and access management have worked toward addressing some of these issues, primarily to support a connected, cloud-based, and secure digital world.

One of the emerging technologies to address these issues is single sign-on. The goal of SSO (also known as federated identity) is to facilitate authentication across multiple systems using a centralized repository of identities and policies.

Generally speaking, there are a few protocols through which SSO works:

Security Assertion Markup Language

SAML is an open markup language used by identity providers to format and transmit authorization credentials to other platforms or service providers. The idea is that a centralized SSO provider manages identities through a server and formats SAML authentication through an XML-based token system that connects identity providers and service providers (the organization handling your identities and the company with which you want to authenticate).

Open Authorization

As the name suggests, OAuth is more an authorization approach than an authentication method, but it can be used as part of an SSO scheme. Unlike SAML, where federation happens from a centralized identity provider across multiple service providers, it’s more often the case with OAuth that a user in an authorized session with one provider can access another provider from that session.

Of course, it bears stating that SSO is a smaller part of the larger discipline of IAM explicitly focused on how to provide federated identity and authentication without compromising security.

The problem with SSO and IAM, in general, is that they only address a small subset of issues with centralized SSO or OAuth. To start with, SSO systems still have security issues, and a compromised identity provider will still pose a risk to all users. Additionally, none of this addresses the issue of identity and data ownership.

To take steps in facing some of these lingering issues, developers and scientists are working toward developing distributed identities.

What Is Distributed Identity?

Distributed identity, also called decentralized identity, is the practice of truly removing the centralized nature of identity management from the equation.

Instead of creating localized or platform-specific usernames that rely on a single organization or consortium of participating organizations to manage, decentralization uses technology to place ownership of identity data into the hands of the users that information is supposed to represent.

How is this possible? The truth is that there isn’t a clear-cut answer yet but rather a collection of technologies that are stepping up to introduce decentralization into IAM as a whole:

  • Blockchain: Originally introduced in cryptocurrencies, like Bitcoin, as part of the nascent “Web 3.0,” the blockchain has been isolated as a uniquely powerful technology that provides an immutable, decentralized ledger of ownership. Under a blockchain, users have programs called wallets that store information and denote ownership, and this ownership is not dependent on a central organization to manage.
  • Decentralized Identifiers: Created by the World Wide Web Consortium, DID is a scheme of identity decentralization outside of blockchains proposed as a general protocol for managing identity. With DIDs, users can control their data, be protected by cryptography, and authenticate with participating organizations.

The blockchain, in particular, is part of what is currently being dubbed Web 3.0, emphasizing decentralization of control over information. It works by creating a ledger that the users of that network control through their participation, protected with cryptography.

Why Is Distributed Digital Identity So Important?

Right now, data ownership and protection are critical questions for large enterprises, governments, and end users alike. The General Data Protection Regulation is one of the most stringent privacy and security jurisdictions globally, due in no small part to its driving mission to place control of private data into the hands of consumers.

But giving users control over their digital identity and their personal data is no small task. Data is often seen as ephemeral, and users in many places (including the United States) have willingly given up control over their information to large corporations.

A distributed identity system could allow users to take control of their digital identities. Several governments have already begun to develop distributed forms of digital identities to support their citizens.

The European Union, for example, has started creating a self-sovereign identity framework built on DID and blockchain to modernize government ID for citizens. Countries like Germany, Uruguay, and Finland have started issuing electronic IDs and bank-issued eIDs to serve as national identification.

On a smaller scale, distributed identity can still benefit enterprises internally. By leveraging distributed identity systems, enterprises can connect user IDs with several different service platforms and authorization policies without reinventing or replacing existing identity systems. Additionally, enterprises can then adopt their schemes or extend existing ones offered through government agencies.

Strong Authentication and Distributed Identity with 1Kosmos

Distributed identity isn’t just a powerful new technology or the future of identification—it is a business imperative that will eventually shape how enterprise organizations integrate and adopt different types of managed services, cloud applications, and internal security measures. By working with user-owned, self-sovereign ID, businesses can mitigate some of the most significant weaknesses of centralized identity (security and usability) while expanding their ability to adapt and scale with new technologies.

BlockID from 1Kosmos provides secure authentication and promotes identity ownership through a few critical features:

  • Private and Permissioned Blockchain: 1Kosmos protects personally identifiable information in a private and permissioned blockchain and encrypts digital identities in secure enclaves only accessible through advanced biometric verification. Our ledger is immutable, secure, and private, so there are no databases to breach or honeypots for hackers to target.
  • Identity Proofing: BlockID includes Identity Assurance Level 2 (NIST 800-63A IAL2), detects fraudulent or duplicate identities, and establishes or reestablishes credential verification.
  • Streamlined User Experience: The distributed ledger makes it easier for users to onboard digital IDs. It’s as simple as installing the app, providing biometric information and any required identity proofing documents and entering any information required under ID creation. The blockchain allows these users more control over their digital identity while making authentication much easier.
  • Identity-Based Authentication: We push biometrics and authentication into a new “who you are” paradigm. BlockID uses biometrics to identify individuals, not devices, through identity credential triangulation and validation.
  • Interoperability: BlockID and its distributed ledger readily integrate with a standard-based API to operating systems, applications, and MFA infrastructure at AAL2. BlockID is also FIDO2 certified, protecting against attacks that attempt to circumvent multi-factor authentication.
  • Cloud-Native Architecture: Flexible and scalable cloud architecture makes it simple to build applications using our standard API, including private blockchains.

To discover the self-sovereign identity and BlockID, read more about 1Kosmos as a Distributed Digital Identity Solution. Also, make sure to sign up for the 1Kosmos newsletter to receive updates on 1Kosmos products and services.

Published
Author Robert MacDonald
Posted on Leave a comment

Born in the Cloud: The Next Generation of Cloud Services: New Approaches

KEY TAKEAWAYS

"Born in the cloud" is a new category of cloud services poised to make an impact on enterprises.

Born in the Cloud: The Next Generation of Cloud Services: New Approaches
Source: Filip323/Dreamstime.com

 

 

Years ago, we were talking about cloud native design as the lodestar for modern workload systems.

Now, we see the cloud as one more stepping stone toward even newer technologies that make data even more versatile and transferable.

Let's look at four of these and how they work, and how they intersect for the next generation, moving beyond the cloud age.

Distributed Cloud Solutions

With the evolution of peer to peer systems, the emergence of the Internet of Things, and the decentralization of the blockchain, cloud systems may be moving to a new place in a type of setup called "distributed cloud." Here a distributed peer to peer hardware framework runs services at the network edge, instead of in a centralized environment. This contributes to less latency and congestion on the network.

Like distributed computing, distributed cloud makes use of those individual hardware nodes that are 'out in the field.' Like the blockchain, it decentralizes certain types of control and management of system operations.

Virtualization

When we talked about no-hardware designs with "born in the cloud" systems nearly a decade ago, we were mainly talking about moving physical infrastructure from on-premises systems, to off-site in a vendor's network.

People talked a lot about the obvious savings for business that doesn't have to maintain its own server rooms anymore.

What's happened since then, though, is that virtualization has brought the next step – completely untethering hardware pieces from a physical footprint and co-locating them in larger data centers.

In other words, virtual machines don't ‘sit’ anywhere. They don't have physical connections. You don't have to get inside their guts to deal with CPU and storage capacity and other allocations.

Virtualization and the practice of using containers became one of the next big trend after companies started moving all sorts of data and operations to the cloud. It remains one of the big transfer modernizing business systems. (Read also: 10 Ways Virtualization Can Improve Security)

NoSQL Data Storage

Here's another interesting trend that's been happening over the same time period: the way we approach data storage.

First, cloud became joined by the acronym SaaS (software as a service.) There was a further innovation toward making all kinds of data operations remote and sourcing them off-site from vendor offices. (Read also: Redefining IT Decision-Making in the Age of SaaS.)

At the same time, people were figuring out better ways of retrieving data from its archived location.

When people talk about modern business data centers and data warehouses, they're not talking about traditional relational database design. At least that's the trend – away from old relational database table technology and toward a variety of approaches called noSQL.

In noSQL systems one of the big fundamental changes is that data is not identified by its particular location in a table. Instead, it's defined by its attributes with key-value pairsschemas or other types of innovations.

In other words, the data identifiers allow it to roam free in a less structured database environment, which leads to more capable queries and retrieval practices.

Web 3

As we talk about this third trend, let's also talk about cryptocurrency, which became much more of an integrated presence in our lives throughout the past four or five years.

The first cryptocurrency to make a splash was Bitcoin, and people tried to figure out how to get their heads around the concept of digital currency and blockchain technology.

Then all sorts of other cryptocurrencies started to emerge, including smart contract-handling chains like Ethereum that were able to use tokens to handle data on the blockchain.

Along with that, there was a move toward something called web 3 or the semantic web.

The idea here is that data can move from a simple cloud approach to a more refined place where it exists within semantic structures, noSQL environments and perhaps moves through blockchain oriented processes.

These new trends also mingle with one another.

For instance, BrightStar has developed a resource that is billed by its makers as an “ACID-compliant RDF triple store” that uses a data object layer and semantic web standards to approach data in a whole new way.

Part of the similarity with blockchain and semantic web systems is the use of data objects instead of basic exploration of data locations. Some people describe semantic web as a mapping of the Internet, and others talk about decentralized approaches to networking that complement the decentralization of cryptocurrencies like Bitcoin.

In addition to blockchain technology and cryptocurrency, an emerging aspect of this new web is the metaverse. Described by Mark Zuckerberg as an "embodied internet" where the user is actually part of the experience, this new cloud born tech has been making waves and inspiring many predictions about how exactly it will impact the world. By improving the virtual reality experience, the metaverse is poised to make exciting waves in many lifestyle, gaming and ecommerce sectors, and beyond. (Read also: Gaming, Fashion, Music: The Metaverse Across Industries.)

Conclusion

Virtualization, distributed cloud systems, immutable blockchains and noSQL data environments are continually being refined. They are an integral part of what's going to help our data world evolve beyond what was born in the cloud several years ago as they continue to change in an effort to anticipate and meet the needs of enterprise.

By 

" data-original-title="Written by">Justin Stoltzfus | Reviewed by 
" data-original-title="Reviewed by">Kuntal ChakrabortyCheckmark
Published: April 8, 2022

Posted on Leave a comment

Tech’s On-Going Obsession With Virtual Reality

 
KEY TAKEAWAYS

Virtual reality and augmented reality have been steadily evolving for decades, but still haven't lived up to the expectations of many. Here's a look at the current state of VR and AR, and where they're likely to go.

Virtual reality (VR) has been one of the most important technological crazes of modern times. Although the original idea can be traced back to the early '80s, in the last few years we've kept hearing the same question being asked over and over:

"Is THIS the year of VR?"

Because of the inherent limits of our current technologies, VR still struggles to make its breakthrough and become an everyday use product. (Read also: VR/AR Where We Are and Where We Came From.)

Before diving deeper into the topic, let's first take a look at what VR was supposed to be, and what it actually has become, or at least promises to be, instead.

What Is Virtual Reality?

VR equipment consists of headsets and other gadgets used to project a person's virtual image in an artificial world. The general idea is to be able to interact within a virtual reality that is as realistic as possible with objects and other individuals that may also share the same space. In addition to traditional VR goggles, many other items such as gloves and headphones have been added to modern equipment.

Virtual reality seemed to capture public imagination during the '80s and '90s, when movies like "Johnny Mnemonic" and "The Lawnmower Man" fired up a real craze. However, back then, this technology was still very rudimentary and never managed to go beyond unreliable devices such as the infamous Nintendo Power Glove.

Today VR development has come back with devices such as the Oculus Rift, YouTube 360° videos and... well... obviously full-immersive adult movies.

Differences Between Virtual Reality and Augmented Reality

Virtual Reality should not be confused with augmented reality (AR). VR tries to simulate reality through visual and auditory stimulation, while AR just builds on existing reality by enhancing it with digital projections.

AR usually consists of apps and software used on mobile devices to add virtualized elements to the real world. (Read also: Augmented Reality 101.)

Examples of AR include pop-out 3-D emails and text messages, virtual makeup mirrors and apparel color-changing apps. AR can be used to enhance reality by, for example, building physical objects via 3-D printers after they have been "virtualized" from 3-D pictures.

VR offers a believable reconstruction of real-life for entertainment purposes, while AR adds virtual elements to the real world.

Current Status and Future Potentialities

Silicon Valley kept building VR for quite some time, but where is this technology now other than the fleeting entertainment that "Pokemòn Go" provided us with?

Truth be told, much of the current hype about VR technology revolves around a few interesting gadgets. One of the most popular VR headsets is the Oculus Rift, which began as a Kickstarter campaign before Facebook bought it in 2014. Together with the Sony PlayStation VR and the HTC Vive, these devices revolutionized the gaming scenario.

The addition of integrated hardware such as motion-tracked controllers and an extremely immersive experience made these headsets quite popular among gamers. However, the relatively small gaming library and a price that is still far from truly being affordable to the average person are factors that currently prevent these from becoming mainstream.

VR tech is more than just video games, though. According to experts' predictions, in the next 10 years the VR sector will be worth $38 billion. Retailers such as Ikea started their first experiments to let customers view and move about their new appliances or kitchens via a virtual reality headset and controllers. Marks & Spencer launched its first virtual reality showrooms and Volvo designed a virtual driving experience with the Google Cardboard headset.

Will VR Be the Future of Smartphones?

Extremely influential individuals such as Mark Zuckerberg provided some interesting insight on how current smartphone technology seemingly reached a technological impasse. According to his opinion, the competition with Google and Apple is preventing Facebook from developing its full potential in the VR world.

Integration between smartphones and VR can instead be the most probable solution. Programming legends such as John Carmack (the father of "Doom" and "Quake III Arena") are betting on the development of Gear VR, a technology that can make smartphone VR a reality. It's still too early to say whether VR is going to be the solution and the future of social networks as a whole. However, this is definitely the place where Google Glass and Microsoft's HoloLens are looking to.

Possible Medical Applications of VR Technology

One of the latest trends for VR tech is to use it to treat some diseases and conditions. A lot of medical research on its possible applications other than entertainment and media is going on. VR headsets have been used to help phobic patients fight their fears in a controlled environment.

Soldiers who suffer from post-traumatic stress disorder (PTSD) have been treated with it since 1997, when Georgia Tech developed the first Virtual Vietnam VR. Other applications include pain management and social cognition training for autistic patients. (Read also: How AI in Healthcare is Identifying Risks and Saving Money. )

Augmented reality, on the other hand, is currently being used for advanced 3-D imaging by surgeons at the Lucile Packard Children’s Hospital Stanford and Stanford Health Care. Physicians can get a better view of patient anatomy that helps them during delicate operations such as valve replacement.

Controversial Aspects

Just like any other groundbreaking discovery, VR technology is not devoid of potentially negative aspects. A quite modern controversy recently arose, since it's almost inevitable that a large portion of VR landscape will focus on the adult entertainment industry.

This world is still seen as a male-dominated one that only recently saw some form of parity in the form of LGBT adult material. A new technology may, however, cause this hardly gained progress to take several steps backward. Larger companies will probably focus on mainstream male-oriented content, forcing niche audiences to be initially crowded out, if not excluded.

Other possible controversies include social isolation and ethical issues (mostly related to video gaming violence). As violence in the form of firefights and armed battles will take place in such a realistic and immersive way, younger or psychologically unstable consumers can be strongly affected. (Read also: Finite State Machine: How it Has Affected Your Gaming for Over 40 Years.)

Whether this influence would be negative or positive is yet unknown, but many developers would have to ensure that the content of a game can still be perceived as different from reality. Striking the right balance between fiction and realism can be hard, however, as the sense of distance that usually provides players with a safety net can be lost.

Final Thoughts

Despite the hype, VR technology is still in its earliest stages of development. However, it definitely is an enfant prodige, and we surely want to be there to witness the moment when this promising invention will finally go beyond its first steps.

By 

  • " data-original-title="Written by">Claudio Buttice
    Published: August 28, 2020 | Last updated: February 17, 2022

    Posted on Leave a comment

    Functional NFT’s

    Functional NFTs are changing the ways we interact with each other and the gaming experience. Earlier, NFTs were limited to products but now it’s putting a value on services too. Now with functional NFTs, you can choose to buy an experience rather than a piece of art. 

    Non-Fungible Tokens (NFTs) have stirred up things in the world of art. While the underlying technology behind NFTs remains simple. They have morphed into multiple applications some of which we shall discuss soon. Traditionally there have been five categories of NFTs: Collectibles, Game Assets, Virtual Land, Crypto Art and Others (including domain names, property titles) etc. Currently, there seems to be another category that has been getting some buzz in the industry. This new player is called “Functional NFTs”. 

    What are Functional NFTs?

    Let’s discuss what Functional NFTs are first. The meaning should be clear from the name itself. NFTs that provide some sort of functionality. It could be a game asset that performs some function. For example, if a game has an avatar as an NFT and it provides certain functionality, then it can be called a Functional NFT. This functionality can be seen as accruing points in a game or giving the player some special power.

    Another example can be an NFT created by a restaurant owner. The NFT works as a pass for one person to have dinner on Sunday at the restaurant. Therefore the NFT has some functionality and serves a given purpose. In a similar fashion imagine walking into a club and not having to stand in a line. Well, there can be an NFT for that too. Owning that NFT can give you free access to the club and since you own the NFT, people do not need to check for your ID. 

    Normal vs Functional NFTs

    Moreover, there has been a heated debate about value accrual in normal NFTs vs Functional NFTs. The argument is that non-functional NFTs are easier to make and are sold quickly on the market. Thus acquiring value quickly. In comparison to that Functional NFTs such as in games need to be thought about. It takes time to build a great experience around the basic utility of the functional NFT.

    Consequently taking more time to build value. For example, Axie Infinity, a Pokemon-like game that allows players to collect, breed and battle creatures. It was launched in 2018, but it was quite different then from what it is right now. The developer team had multiple iterations to finesse the game experience. Once the gaming experience was finessed, the NFT assets within the game accrued value. The phenomenon is termed as “Promise Effect” which says that an NFT that promises some experience will accrue value slower than a non-functional NFT.

    A new type of Functional NFTs

    HODL Valley, a new metaverse gaming project is trying to create a tokenized city. One among many of its features is Functional NFT, but these NFTs take it a step too far. HODL Valley contains around 24 different locations, each with a specific function and utility. These locations are connected to DApps which carry out the functionality for users. These locations can be purchased in-app and the revenues generated by them can be taken home by the NFT owner. For example, let’s say a bank has been represented by an NFT. Since it’s connected to a DApp, it can provide lending and borrowing services. As other users in the game play and use the bank. The NFT owner, who is, in turn, the owner of the bank will be able to generate an income stream from it. That is how functional NFTs have been pitched recently. 

    These functional NFTs are bound to change the way we interact with games and real life. With added functionality, individuals can get a unique experience. It’s not just a token anymore which represents value, it’s a function in itself. If NFTs was money then it was only selling products until now. Now, it has started moving into services too.

    Posted on Leave a comment

    China’s Weibo shows user locations to combat ‘bad behaviour’

    BEIJING, April 28 (Reuters) – Weibo , China’s equivalent of Twitter, told users on Thursday it would start to publish their IP locations on their account pages and when they post comments, in a bid to combat “bad behaviour” online.

    The move, posted on Weibo’s official account, garnered over 200 million views and was widely discussed, with some users rattled by the perceived reduction in their online anonymity.

    “Every IP address seems to be whispering in your ear: ‘You be careful,'” wrote user Misty.

    Others, however, said they were supportive of the measures, in light of COVID-related misinformation.

    “Especially at a time when the COVID situation is still serious, IPs being swiftly revealed can effectively reduce the appearance of disgusting content from rumour-makers and rumour-spreaders,” wrote user UltraScarry.

    Weibo, which has over 570 million monthly active users, said users’ IP addresses would be displayed under new settings which came into effect on Thursday and cannot be turned off by users.

    For users in China, the platform will display the province or municipality where they are posting from, it said. For those using Weibo overseas, the country of users’ IP addresses will be displayed.

    The settings are designed to “reduce bad behaviour such as impersonating parties involved in hot topic issues, malicious disinformation and traffic scraping, and to ensure the authenticity and transparency of the content disseminated,” it said in a notice.

    “Weibo has always been committed to maintaining a healthy and orderly atmosphere of discussion and protecting the rights and interests of users to quickly obtain real and effective information,” the notice read.

    The effects of the new rules were already visible underneath the notice, as thousands of user comments all carried an extra label indicating the province or municipality of the user’s IP address.

    Last month, Weibo said it would begin testing these settings on some users in response to misinformation relating to the Ukraine-Russia war.

    China tightly controls its cyberspace and in the past year has been stepping up efforts to “clean up” the internet. Chinese social media sites that fail to censor critical content face financial sanctions as well as temporary suspensions of service under current law.

    Weibo, which has been on the receiving end of several fines from China’s cyberspace regulator over the past year, frequently publishes notices about its efforts to combat bad behaviour online, including posting the names of accounts punished.

    It has not publicly addressed, however, instances of accounts being suspended or banned for merely expressing dissenting opinions, such as supporting Ukraine or criticising Russia over the ongoing war. 

    Posted on Leave a comment

    Decentralized Autonomous Organization (DAO)

    What Was the Decentralized Autonomous Organization (DAO)?

    One of the major features of digital currencies is that they are decentralized. This means they are not controlled by a single institution like a government or central bank, but instead are divided among a variety of computers, networks, and nodes. In many cases, virtual currencies make use of this decentralized status to attain levels of privacy and security that are typically unavailable to standard currencies and their transactions.

     

    Inspired by the decentralization of cryptocurrencies, a group of developers came up with the idea for a decentralized autonomous organization, or DAO, in 2016.1

     

    KEY TAKEAWAYS

    • The DAO was an organization created by developers to automate decisions and facilitate cryptocurrency transactions.
    • In June 2016, due to programming errors and attack vectors, hackers attacked the DAO, accessing 3.6 million ETH.
    • Digital exchange currencies de-listed the DAO token in September 2016.

    Understanding the Decentralized Autonomous Organization (DAO)

    The DAO was an organization that was designed to be automated and decentralized. It acted as a form of venture capital fund, based on open-source code and without a typical management structure or board of directors. To be fully decentralized, the DAO was unaffiliated with any particular nation-state, though it made use of the ethereum network. 

     

    Why make an organization like the DAO? The developers of the DAO believed they could eliminate human error or manipulation of investor funds by placing decision-making power into the hands of an automated system and a crowdsourced process. Fueled by ether, the DAO was designed to allow investors to send money from anywhere in the world anonymously. The DAO would then provide those owners tokens, allowing them voting rights on possible projects.

     

    The DAO launched in late April 2016 thanks to a month-long crowdsale of tokens that raised more than $150 million in funds.2 At the time, the launch was the largest crowdfunding fundraising campaign of all time.

     

    Criticisms of the DAO

    By May 2016, the DAO held a massive percentage of all ether tokens that had been issued up to that point (up to 14%, according to reporting by The Economist).3 At roughly the same time, however, a paper was published which addressed several potential security vulnerabilities, cautioning investors from voting on future investment projects until those issues had been resolved.

     

    Later, in June 2016, hackers attacked the DAO based on these vulnerabilities. The hackers gained access to 3.6 million ETH, worth about $50 million at the time.4 This prompted a massive and contentious argument among DAO investors, with some individuals suggesting various ways of addressing the hack and others calling for the DAO to be permanently disbanded. This incident also figured prominently in the hard forking of ethereum that took place shortly thereafter.

     

    According to IEEE Spectrum, the DAO was vulnerable to programming errors and attack vectors.5 The fact that the organization was charting new territory in terms of regulation and corporate law likely did not make the process any easier. The ramifications of the structure of the organization were potentially numerous: investors were concerned that they would be held liable for actions taken by the DAO as a broader organization.

     

    The DAO operated in murky territory about whether or not it was selling securities, as well. Further, there were long-standing issues regarding the way that the DAO would function in the real world. Investors and contractors alike needed to convert ETH into fiat currencies, and this could have impacted the value of ether.

     

    Following the contentious argument over the DAO's future and the massive hacking incident of earlier in the summer, in September 2016, several prominent digital currency exchanges de-listed the DAO token, marking the effective end for the DAO as it was initially envisioned.67

     

    In July 2017, the Securities and Exchange Commission (SEC) issued a report, which determined that the DAO sold securities in the form of tokens on the ethereum blockchain, violating portions of US securities law.8

    Future of the DAO

    What does the future hold for the DAO? The DAO as originally envisioned had not returned as of mid-2020. Nonetheless, interest in decentralized autonomous organizations as a broader group continues to grow. In 2021, The Maker Foundation, an icon in the crypto industry as the original champion of DAO, announced that it was officially turning operations over to MakerDAO (creator of the DAI stablecoin) and would dissolve by the end of the year.9

     

    While there are many lingering concerns and potential issues regarding legality, security, and structure, some analysts and investors believe that this type of organization will eventually come to prominence, perhaps even replacing traditionally structured businesses.

     

    Dash

    The popular digital currency Dash is an example of a decentralized autonomous organization because of the way it is governed and the way its budgeting system is structured. It may only be a matter of time before additional DAOs enter the field.

     

    Investing in cryptocurrencies and other Initial Coin Offerings ("ICOs") is highly risky and speculative, and this article is not a recommendation by Investopedia or the writer to invest in cryptocurrencies or other ICOs. Since each individual's situation is unique, a qualified professional should always be consulted before making any financial decisions. Investopedia makes no representations or warranties as to the accuracy or timeliness of the information contained herein. As of the date that this article was written, the author owns cryptocurrencies.

     

     

    decentralized autonomous organization (DAO), sometimes called a decentralized autonomous corporation (DAC),[a] is an organization represented by rules encoded as a computer program that is transparent, controlled by the organization members and not influenced by a central government, in other words they are member-owned communities without centralized leadership.[1][2] A DAO's financial transaction record and program rules are maintained on a blockchain.[3][4][5] The precise legal status of this type of business organization is unclear.[6]

    A well-known example, intended for venture capital funding, was The DAO, which amassed $150 million in crowdfunding in May 2016, and was hacked and drained of US$50 million in cryptocurrency weeks later.[7] The hack was reversed in the following weeks, and the money restored, via a hard fork of the Ethereum blockchain. Most Ethereum miners and clients switched to the new fork while the original chain became Ethereum Classic.

    Background

    Decentralized autonomous organizations are typified by the use of blockchain technology to provide a secure digital ledger to track digital interactions across the internet, hardened against forgery by trusted timestamping and dissemination of a distributed database.[3][4][8] This approach eliminates the need to involve a mutually acceptable trusted third party in any decentralized digital interaction or cryptocurrency transaction.[4] The costs of a blockchain-enabled transaction and of the associated data reporting may be substantially offset by the elimination of both the trusted third party and of the need for repetitive recording of contract exchanges in different records. For example, the blockchain data could, in principle and if regulatory structures permit it, replace public documents such as deeds and titles.[3]: 42 [4] In theory, a blockchain approach allows multiple cloud computing users to enter a loosely coupled peer-to-peer smart contract collaboration.[3]: 42 [9]

    Vitalik Buterin proposed that after a DAO is launched, it might be organized to run without human managerial interactivity, provided the smart contracts are supported by a Turing-complete platform. Ethereum, built on a blockchain and launched in 2015, has been described as meeting that Turing threshold, thus enabling such DAOs.[3][10][11] Decentralized autonomous organizations aim to be open platforms through which individuals control their identities and their personal data.[12]

    Governance

    DAO governance is coordinated using tokens or NFTs that grant voting powers. Admission to a DAO is limited to people who have a confirmed ownership of these governance tokens in a cryptocurrency wallet, and membership may be exchanged. Governance is conducted through a series of proposals that members vote on through the blockchain, and the possession of more governance tokens often translates to greater voting power. Contributions from members towards the organizational goals of a DAO can sometimes be tracked and internally compensated. Inactive holders of governance tokens can be a major obstacle for DAO governance,[5] which has led to implementations of allowing voting power to be delegated to other parties.

    Issues

    Social

    Inactive or non-voting shareholders in DAOs often disrupt the organization's possible functionality.[5]

    Legal status, liability, and regulation

    The precise legal status of this type of business organization is generally unclear,[8] and may vary by jurisdiction. On July 1, 2021, Wyoming became the first US state to recognize DAOs as a legal entity.[13] American CryptoFed DAO became the first business entity so recognized.[14] Some previous approaches to blockchain based companies have been regarded by the U.S. Securities and Exchange Commission as illegal offers of unregistered securities.[6][15] Although often of uncertain legal standing, a DAO may functionally be a corporation without legal status as a corporation: a general partnership.[16] Known participants, or those at the interface between a DAO and regulated financial systems, may be targets of regulatory enforcement or civil actions only if they are out of compliance with the law.[16]

    Security

    A DAO's code is difficult to alter once the system is up and running, including bug fixes that would be otherwise trivial in centralized code. Corrections to a DAO require writing new code and agreement to migrate all the funds. Although the code is visible to all, it is hard to repair, thus leaving known security holes open to exploitation unless a moratorium is called to enable bug fixing.[17]

    In 2016, a specific DAO, "The DAO", set a record for the largest crowdfunding campaign to date.[18][19] Researchers pointed out multiple problems with The DAO's code. The DAO's operational procedure allowed investors to withdraw at will any money that had not yet been committed to a project; the funds could thus deplete quickly.[5] Although safeguards aimed to prevent gaming shareholders' votes to win investments,[6] there were a "number of security vulnerabilities".[20] These enabled an attempted large withdrawal of funds from The DAO to be initiated in mid-June 2016.[21][22] On July 20, 2016, the Ethereum blockchain was forked to bail out the original contract.

    DAOs can be subject to coups or hostile takeovers that upend its voting structures especially if the voting power is based upon the number of tokens one owns. An example of this occurred in 2022, when Build Finance DAO suffered a coup in which one person amassed enough tokens to get a vote passed, then voted to give themselves full control of the DAO, then, using this power, they drained all of the money from the DAO.[23]

    List of notable DAOs

     
    Name Token Use cases Network Launch Status
    Dash DASH Governance, fund allocation [24] Dash (cryptocurrency) May 2015[25] Operational since 2015[26][27][28]
    Steem STEEM Data distribution, Social media, Name services, Industrial Steem March 2016 Operational
    The DAO DAO Venture capital Ethereum April 2016 Defunct late 2016 due to hack[29]
    Augur REP Prediction marketSports bettingOption (finance)Insurance Ethereum July 2018 Operational
    Uniswap UNI Exchange, Automated Market Making Ethereum November 2018 Operational[30]
    BitDAO BitDAO Build the future of finance in a decentralized way. Ethereum August 2021 Operational[31]
    ConstitutionDAO PEOPLE Purchasing an original copy of the Constitution of the United States Ethereum November 2021[32] Defunct[33]
    AssangeDAO $JUSTICE[34] Purchased Clock, an NFT artwork by Pak, to fund legal defense of WikiLeaks' founder Julian Assange Ethereum February 2022[35] Operational

    See also

    Notes

    1. ^ Depending on English dialect, it may also be spelled decentralised autonomous organisation. The terms decentralized autonomous companydistributed autonomous organization, etc., have also been used.

    References

    1. ^ Prusty, Narayan (27 April 2017). Building Blockchain Projects. Birmingham, UK: Packt. p. 9. ISBN 9781787125339.
    2. ^ The Decentralized Autonomous Organization and Governance Issues Regulation of Financial Institutions Journal: Social Science Research Network (SSRN). 5 December 2017.
    3. Jump up to:a b c d e Vigna, P.; Casey, M. J. (27 January 2015). The Age of Cryptocurrency: How Bitcoin and the Blockchain Are Challenging the Global Economic Order. St. Martin's Press. ISBN 9781250065636.
    4. Jump up to:a b c d Hodson, H. (20 November 2013). "Bitcoin moves beyond mere money"New Scientist.
    5. Jump up to:a b c d "The DAO of accrue: A new, automated investment fund has attracted stacks of digital money"The Economist. 21 May 2016.
    6. Jump up to:a b c Popper, N. (21 May 2016). "A Venture Fund with Plenty of Virtual Capital, but No Capitalist"New York Times.
    7. ^ Price, Rob (17 June 2016). "Digital currency Ethereum is cratering amid claims of a $50 million hack"Business Insider. Retrieved 17 June 2016.
    8. Jump up to:a b Wright, A; De Filippi, P. (10 March 2015). "Decentralized Blockchain Technology and the Rise of Lex Cryptographia". SSRN 2580664.
    9. ^ Norta, A. (18 August 2015). "Creation of Smart-Contracting Collaborations for Decentralized Autonomous Organizations". Perspectives in Business Informatics Research. Lecture Notes in Business Information Processing. Vol. 229. pp. 3–17.
    10. ^ Pangburn, D. J. (19 June 2015). "The Humans Who Dream of Companies That Won't Need Us"FastCompany.
    11. ^ Evans, J. (1 August 2015). "Vapor No More: Ethereum Has Launched"TechCrunch.
    12. ^ Deegan, P. (2014). "Chapter 14—The Relational Matrix: The Free and Emergent Organizations of Digital Groups and Identities". In Clippinger, J. H.; Bollier, D. (eds.). From Bitcoin to Burning Man and Beyond: The Quest for Identity and Autonomy in a Digital Society. Amherst, Massachusetts: Institute for Institutional Innovation. pp. 160–176. ISBN 978-1-937146-58-0creating an operational and autonomous Trust Framework [that can i]ntegrate with a secure discovery service in the form of a Decentralized Autonomous Organization ...
    13. ^ "Decentralized Autonomous Organizations Find a Home in Wyoming"JD Supra. Retrieved 9 July 2021.
    14. ^ "Wyoming becomes first US state to legally recognise DAO"finance.yahoo.com. Retrieved 9 July 2021.
    15. ^ "SEC Charges Bitcoin Entrepreneur With Offering Unregistered Securities"US Securities and Exchange Commission. 3 June 2014.
    16. Jump up to:a b Levine, M. (17 May 2016). "Blockchain Company Wants to Reinvent Companies". Bloomberg View: Wall Street. Bloomberg News.
    17. ^ Peck, M. (28 May 2016). "Ethereum's $150-million Blockchain-powered Fund Opens Just as Researchers Call For a Halt"IEEE SpectrumInstitute of Electrical and Electronics Engineers.
    18. ^ Vigna, P. (16 May 2016). "Chiefless Company Rakes in More Than $100 Million"Wall Street Journal.
    19. ^ Waters, R. (17 May 2016). "Automated company raises equivalent of $120M in digital currency"Financial Times.
    20. ^ Popper, N. (27 May 2016). "Paper Points Up Flaws in Venture Fund Based on Virtual Money"The New York Times.
    21. ^ Popper, N. (17 June 2016). "Hacker May Have Taken $50 Million From Cybercurrency Project"New York Times.
    22. ^ Price, R. (17 June 2016). "Digital currency Ethereum is cratering amid claims of a $50 million hack"Business Insider. Retrieved 17 June 2016.
    23. ^ "Democratic DAO Suffers Coup, New Leader Steals Everything - VICE"www.vice.com. Retrieved 16 February 2022.
    24. ^ Duffield, Evan (22 April 2015). "Self-sustainable Decentralized Governance by Blockchain"dash.org/forum.
    25. ^ Duffield, Evan (14 May 2015). "GitHub commit adding Dash DAO feature"github.com/dashpay. Retrieved 7 April 2021.
    26. ^ Duffield, Evan (28 August 2015). "Budgets Are Live"dash.org/forum.
    27. ^ Engelhorn, Philipp (7 September 2015). "First 3 Superblocks!"dash.org/forum. Retrieved 7 April 2021.
    28. ^ "First Blockchain DAO payout"blockchair.com/dash. 7 September 2015. Retrieved 7 April 2021.
    29. ^ Finley, Klint (18 June 2016). "Someone Just Stole $50 Million from the Biggest Crowdfunded Project Ever (Humans Can't Be Trusted)"WiredISSN 1059-1028. Retrieved 16 November 2019.
    30. ^ "OpenOrgs.info"openorgs.info. Retrieved 15 January 2022.
    31. ^ "BitDAO price today, BIT to USD live, marketcap and chart"CoinMarketCap. Retrieved 20 April 2022.
    32. ^ Roose, Kevin (17 November 2021). "They Love Crypto. They're Trying to Buy the Constitution"The New York TimesISSN 0362-4331. Retrieved 17 November 2021.
    33. ^ Fox, Matthew (19 January 2022). "Tokens of the defunct DAO that failed to buy a copy of the constitution are worth $300 million even after disbanding"news.yahoo.com. Retrieved 28 January 2022.
    34. ^ "Justice Token". AssangeDAO. Retrieved 14 April 2022.
    35. ^ Reuters (9 February 2022). "'Cypherpunks have rallied to Assange': NFT auction raises $52m for WikiLeaks founder"The Guardian.
    Virtual Identity
    0