Authentication is important, but so is anonymity for many. A balance must be struck.
— Elon Musk (@elonmusk)
In a well-studied and famous letter dated October 17, 1788 from James Madison to Thomas Jefferson, Madison discusses the proposed Bill of Rights and his plan for getting it passed in the first session of Congress. One fact that many do not know is that the letter is encrypted in part using a cipher invented by Thomas Jefferson. In the letter, Madison details the bitter and extremely contentious politics among the states, especially between the prominent Anti-Federalists and the Federalists like themselves. Madison’s chief concern was passing the Bill of Rights to quell any organized opposition to the Constitution. Political persecution was rampant and serious enough that Madison and Jefferson made careful use of encryption to avoid being doxxed and canceled because of their private political opinions.
The use of technology by the founding fathers was not limited to using encryption for confidentiality. Starting in the 1720’s Benjamin Franklin wrote scandalous articles using the penname Mrs. Silence Dogood. Franklin went on to establish a popular political movement against the British crown using what amounted to pseudonymous shitposting on the 18th century equivalent of Twitter—his local newspaper. His public politicking continued for decades with effort posts such as his 1747 political pamphlet “Plain Truth” and memes such as his 1754“Join or Die” cartoon (Figure 2); both published pseudonymously. The pseudonymity of the public platform allowed Franklin to avoid persecution and prosecution by the crown while famously campaigning for independence with humor and wit. A key component of American domestic politics has always been the use of technology to foment robust political debate and zeitgeist maintenance, specifically through pseudonymous free speech.
Without the ability to use technology to securely coordinate political actions and then garner wide support through pseudonymous public politicking, the founding fathers may never have ignited the revolution and united around the founding principles. In the 300 years since Benjamin Franklin first published his pseudonymous letters as Mrs. Silence Dogood, very little has changed in the need for technology—in the service of confidentiality and pseudonymity—to have an honest and open political debate.
The founding fathers knew the core struggle between individual liberty and the power of the state was, and still is, about centralization versus decentralization. They specifically structured the Constitution to divide power between the different branches of government and between the federal and state governments. They also knew that technology empowered individuals against the state because they effectively applied it against the British crown and then later during the formation of the United States. The Bill of Rights enshrines the rights of the people to speak freely and to be free from unreasonable searches and seizures. The use of technology to support those rights is, and has always been, implied.
It’s an internal civil war, in a hybrid war context, over truth and over information. Centralization versus decentralization, basically. It’s no longer about left or right, it’s about up versus down. It’s about power versus those who don’t have power.
— Maajid Nawaz, 2022
I personally define the word “decentralization” to mean: the direction in which individual sovereignty and liberty increases. In the historical political context, decentralization is about the government operating by the consent of the governed. It is about individuals having the power and right to speak their mind freely in a public context without an implied threat of harmful physical or social consequences such as being canceled. It is also about providing everybody the means to communicate securely and privately using encryption tools that have changed little in their social effect since Madison and Jefferson used them to discuss the Bill of Rights.
Elon Musk’s purchase of Twitter reignites the debate over centralization versus decentralization. Elon’s goal of making Twitter into a free speech platform runs directly into the most difficult, and oldest, technical problem facing the internet: authenticating all humans—which centralizes power—while also maintaining the decentralizing force of pseudonymous free speech. Or more simply, how do we maintain pseudonymity to encourage the full range of lawful free speech while also deanonymizing those who use the platform for unlawful purposes? Even the Electronic Frontier Foundation noted a few days ago “There are no easy ways to require verification without wreaking havoc for some users, and for free speech.” The perpetual worry with unrestricted and anonymous free speech is that popular platforms facilitate illegal activity such as drug and human trafficking as well as child exploitation through the creation and dissemination of child pornography. These concerns are legitimate, and Twitter must contend with them.
Pseudonymity vs Anonymity
Anonymity means having no name at all, not even an alias. Pseudonymity is an author writing under a pen name such as Benjamin Franklin writing as Mrs. Silence Dogood or John Jay et alii writing as Publius. To remain lawful, Twitter would support pseudonymous free speech where users are unknown to Twitter but subject to unmasking by court order in support of law enforcement.
Is there a new way—some new technology—that Twitter can use to both “authenticate all real humans” while also preserving pseudonymity on the platform? The title of this article suggests the answer is “yes” and the solution draws its inspiration from the separation of powers the founding fathers used to decentralize the power structure of the United States and protect individual liberty. The rest of this article details a new approach based on applied cryptography to decentralize one key piece of Twitter just enough so that the platform can both authenticate all real humans and also support pseudonymity by default.
Speaking of decentralization, before your mind goes down the road of Web3, blockchains,cryptocurrencies, and NFTs, let me stop you. None of what I describe implies the use of any Web3 technologies. First of all, if Twitter adopts the Web3 approach of tying every piece of data to a cryptocurrency token, there is no way to scale blockchains to meet the demands of Twitter’s roughly 500 million tweets per day and authentication for their 320 million users. Even the best layer 2 scaling solutions are only talking about doing single-digit millions of transactions per day. Second of all, blockchains generally don’t support data portability and function as data silos in the same vein as Facebook and Google. Blockchains are distributed but they are not decentralized. Lastly, Twitter’s problems mostly lie with digital identity and the current generation of decentralized identity solutions suffer from both scalability and portability issues with no real world deployments larger than a few hundred thousand credentials.
Our first-of-its-kind solution that enables both authentication and pseudonymity is built using technology such as “cryptographic qualifications” and “provenance logs” to support the construction of what is called the authentic data economy. Much like Bitcoin, it is not built with brand new cryptographic inventions but rather from a novel arrangement of existing, open source, and time tested cryptographic techniques. I think the widespread adoption of the authentic data economy represents a disruption of the same magnitude as Bitcoin.
This provable authenticity comes from 50 years of research and trial and error by our group of open source cryptography veterans. The inspiration for it started back in the late1990’s with the creation of the certificate authority system combined with lessons learned from our work on Firefox, Tor Project, Second Life, Bitcoin, Salesforce, PayPal, MuleSoft, LexisNexis Risk, Heroku, GitLab, CU Ledger, and Hyperledger. To realize the authentic data economy we first established a set of principles—the principles of user sovereignty—that guided our engineering. The end result is a set of techniques for a fully decentralized way of publishing any data as verifiably authentic, at scale. That means anybody can verify where data came from, that it hasn’t changed, and that the creator has not “revoked”it. This doesn’t seem like much but as you will see, it is the only known way to separate concerns to both authenticate all humans and preserve pseudonymous free speech on Twitter and everywhere else.
The simplest and shortest path forward is for Twitter to migrate user authentication to use what we call “cryptographic qualifications” that are fully decentralized and support pseudonymous use of the Twitter platform. This raises four key questions: What exactly should be Twitter’s authentication policy? What are the inputs to and outputs from the cryptographic qualification?How does Twitter know the inputs and outputs are trustworthy? How is law enforcement done when pseudonymous users post unlawful content?
Elon’s goal of authenticating all humans means the authentication policy must at least verify that the user is a real human and not a bot or some other automated system. For enforcing lawful free speech, the policy should also demand that there is a way for law enforcement to learn the identity of the human that controls a given account. Notice that I said “law enforcement” and not “Twitter”. This is on purpose.For Twitter to truly support free speech Twitter must not demand to know the identity of any user. That does not imply that all users are always pseudonymous, some users may choose to reveal their real world identities, but then how does Twitter trust that the identity information is true? All of these checks are made by the cryptographic qualification that proves they are qualified to use the system.
Other platforms exist where all participants are required, by law, to disclose their identity. I call these “transparent systems” as opposed to “protected systems” where the law requires that user privacy is protected. Transparent systems rely upon a process called “know your customer/client” (KYC) to verify the real world identities of the participants. Platforms such as PayPal and Venmo use KYC services to verify user identity before allowing them to join. Twitter will have to rely upon similar services if they are to authenticate all real humans but Twitter is not a transparent system. Nor should it remain in its current state as a protected system. It must evolve into a pseudonymous system to protect the 1st amendment rights of its users. That means Twitter only verifies that a user has been KYC’d by a legitimate KYC provider while not demanding, nor collecting, any of their KYC information. It is the user’s choice to disclose their real name and link it to one or more of their Twitter accounts and when they do Twitter relies upon KYC vendors to verify the user’s name.
To further protect the user’s identity, the result of the cryptographic qualification is just a 1-bit,yes-or-no, answer. It is either “yes, the user is qualified to use Twitter” or “no, the user is not qualified”. This reduces the amount of data transmitted about the user so that trained AI’s using empirical models—derived from a decade of internet surveillance—are unable to correlate the user with their real world identity. The only data that is leaked to Twitter is the KYC vendor the user used and the user’s IP address. The user’s IP address can be hidden through the use of Tor or I2P or a 3rd party VPN service.
The KYC data given to users must have some way to prove that it is authentic, has not been modified, and has not been revoked by the KYC vendor. We’ve known for decades how to use cryptography to issue data with these kinds of guarantees. The difficulty lies in scaling and decentralizing it enough that all data on the internet can be made into authentic data with provable provenance. The open source authentic data tools we created use off-chain cryptographic provenance logs anchored in Bitcoin (or any public, immutable data storage)using cryptographic techniques to amortize an infinite number of state updates into a single Bitcoin transaction. In crypto-speak, the authentic data economy approach is a fully decentralized and infinitely scalable layer 2 solution independent of the underlying blockchain/data store. It was originally designed to use Bitcoin for anchoring but it is compatible with all systems that provide timestamped, immutable, and publicly readable data storage.
Users of this new Twitter receive KYC data from a 3rd party KYC vendor as authentic data and keep it private, never sharing it unless they wish to. Twitter sends them the cryptographic qualification as authentic data as well. The user verifies that the cryptographic qualification is legitimately from Twitter and has not been modified or revoked. The user then produces proofs based on their private KYC data. The cryptographic qualification checks that the user is a human with verified KYC data and that the data is authentic. The user sends back to Twitter the yes/no result along with cryptographic proof that the KYC data is authentic and trustworthy. This is all Twitter needs to know. The authentic data technique effectively transmits the trust Twitter has in the KYC vendor, through the user, back to Twitter in the form of cryptographic checks of private authentic data.
Along with their KYC data a user receives an encrypted “account number” from the KYC vendor that links the user to their personal information that the KYC vendor stores. This “account number” is encrypted with a technique called verifiable encryption. This means Twitter can confirm that the KYC vendor, and only the KYC vendor, can decrypt the data. So along with the cryptographic qualification result and proofs of correctness and authenticity, the user gives Twitter this verifiably encrypted “account number” to store. If the user later posts unlawful content, law enforcement can gather the evidence, present it to a court, receive a warrant to investigate and present the warrant to Twitter and the KYC vendor. Twitter gives the verifiably encrypted “account number” to law enforcement and the KYC vendor decrypts it to reveal thereal world identity of the user. This is what we call “perfect 4th amendment privacy” and will allow Twitter to be a constitutional free speech platform whereby users are pseudonymous butalso subject to deanonymization under judicial review per the terms of the 4th amendment.
Twitter is attempting to solve one of the most difficult problems of the internet era: balancing pseudonymous free speech while enforcing unlawful speech. Thankfully it isn’t a new problem and we have had decades to do research and try different solutions. The last few years brought a dramatic increase in demand for authentic data; especially now that Web3 has risen in notoriety. Unfortunately for the Web3 proponents nobody wants authenticity if it locks them into a cryptocurrency silo and forces them to pay fees for every little thing. Our right to speak freely must not be subject to fees or gatekeeping and the technology used to exercise that right must be open source.
The team behind the authentic data architecture is made up of open source veterans. We have been writing open source tools since the mid 1990’s and we know that being open isn’t always enough to get code and ideas into the world at large. We formed an open source company called Cryptid Technologies and have been in “stealth mode” for three years working quietly to create standards proposals and open source libraries that support the authentic data economy. Now that we’re coming out of stealth, we are prepared to give away the code and demonstrate decentralized solutions to many “holy grail” level problems that have stumped the smartest people for decades.
I am confident that our approach is the answer to the debate over pseudonymous free speech versus unlawful speech. Our scaling capabilities alone makes our approach unique in the market. This is the way forward for Twitter, and the internet in general. The inspiration comes from the founding fathers themselves and the separation of powers that safeguards individual rights and liberties. The authentic data economy makes it possible to have perfect 4th amendment privacy and 1st amendment pseudonymous free speech.
Elon, let’s talk.