What is a Soulbound NFT?
“Soulbound” NFTs have attracted attention recently, with Ethereum founder Vitalik Buterin being a notable proponent. The concept of a soul-bound NFT is derived from the online multiplayer game World of Warcraft. In the game, users are able to obtain high-level weapons and accessories that cannot be traded or traded, but are instead linked to the user’s account, thus being “soul-bound”.
This concept has been adopted and used on Web3, mainly for identification purposes. Soulbound Tokens are non-transferable once created or acquired. They are held in wallets known as Souls. Soul-bound tokens can be thought of as permanent attributes or properties that define the “soul” of an account.
The fact that soul-bound tokens cannot be traded or sold proves that the user is “entitled” to the token in question. Soul-bound tokens can represent medical records, educational certificates, criminal records or even know-your-client/customer (KYC) records. Since different soul-bound tokens each have unique functions, users can also separate their tokens between different Souls based on function. For example, they may have one soul for medical records and another for exchanging information and KYC details.
An early implementation of soul-bound tokens is the Binance Account Bound (BAB) token. This acts as a form of verification on the BNB chain for Binance users who have completed KYC. These tokens can also be used for identity verification for other projects without going through the same KYC process again. These soul bound Non-Fungible Tokens (NFTs) can help regulate token sales, airdrops, voting on governance proposals and more. With increased emphasis on compliance and regulation, soul-bound tokens aim to address these issues while returning greater control and access to users.
Soulbound tokens can provide greater security with regard to user verification. Sybil attacks can be mitigated by soul-bound tokens that verify that unique users are who they claim to be, eliminating the risk of fake users and fraudsters. Unlike traditional systems, users will also be able to control access to their data to set the visibility of soul-bound tokens so they can control when, with whom and what details about their information is shared.
Security issues related to soul-bound tokens still need to be resolved. Since these tokens are immutable and act as identifiers for individuals on the blockchain, a high level of security is required at both the wallet and token levels. If a user loses access to their wallet, whether due to a hack or the loss of their wallet keys, the results can be catastrophic. Proper security measures are necessary to ensure that user data is safe and can only be accessed by authorized users. Vitalik Buterin discussed a possible solution to the loss of soul-bound tokens in his first whitepaper on the subject, which would allow owners of Soul to appoint “guardians” who have the right to restore an account when necessary. Greater standardization and review processes for both tokens and wallets are needed to ensure that the necessary security features are implemented.
Certain aspects of soul-bound tokens still need to be clearly defined for use to be possible. There is still a lack of a standard for the level of privacy available in relation to user data that can be publicly verified and accessed. As described in EIP-5114: Soulbound Badge, soulbound tokens refer to a persona rather than a specific individual. It should not be assumed that there is only one person behind a persona. More work needs to be done in this area to define how soul-bound tokens can be granulated and standardized to represent the characteristics of just one individual. Greater control given back to the user may alleviate fears that the use of the soul-bound token will result in censorship and control by centralized entities.
The concept of soul-bound tokens is still new and several issues need to be resolved before they are ready for mainstream use. Greater security must be an overriding concern, as it will bring greater trust and adoption of soul-bound tokens, bringing manageable identity and privacy to the blockchain.
This is a guest post and was originally published here.
What is CertiK:
CertiK is a blockchain security company that helps projects identify and eliminate security vulnerabilities in blockchains, smart contracts and Web3 applications using its services, products and cybersecurity techniques.
Where to find CertiK:
Website | Twitter | Medium | Telegram | YouTube