SoK: The Ghost Trilemma

TL;DR

The paper introduces the Ghost Trilemma, a fundamental challenge in decentralized identity verification, arguing that sentience, location, and uniqueness cannot all be verified simultaneously, impacting online security and trust.

Contribution

It formalizes the Ghost Trilemma, analyzes existing approaches, and proposes potential solutions balancing decentralization, trust, and privacy.

Findings

Formal proof sketch of the Ghost Trilemma.

Analysis of existing decentralized identity systems.

Proposed pathways for practical identity verification schemes.

Abstract

Trolls, bots, and sybils distort online discourse and compromise the security of networked platforms. User identity is central to the vectors of attack and manipulation employed in these contexts. However it has long seemed that, try as it might, the security community has been unable to stem the rising tide of such problems. We posit the Ghost Trilemma, that there are three key properties of identity -- sentience, location, and uniqueness -- that cannot be simultaneously verified in a fully-decentralized setting. Many fully-decentralized systems -- whether for communication or social coordination -- grapple with this trilemma in some way, perhaps unknowingly. In this Systematization of Knowledge (SoK) paper, we examine the design space, use cases, problems with prior approaches, and possible paths forward. We sketch a proof of this trilemma and outline options for practical, incrementally deployable schemes to achieve an acceptable tradeoff of trust in centralized trust anchors, decentralized operation, and an ability to withstand a range of attacks, while protecting user privacy.