ERC-5727: Semi-Fungible Soulbound Token

An interface for soulbound tokens, also known as badges or account-bound tokens, that can be both fungible and non-fungible.


Metadata
Status: DraftStandards Track: ERCCreated: 2022-09-28
Authors
Austin Zhu (@AustinZhu), Terry Chen (terry.chen@phaneroz.io)

Abstract


An interface for soulbound tokens (SBT), which are non-transferable tokens representing a person's identity, credentials, affiliations, and reputation.

Our interface can handle a combination of fungible and non-fungible tokens in an organized way. It provides a set of core methods that can be used to manage the lifecycle of soulbound tokens, as well as a rich set of extensions that enables DAO governance, delegation, token expiration, and account recovery.

This interface aims to provide a flexible and extensible framework for the development of soulbound token systems.

Motivation


The current Web3 ecosystem is heavily focused on financialized, transferable tokens. However, there's a growing need for non-transferable tokens to represent unique personal attributes and rights. Existing attempts within the Ethereum community to create such tokens lack the necessary flexibility and extensibility. Our interface addresses this gap, offering a versatile and comprehensive solution for SBTs.

Our interface can be used to represent non-transferable ownerships, and provides features for common use cases including but not limited to:

  • Lifecycle Management: Robust tools for minting, revocation, and managing the subscription and expiration of SBTs.
  • DAO Governance and Delegation: Empower community-driven decisions and operational delegation for SBT management.
  • Account Recovery: Advanced mechanisms for account recovery and key rotation, ensuring security and continuity.
  • Versatility in Tokens: Support for both fungible and non-fungible SBTs, catering to a wide range of use cases like membership cards and loyalty programs.
  • Token Grouping: Innovative slot-based system for organizing SBTs, ideal for complex reward structures including vouchers, points, and badges.
  • Claimable SBTs: Streamlined distribution of SBTs for airdrops, giveaways, and referral programs.

This interface not only enriches the Web3 landscape but also paves the way for a more decentralized and personalized digital society.

Specification


The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 2119.

A token is identified by its tokenId, which is a 256-bit unsigned integer. A token can also have a value denoting its denomination.

A slot is identified by its slotId, which is a 256-bit unsigned integer. Slots are used to group fungible and non-fungible tokens together, thus make tokens semi-fungible. A token can only belong to one slot at a time.

Core

The core methods are used to manage the lifecycle of SBTs. They MUST be supported by all semi-fungible SBT implementations.


Extensions

All extensions below are OPTIONAL for ERC-5727 implementations. An implementation MAY choose to implement some, none, or all of them.

Enumerable

This extension provides methods to enumerate the tokens of a owner. It is recommended to be implemented together with the core interface.


Metadata

This extension provides methods to fetch the metadata of a token, a slot and the contract itself. It is recommended to be implemented if you need to specify the appearance and properties of tokens, slots and the contract (i.e. the SBT collection).


Governance

This extension provides methods to manage the mint and revocation permissions through voting. It is useful if you want to rely on a group of voters to decide the issuance a particular SBT.


Delegate

This extension provides methods to delegate (undelegate) mint right in a slot to (from) an operator. It is useful if you want to allow an operator to mint tokens in a specific slot on your behalf.


Recovery

This extension provides methods to recover tokens from a stale owner. It is recommended to use this extension so that users are able to retrieve their tokens from a compromised or old wallet in certain situations. The signing scheme SHALL be compatible with EIP-712 for readability and usability.


Expirable

This extension provides methods to manage the expiration of tokens. It is useful if you want to expire/invalidate tokens after a certain period of time.


Rationale


Token storage model

We adopt semi-fungible token storage models designed to support both fungible and non-fungible tokens, inspired by the semi-fungible token standard. We found that such a model is better suited to the representation of SBT than the model used in ERC-1155.

Firstly, each slot can be used to represent different categories of SBTs. For instance, a DAO can have membership SBTs, role badges, reputations, etc. in one SBT collection.

Secondly, unlike ERC-1155, in which each unit of fungible tokens is exactly the same, our interface can help differentiate between similar tokens. This is justified by that credential scores obtained from different entities differ not only in value but also in their effects, validity periods, origins, etc. However, they still share the same slot as they all contribute to a person's credibility, membership, etc.

Recovery mechanism

To prevent the loss of SBTs, we propose a recovery mechanism that allows users to recover their tokens by providing a signature signed by their owner address. This mechanism is inspired by ERC-1271.

Since SBTs are bound to an address and are meant to represent the identity of the address, which cannot be split into fractions. Therefore, each recovery should be considered as a transfer of all the tokens of the owner. This is why we use the recover function instead of transferFrom or safeTransferFrom.

Backwards Compatibility


This EIP proposes a new token interface which is compatible with ERC-721, ERC-3525, ERC-4906, ERC-5192, ERC-5484.

This EIP is also compatible with ERC-165.

Test Cases


Our sample implementation includes test cases written using Hardhat.

Reference Implementation


You can find our reference implementation here.

Security Considerations


This EIP does not involve the general transfer of tokens, and thus there will be no security issues related to token transfer generally.

However, users should be aware of the security risks of using the recovery mechanism. If a user loses his/her private key, all his/her soulbound tokens will be exposed to potential theft. The attacker can create a signature and restore all SBTs of the victim. Therefore, users should always keep their private keys safe. We recommend developers implement a recovery mechanism that requires multiple signatures to restore SBTs.

Copyright


Copyright and related rights waived via CC0.