By Fernando Mendes and Joshua Tan
An attestation-based architecture and data model for DAO membership, member contributions, and other data.
This standard provides the basic architecture for a permissionless attestation framework where different parties can make arbitrary and conflicting attestations about DAO membership, member contributions, and other data.
Note: this standard does not specify how DAOs and service providers should handle identity verification & management. We assume that many different identity systems exist in tandem across different DAOs and different service providers. The way these are implemented is left to the discretion of both the DAO and its service providers. Thus, this standard is NOT appropriate for handling personally-identifiable information (PII) or other forms of personal data.
What does it mean to contribute to a DAO, and where can people find these contributions? What does it mean to be a member of a DAO, and how can membership be verified?
Contributions and membership are important building blocks within DAOs and related Web3 applications, from Web3 profiles to contribution graphs to measures of participation to interoperable reputation metrics. These systems are often the first settings in which DAOs and DAO service providers need to operationalize their underlying identity systems.
In current DAOs, membership and contributions are commonly defined via ownership of on-chain assets, whether fungible tokens, NFTs, or (more recently) soulbound NFTs. But on-chain definitions miss many important use-cases and risk locking DAOs into very specific modes of membership and organization. For example, a DAO may want to make membership contingent on some (off-chain) measure of participation such as git commits or Discourse posts, while definitions of contributions could vary across each of the (off- and on-chain) services that a DAO uses to track contributions.
daoURI already allows DAOs to publish off-chain data about their membership. This standard composes with daoURI in order to specify a permissionless attestation framework for DAOs and DAO service providers.
The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this document are to be interpreted as described in RFC 2119.
All DAOs conforming to DAOIP-## MUST implement the attestationIssuers field as part of daoURI. attestationIssuersis an array of attestation endpoints (see “Attestation Endpoints”, below) hosted by service providers trusted by the DAO to issue attestations on their behalf.
{
"@context": "<http://www.daostar.org/schemas>",
"type": "DAO",
"name": "<name of the DAO>",
"description": "<description>",
"attestationIssuers": [
{
"type": "AttestationIssuer",
"issuerURI": "<URI>"
},
{
"type": "AttestationIssuer",
"issuerURI": "<URI>"
}
]
}
An attestation issuer, or just issuer, is an entity that issues and manages attestations on behalf of some other entity such as a DAO.
Every issuer conforming to DAOIP-## MUST implement an issuerURI endpoint describing the issuer and listing endpoints that it supports, following the Attestation Issuer JSON Schema below: