Identity Infrastructure: The Binding Constraint on Democratic Funding

Type: Report
Authors: Gitcoin Research
Published: March 2026

TLDR -- Every democratic funding mechanism -- quadratic funding, quadratic voting, UBI, participatory budgeting, conviction voting -- requires the ability to distinguish unique humans from manufactured identities. The sophistication of allocation algorithms has outrun the identity infrastructure that supports them. Without solving Sybil resistance, no amount of mechanism design will produce trustworthy outcomes. This is the binding constraint on the entire field.

---

The Problem in One Sentence

If you can't verify that each participant is a unique human, you can't run a democratic funding mechanism.

This is not a nuanced claim. It is a hard constraint. Quadratic funding's mathematical elegance depends on each contribution representing one person's genuine preference. If a single actor controls 100 accounts, they can redirect matching funds as effectively as if they'd hacked the smart contract. The outcome looks democratic but is controlled.

The Evidence

The Citizens Round: 50%+ Farming

Gitcoin's inaugural retroactive QF round (June 2023) achieved impressive headline numbers: ~103,000 DAI distributed, a record 4x crowdfunding-to-matching ratio, 17,000+ donors. But deeper analysis revealed that over 50% of donors were motivated primarily by airdrop speculation rather than genuine impact assessment.

These participants weren't breaking the rules -- they contributed real money to real projects. But their behavior was driven by the expectation of future token airdrops for "active ecosystem participants," not by preferences about which projects deserved funding. The democratic signal the mechanism was designed to produce was diluted by speculative noise.

QuadraticLenster: Rapid Sybil Exploitation

When quadratic funding was piloted on Lens Protocol's social network in July 2023, replacing "likes" with QF-matched tips, Sybil attacks appeared almost immediately. A $10,000 matching pool attracted both genuine participants (581 contributions from 181 participants) and manufactured accounts attempting to capture matching funds.

The attack happened faster than defenders could respond. The small scale limited damage, but it demonstrated the principle: any system where participation generates economic value will attract manufactured participation at the speed of automation.

Early Gitcoin Rounds: Zero Identity Verification

Gitcoin's earliest QF rounds (2019-2020) operated with essentially no Sybil resistance. The mechanism worked because the ecosystem was small enough and the amounts modest enough that the cost of attacking exceeded the benefit. As matching pools grew from thousands to millions, the incentive to game the system grew proportionally, while the identity infrastructure remained minimal.

Why This Is the Binding Constraint

A binding constraint is the single bottleneck that limits the performance of an entire system. In public goods funding, the binding constraint is not:

• Mechanism design. The field has 76+ documented mechanisms, more than enough for any context.
• Capital formation. L2 treasuries, staking yield, protocol revenue, and MEV provide abundant capital.
• Tooling. Allo Protocol, Grants Stack, EasyRetroPGF, Drips, and others provide composable infrastructure.
• Allocation algorithms. QF, retroactive funding, conviction voting, metrics-based voting, and AI-assisted evaluation provide sophisticated allocation logic.

What limits the system is the identity layer that all democratic mechanisms depend on. Consider:

Quadratic funding derives its mathematical properties from the assumption that each contributor is a unique person. Violate this assumption and the mechanism degenerates into standard plutocratic matching.

Quadratic voting allocates voice credits per person. If one entity controls multiple identities, they acquire disproportionate voting power -- exactly the outcome the quadratic cost function was designed to prevent.

Universal basic income distributes to every unique human. Without reliable human verification, UBI becomes a subsidy for identity manufacturing.

Participatory budgeting gives each community member a voice. Fake members dilute real voices.

Conviction voting accumulates voting power over time per participant. Multiple identities accumulate multiple streams of conviction.

In every case, the mechanism's integrity depends on an identity guarantee that existing infrastructure cannot reliably provide.

The Current State of Identity Infrastructure

Gitcoin Passport

Gitcoin Passport aggregates "stamps" from various identity providers (social accounts, biometric verification, onchain activity) into a composite score. Passport achieved roughly 60% reduction in suspicious activity -- a meaningful improvement that still leaves 40% of attack surface uncovered.

The stamp-based approach faces a structural challenge: stamps verify that an account is connected to a specific service (Twitter, GitHub, etc.), not that the person behind the account is unique. Sophisticated actors maintain multiple verified accounts across services.

MACI (Minimum Anti-Collusion Infrastructure)

MACI uses zero-knowledge proofs to enable private voting, preventing vote-buying and collusion. It was deployed in GG24's privacy round. MACI addresses a different but related problem: not identity verification but collusion resistance. Even with verified identities, actors can coordinate to game allocation. MACI makes this coordination computationally infeasible.

Connection-Oriented Cluster Matching (COCM)

COCM analyzes the social graph of contributors to detect clusters of coordinated behavior. If a group of accounts consistently donate to the same projects in the same patterns, COCM reduces their collective matching weight. This addresses Sybil behavior without requiring identity verification per se -- it detects coordination patterns that suggest manufactured participants.

Biometric Verification

Worldcoin's iris-scanning approach and similar biometric systems offer the strongest uniqueness guarantee -- it is very difficult to have two different iris scans. But biometric systems face adoption barriers (privacy concerns, hardware requirements, geographic availability) and philosophical objections (centralized biometric databases, exclusion of those unwilling to submit to scanning).

The Arms Race Dynamic

Every improvement in Sybil resistance triggers adaptation by attackers. This is not a problem that gets solved once -- it is an ongoing arms race with a structural asymmetry: defenders must verify every participant, while attackers need only find one exploitable gap.

The asymmetry worsens as AI matures. Large language models can generate convincing social media profiles, engage in plausible conversation, and build credible-looking activity histories across platforms. The cost of manufacturing a "convincing" identity is declining faster than the cost of detecting manufactured identities.

This suggests that identity infrastructure must evolve toward:

1. Layered verification combining multiple independent signals (biometric + social + onchain + in-person) so that no single vector is sufficient for manufactured identity
2. Continuous authentication rather than one-time verification, so that identity quality is maintained over time rather than front-loaded
3. Contextual thresholds where higher-stakes mechanisms require stronger identity verification (light verification for small QF contributions, heavy verification for large allocation votes)
4. Privacy-preserving proofs (ZK-based) that verify uniqueness without revealing personal information

Implications for the Field

For Mechanism Designers

Stop designing allocation mechanisms in isolation from identity infrastructure. The most mathematically elegant mechanism in the world produces garbage outputs if participants aren't verified. Mechanism design papers should state their identity assumptions explicitly, the way cryptographic protocols state their security assumptions.

For Funders

Invest in identity infrastructure as infrastructure, not as a feature of individual programs. Gitcoin Passport, MACI, and COCM should be funded as ecosystem-wide public goods, not as line items in specific round budgets. The ROI of better identity verification flows to every democratic mechanism simultaneously.

For Ecosystem Designers

The identity layer is the foundation of the funding stack. Building sophisticated allocation mechanisms on weak identity infrastructure is building on sand. Prioritize identity investment over mechanism innovation until the binding constraint loosens.

Conclusion

The Ethereum ecosystem has produced extraordinary innovation in allocation mechanisms -- 76 documented approaches ranging from simple bounties to AI-weighted dependency graph analysis. It has generated abundant capital through L2 treasuries, staking yield, and protocol revenue. It has built composable tooling that allows any community to run a funding program.

What it has not built, at sufficient maturity, is the identity infrastructure that all democratic mechanisms require. This is the binding constraint. Every dollar invested in better Sybil resistance improves the performance of every democratic funding mechanism simultaneously. Every dollar invested in a new allocation algorithm without corresponding identity infrastructure produces diminishing returns.

The field's next breakthrough will not be a new way to allocate capital. It will be a new way to verify that participants are real.