The Zero Trust Internet Protocol White Paper: The Protocol
This section covers the dynamics of the Protocol’s participants and our reputation system.
Contents
Clicking on each heading will take you that section’s medium post.
1. Index
2. Introduction
3. The MetaCert Protocol
5. MetaCert’s Prior and Related Work
6. Design Goals
7. Solution: The MetaCert Protocol
8. Future Work
9. Token Sale Breakdown *(This section is not in the PDF)
The MetaCert Protocol
The Protocol will be accessible to any Internet user anywhere in the world. All these users will need is access to a computer or smartphone to submit, review and validate information about URIs. This user reporting will then be permanently stored in the Protocol.
Through the Protocol, behavior that results in higher quality URI reputations will be rewarded while behavior that subverts or undermines integrity will be punished. At the core of this is an incentive system backed by the Token (MCERT), which may be staked to “claim” and validate the membership of a URI to a specific category and be further applied as tender for access.
Categories
MetaCert is primarily focused on three categories of classification;
- Verified
- Dangerous
- Pornography.
Participants
Participants are generally passionate about a particular subject matter. For instance, members of open source communities such as PhishTank are keen to make the Internet a safer place by submitting and validating a registry of phishing threats, on a voluntary basis. These same people can now get paid in Tokens for submitting and validating URIs that are deemed to be authentic and not counterfeits. They can also get paid to submit and validate new phishing threats. And guardians using parental controls are eager to prevent kids from accessing adult content on the Internet. Each of these groups of people are incentivized to submit and validate URIs so the security tools they use for protection are improved by their participation. Some people are simply passionate about helping to make the Internet safer for everyone.
While we anticipate that new classes of participants will emerge as dictated by the evolving practices, dynamics and needs of the community, we have identified at least four primary classes of participants that will interact with the Protocol, namely Submitters, Validators, Purchasers and End Users.
Submitters
Submitters are a class of participants that identify URIs that have yet to be categorized by the Protocol, or require updated classification information. They are able to use a web interface or mobile app to submit information about URIs, which are then placed into a queue for validation. This information could include classification of a domain, ownership of a domain, or classification of digital assets such as social media accounts, apps, APIs, and digital wallets.
Resource owners are a unique example of Submitters who also play an important role in the Protocol. Unlike other Submitters, resource owners initiate the validation process for their digital assets by paying Tokens. The validation process is in turn funded by the Tokens resource owners pay, helping to form the backbone of the Protocol’s economic engine. Once a submission from a resource owner is approved, they will be notified, and the validation process will commence.
Validators
Validators are a class of participants responsible for reviewing URI submissions before they are added to the Protocol. They are awarded the “Validator” status if they attain a high quality of accuracy, determined from repeated successful reviews pertaining to the categorization of these respective submissions. They can also achieve this if they’re considered “experts” for a respective category.
Purchasers
Purchasers are a class of participants that purchase access to the Protocol for integration into their own products or services. Purchasers have the ability to pay for access to the entire Protocol, multiple categories or a single classification type. Access can be obtained by making a payment for monthly access or annual access, which includes a discount.
End Users
End Users are a class of participants that are the primary beneficiaries from the availability of the Protocol. These include users of products like MetaCert’s browser-based security software, or Cellusys’ Zero Trust solution for SMS, or future products that have yet to be created by developers, companies or any other type of Purchaser.
Protocol Incentives
Knowing the roles of the participants in the Protocol serves as a starting point to understand the value of the incentives in this system. There are several highlights of this incentive system including:
- URI Submitters and Validators can lay claim to a certain number of URIs. If technically feasible, these claims may also allow Submitters and Validators to collect additional fees on access to the respective URIs as they are accessed by Purchasers. The amount of allowed URI claims depend on the amount of staked tokens. This limit incentivizes Submitters and Validators to claim the most useful and accessed URIs.
- Early Submitters and Validators for a specific URI category may earn a disproportionate interest in the fees collected for data access. Early confirmations are typically more valuable than subsequent confirmations.
- Submissions and validations may expire or depreciate their owners’ fee interest over time or upon some event, as stale data become less valuable. This creates a new incentive for Protocol participants to re-submit and re-validate existing URIs that may have become outdated.
- Stakes can be slashed, such as if the network disagrees with a Submitter or Validator, and all decisions are immutably logged to the ledger for review and identification of bad actors.
- Participants may pay in Tokens, fiat, or other cryptocurrencies for access. As part of its technology adoption strategy, MetaCert will issue accounts and browser extensions with pre-credited access to the network data.
Reputation Score
Participants in the network are each given a reputation score, which is comprised of various behavior signals derived from their participation in the Protocol, including their track record in submitting and validating URIs, level of recorded expertise, and other data points that are defined by the system.
Tokens will be distributed to incentivize participants to tell the truth when submitting or validating URIs recorded on the Protocol. However, the history of crowdsourcing has demonstrated that it is impossible to rely on good faith alone, so we use software and incentives to help identify trustworthy or unreliable participants and their associated reputation score.
The reputation score will also contribute towards activity within the system. For example, phishing-related submissions from an anti-phishing expert will be more quickly validated and such an expert may also act as a Validator for phishing submissions from non-experts. However, an anti-phishing expert doesn’t have much experience identifying credible news sources, so their news submissions require more validation work and they may be unlikely to become a Validator for news submissions.
Contents
Clicking on each heading will take you that section’s medium post.
1. Index
2. Introduction
3. The MetaCert Protocol
5. MetaCert’s Prior and Related Work
6. Design Goals
7. Solution: The MetaCert Protocol
8. Future Work
9. Token Sale Breakdown *(This section is not in the PDF)
🖌 Please feel free to respond with questions or comments about anything you read in our White Paper or Technical Paper directly within Medium, and be sure to engage with other members of the community who also have questions or comments.
🔐 MetaCert Protocol is based on established enterprise-grade technology that powers live products. These products protect hundreds of thousands of people on the Internet today, but this is just the start. We need the community to help us iterate this work. Together we can help make the Internet a safer place for everyone.
☞ Don’t forget to click 👏🏻 to let MetaCert and others know how much you appreciate this post.
☞ Install Cryptonite to help protect your crypto from phishing scams. https://metacertprotocol.com/cryptonite
☞ Use our Telegram Security Bot to check the status of links and crypto addresses, and warn users about phishing in Telegram communities. https://metacertprotocol.com/telegram-bot
☞ Join our Telegram channel where you can engage with the core team and the community. https://t.me/metacert
