Cursive partnered with IYK at ETHDenver 2024 to put an NFC chip in every attendee's badge and digitize the event experience. Tapping another attendee's badge allowed you to share contact information and send them a digital signature representing the fact that you two met. Tapping NFC discs around the venue allowed you to receive a digital signature proving you visited a location, attended a talk, or partook in an experience. Quests required you to meet certain people or visit specific locations, and upon fulfilling those requirements you could generate a zero knowledge proof to complete the quest without revealing the individual signatures themselves. This was an experiment in data ownership - the signatures are private to you, and without knowing your signatures nobody can pretend to share the experiences you had. Completing quests allowed you to redeem physical items at the BUIDLShop.
Over the course of the event, there were:
Digital signatures offer numerous advantages that allow them to be the easiest ways to create secure, verifiable digital representations of physical interactions. First off, they are universal. Any device knows how to generate and verify digital signatures from standard elliptic curves, and this is a universal cryptographic standard that requires no custom knowledge such as a choice of blockchain or specific API. Secondly, they are portable. A signature from the Baby Jubjub elliptic curve we use consists of 64 bytes (this curve was selected for its friendliness in generating zk proofs - more on this in a future article). It's easy to carry this signature around in local storage, and they can be used offline. Finally, signatures are composable. If you want to build blockchain based representations of physical interactions, you can mint NFTs or POAPs based on digital signatures - but the signatures themselves are the lowest common denominator.
A common thread that runs through all iterations of our work is to give users palpable interaction with the technology. For this project, IYK commissioned generative artist Stefano Contiero to create visually engaging representations of attendees' Ethdenver experiences, calling them "stamps" in line with our ZuStamps project from Zuzalu in 2023. Each stamp, uniquely tied to a person or location, served as a mark of authenticity. Despite our enthusiasm, many users overlooked the interactive feature allowing them to scrub through the artwork's evolution over time and didn't immediately connect each image to a signature. However, when we highlighted this feature, conference attendees relished the dynamic visual experience, motivating us to further explore conceptual directions for signature representations.
One of the experiments we wanted to run at ETHDenver was related to data custody and ownership. We gave users two options to custody their signatures - either you could choose server custody and have us store your data for you, in which case you trust us to not read or share your data but can't verify we didn't. This is the standard data model of the current internet. Or you could choose self custody, and only use our backend for storing encrypted backups of your data - the catch was that you would need to set and remember an encryption password.
To learn about users' data preferences, we randomly decided whether a user would have self custody or server custody selected by default during registration. When server custody was pre-selected, it was chosen as the final option 58% of the time. When self custody was pre-selected, it was chosen as the final option 66% of the time. There was a slight bias towards choosing self-custody overall, but more people just chose whatever option was their default. The takeaway is that data ownership and custody is important, but often times what dictates user behavior is communication and UX.
We tried two different chips at Denver: NTAG424 chips from IYK for the main ETHDenver event, and NXP JCOP4 chips from Arx for external activations. NTAG424's and JCOP4's represent two distinct points on the tradeoff spectrum of price, decentralization, utility, and tap experience.
JCOP4's have a lot to offer when it comes to creating an end-to-end decentralized experience. They are capable of generating digital signatures from within the chip's secure element itself, and is programmable with arbitrary private keys and cryptographic functionality. That means that they are also capable of being crypto hardware wallets. On the flipside, they cost around $5/card at an activation of our scale, and carried a worse tap experience overall - to successfully background tap a JCOP4 for a card-generated signature, you were required to perform more of a "tap and hold", pressing your phone against the card for roughly 2 seconds. The range you could successfully tap from with your phone was also smaller, meaning you had to be more precise about where you tapped, which is difficult for people who have not tapped NFC cards before. The reason for this is because digital signatures are more complex computations, and the card requires a longer power draw from your phone to successfully generate the signature.
NTAG424 are simpler chips. Instead of generating signatures on the chips themselves, they would create a CMAC representing the tap that would be sent to IYK's servers. IYK would verify the CMAC with their own private keys, and then pass a uuid that allowed us to uniquely identify the tap. We would "redeem" this uuid and issue a digital signature to the user ourselves. Note that this creates two dependencies - on IYK's servers to be available and not generate fake taps, and on our servers to only generate valid signatures. However, NTAG424's cost around $.50/card and also offer superior tap UX - because they only generate CMACs, the tap is quite fast and reliable, even if you don't place your phone in the precise place.
We will continue to explore the tradeoffs in the NFC space and share our findings. Overall, its a testament to the evolution of NFC technology over the past 50 years that we have so many distinct options to choose from.
One of the main drivers of users going crazy about tapping was the merch store. IYK along with Matter Labs curated a wonderful array of exclusive chipped goods from various designer brands, NFT collections, and other web3 friendly names that were in hot demand. Using these items as incentives made people run around and frantically find people and places to tap in order to complete the quests needed to claim the items. This in turn got many more people curious about the activation, which created a social loop that made a permanent line to the store. What many people appreciated about needing to complete quests in order to redeem items was that they had to work to achieve their reward. At the same time, the work they had to do (find people to tap) was highly achievable and quite a lower barrier to entry. It's clear that at least at an event like ETHDenver, well-placed incentives are what takes a social experience to the next level.
We've got many projects and activations lined up ahead, so stay tuned. We're constantly thinking of new ways to adopt advanced cryptography in practical products, and have many exciting ideas to share with you in the coming months. In the meantime, if you have cryptography-fueled ideas or would like to collaborate, you can reach us at: hello@cursive.team.
We would like to thank our incredible partners and collaborators for making this experience possible: