1-pager and research:Priverify: Bot prevention for websites with privacy-conscious users
‣
Market analysis
I didn’t evaluate other markets before choosing this one, because this one was already in progress. Future sprints will do so though.
Low friction, private, bot prevention | |
Market selection | Insights - It’s a cold start problem. However, I believe a few industries really need this, as long as we have a lower bar for “effectiveness”
Interested - I just am. Feels like a real problem, and one that can scale really well - a global, identity network. I think the world will become more private over time, and people will become more open to different technologies (zkp, World ID, etc) |
Market evaluation | Advantage - have a web2 product background, but web3 expertise
Large/growing market - in crypto, it’s small. but ID verification is a big one.
New tech - account abstraction makes it easier to make wallets; more people are moving onchain
New behavior - companies are maturing with real business models. airdrops and whatnot aren’t working anymore |
Talking to people | Value chain:
- Platforms: Crypto exchanges, adult content, anon communities, DAO, Gitcoin
- Crypto signup flows: WalletConnect, Privy, Metamask, Phantom
- Crypto users: Talk to those who had outraage over dydx debacle, Adam Cochran, LeftsideEmiri |
Specifically for:
- Web3-specific exchanges - Pancakeswap, Lido, Rocketpool, Rainbow, dydx
- Web3 messaging platforms - XMTP, Coinbase
- Web2.5 companies - Vishal
Separate hypothesis - more to do more with spam, rather than growth
- Online communities - Reddit, 4chan, CMC Community
- Taboo content - Onlyfans, Fanhouse, Porn sites
Not considering
- Need KYC / bank accounts
- Financialized products - Robinhood (free stock) - connect to brokerage
- Crypto exchanges - Binance, Kraken, etc.
- Referral platforms as a service → Usually fine since conversion criteria is product-specific (sign up for a month subscription)
Hypothesis and takeaways
Area | Hypothesis entering sprint | Belief leaving sprint |
Customer
problem(s) | Online companies with privacy-focused audiences have trouble identifying bots from real users for signup bonuses.
Web3 companies have trouble with user acquisition, specifically signup bonuses, because they do not have bot prevention. | Multiple startups with the same hypotheses failed to find platforms or web3 users, and there is also no clear path to providing all three qualities.
- Online companies with privacy-focused audiences were difficult to sign up due to this not being a big problem, high onboarding friction, and brand risk of KYC.
- Incorrect assumption that growth can have a lower bar of robustness than compliance, since there will be bad actors at scale
- Companies are more worried about downside protection (brand risk, small minority of crypto Twitter spreading false narrative) than potential upside
- Non-privacy-focused users are vast majority of crypto users, but they are happy to KYC with known companies.
- Though crypto consumer apps need this primitive - the ability to distinguish users from bots to be able to reach mass adoption - there are no consumer apps yet.
- Correct that compliance is not the area to focus on. It’s difficult to do, and the US has no clarity on this, and unlikely for some time. |
Market size | $1B right now
(~10B current value of large companies like Uniswap, dydx, Dapper, OpenSea; assume spending 10% for user acquisition) | Market size is much smaller than expected.
- 15+ dead/pivoted away startups. I spoke with three founders.
- KYC space is commoditized with low margins, unlikely for venture scale opportunity
- One co worth >$1B has <$10M in revenue
- Likely a feature rather than standalone company. Large co’s/orgs with existing user trust will natively build (Coinbase onchain verify, Gitcoin passport)
- Reputation is more interesting than identity, can be used for search, ranking, etc.
- One startup on reputation said no competition, companies just don’t care |
Growth rate | Could 10x if bull market
Belief that this will grow with AA | Winner, and profits, in this space are unlikely to accrue to any intermediary.
- Expect adoption to be on the OS-level (device biometrics), common standards (webauthn, passkeys, DID), or public infrastructure solutions (blockchain)
- One startup pivoted to gov’t IDs, but their competition is consultancies helping orgs add DIDs to Apple Wallet
- Another startup focused on reputation predicts this is 5 year bet, betting that’s when all data will be onchain |
Potential early customers | Web3-specific exchanges that are making money
Web2.5 companies | Expected early customers were hesitant or did not want this.
- One web3 exchange said KYC is impossible due to comms. Hard to justify brand risk.
- Another web2.5 customer said “Even if this existed, not sure we would use it” “When we care about growth, we don’t care about fraud”
- Game designers don’t like financial incentives, prefer product-led growth
- One potential early customer did not end up integrating with a startup they invested in that did this |