W3TS

W3TS25 Recap: Building Trusted Digital Identities in the Web3 Era

Terminal 3

Terminal 3

5 min read
W3TS25 Recap: Building Trusted Digital Identities in the Web3 Era

At the Web3 Trust Summit 2025, hosted by Terminal 3, the conversation turned to the most foundational infrastructure challenge that we face today: digital identity. Together, panelists explored how identity systems must evolve for a world of blockchain transparency and AI agents.

The discussion revealed a paradox: we are building a more open, transparent financial system that simultaneously demands stronger privacy protections than ever before.

Photo: Brandon Ho

The panel was moderated by Brent Sellors (Associate Director, Forensic Services, PwC) and brought together: 

  • Gary Liu (Co-Founder & CEO, Terminal 3)
  • Sandy Peng (Co-Founder, Scroll), and
  • Jeffrey Tchui (VP, Hedera Foundation) 

Identity as verification, not just information

Digital identity is not about collecting biographical data; it's about verifying claims. Where you live, what you are authorized to access, which assets you control. These individual claims, when verified and assembled, constitute your digital identity.

In Web3, this takes a distinctive form. Your on-chain footprint—wallet addresses, transaction history, protocol interactions, governance participation—creates a transparent record of activity. This differs fundamentally from Web2's platform-specific identities that are scattered across siloed databases.

Sandy Peng (Co-Founder, Scroll). Photo: Brandon Ho

The technical term is "attestations": verifiable claims about properties, contributions, investments, and behaviors that stay with you indefinitely on public blockchains. Sandy Peng of Scroll illustrated this transparency with a striking example from their own organization:

"There is a very successful application on Scroll right now—a DeFi credit card service—that has one user who has parked about 10 million on their credit card, spending about one million a year. By looking at the time zone of when his daily spends are, I can roughly figure out which continent he is in."

That level of transparency creates new possibilities—and new vulnerabilities.

The privacy paradox of public blockchains

Here is the uncomfortable reality: once your wallet address is connected to your real-world identity, your entire financial history becomes an open book. Every transaction and every interaction is permanently recorded and becomes publicly accessible.

Yet, people are choosing to engage with decentralized platforms despite this privacy risk, leading to the increased adoption of digital identity solutions. There are three key forces driving this growth:

  1. Monetization of identity claims and verification
  2. Data privacy, anti-money laundering, and know-your-customer (KYC) Compliance requirements
  3. The simple necessity of functionality—digital systems become more powerful the more data they process
Jeffrey Tchui (VP, Hedera Foundation). Photo: Brandon Ho

Jeffrey Tchui of Hedera Foundation drew the distinction clearly:

"For individuals, it's really about monetization. For institutions or entities, it's about compliance—GDPR and other data compliance regimes around the world, how do you stay compliant in a decentralized world?"

Gary used an analogy to explain why the stakes are rising:

"If stablecoins are the piping and plumbing, identity is the key to locks. As we are building a city, we need doors that have locks and keys that open them. Our need to verify our identity for transactions is going to be happening once every day, multiple times a day for institutions, many, many times a second sometimes."

The challenge is not whether to participate, but how to participate while maintaining appropriate privacy controls.

AI agents: The existential crisis

The discussion took a sobering turn when addressing AI's role in identity systems. Currently, AI is presenting only problems in the identity world, not solutions. 

Beyond deepfakes that trick humans through video manipulation, the real threat operates at code level. AI agents can convincingly impersonate users to access their bank accounts, gain control of their wallets, or transact on decentralized exchanges—all without visual deception, just through behavioral mimicry operating at machine speed.

Unlike scams requiring human interaction and traditional settlement rails, compromised AI agents can execute unauthorized transactions atomically and instantaneously. That velocity represents a fundamentally different threat model.

Gary Liu (Co-Founder & CEO). Photo: Brandon Ho

Gary identified the critical gap:

"We do not have identity infrastructure, at least not scaled, nor identity standard, to be able to say, are we talking to the right agent? Do they actually have the authorization that they claim they have? We don't have a way to verify that right now at scale."

Sandy Peng highlighted emerging complexities with examples from the frontier:

"Someone coded a trading bot using the most popular foundation models and raised them against each other. DeepSeek was winning, making about 30% returns over a month. The regulator in me is thinking—what if you start charging for these? Who is ultimately responsible? What if financial risks are caused as a factor of this?"

The path forward: Identity as the security layer

Three years ago, panels like these would explain what zero-knowledge cryptography is. Two years ago, the conversations were about connecting real-life KYC to on-chain anonymous credentials for regulated digital assets. But this year, the priority has shifted to something more urgent. We are talking about AI—not only because it represents the critical problem that digital identity needs to solve, but also because it is the killer application for digital identity.

In the wake of this problem, the three panelists outlined what’s needed to effectively address it. Gary Liu believes that the first keystone building block for a secure agent-to-agent economy has to be identity:

“We have to be able to identify these things – where they come from, what authorizations they have, who is operating them. If we don't talk about the risk, we're not going to understand that the solution starts with identity, and we're not going to incentivize the right people to build it."

Jeffrey Tchui explained Hedera's approach to building foundational infrastructure:

"For us, identity is primitive moving forward into a virtual asset world. We're going out and making sure that we have a commitment to our builders and to open source. Through the standardization of applications, we're pulling identity into that and making sure that is a base, fundamental pillar—whether you're launching a stablecoin, tokenizing an asset, or building an agentic AI business on-chain."

Sandy Peng offered a new framework for thinking about the convergence:

"I used to make the analogy between your bank account and your stock brokerage account to your Web3 wallet, but now I think a new metaphor is your CV or LinkedIn profile versus your Web3 identity—your wallet, names, and attestations. There's also your business off-chain versus how you run your agent stack on-chain, which could be like an organization in and of itself."

The infrastructure is emerging. The question is whether deployment will outpace the threats.

Read more