In 1992, Phil Zimmermann had a problem. He'd built PGP, the first encryption tool regular people could actually use, and he needed a way for strangers to trust each other's public keys without some central authority blessing them. His solution was the Web of Trust. You sign my key, I sign yours, and anyone who trusts you can now verify me through you.

It was elegant. It was decentralized. And it completely failed at scale.

Here's the part most people don't know. PGP's Web of Trust didn't die because the idea was bad. It died because of a specific, measurable problem: the signing ceremony. To get your key signed, you had to physically meet someone, verify their government ID, and sign their key in person. Zimmermann was so paranoid about the trust model that he made the barrier to entry a face-to-face meeting.

By 2005, the average PGP key had 2.3 signatures. Two point three. After thirteen years. The Stanford Key Transparency project later published data showing that the PGP strong set, the largest connected group of mutually-signed keys, peaked at about 55,000 users globally. Out of billions of internet users, the best decentralized identity system humanity had built connected fewer people than a mid-size college football stadium.

The Same Mistake, Three TimesThe Same Mistake, Three Times

What came after PGP repeated the same pattern. Keybase launched in 2014 with a slicker version. You'd prove your identity by posting a signed message on Twitter, GitHub, or your personal site. Smart. Except Keybase got acquired by Zoom in 2020, the team moved on, and all those identity proofs became orphans tied to a platform that stopped caring. Centralized company, decentralized identity. The contradiction wrote its own ending.

Then there was the W3C Decentralized Identifiers spec. DID. Seven years of committee work. The result was a standard so complicated that the most popular implementation, Microsoft's ION, required running a full Bitcoin node plus an IPFS node plus a Sidetree adapter just to resolve an identity. The barrier wasn't a signing ceremony this time. It was running three pieces of infrastructure simultaneously.

Same failure. Different costume. The barrier to entering the trust graph was always too high for normal people.

What Nostr Actually ChangedWhat Nostr Actually Changed

Nostr's Web of Trust, the version people are actively building right now for the Wotathon this week, makes one decision that Zimmermann, Keybase, and the W3C all got wrong. Trust isn't binary.

In PGP, you either signed someone's key or you didn't. Trusted or untrusted. One or zero. But that's not how trust works in real life. You trust your plumber to fix pipes but not to do your taxes. You trust a stranger's restaurant recommendation in their home city but not in yours.

NIP-85, the Nostr trust graph proposal, lets you assign weighted trust across specific contexts. Someone might be a 0.9 on Bitcoin technical knowledge and a 0.2 on cooking. That's not just a nicer UX. It's a fundamentally different data structure. PGP's Web of Trust was a directed graph with binary edges. Nostr's version is a weighted multigraph with categorical dimensions.

The mathematical consequence is real. In a binary trust graph, information decays fast. Two hops from someone you trust, and you know almost nothing. In a weighted graph with dimensional trust, you can propagate meaningful signal three, four, even five hops out, because the weights carry information that binary edges can't.

Why This Time Might Be DifferentWhy This Time Might Be Different

I've been building identity scoring tools for the past two weeks, and the thing that keeps surprising me is how much signal already exists in the Nostr graph without anyone deliberately building a trust system. Follow relationships, zap patterns, reply frequency, relay selection. These are all implicit trust signals that people generate just by using the protocol.

PGP required explicit action. Keybase required explicit action. DIDs required explicit action. Nostr accumulates trust signal passively, as a side effect of using the network for things people already want to do.

That's the structural difference. Not better crypto. Not better standards. Just lower friction between "using the thing" and "building your trust graph."

Zimmermann's 1992 insight was correct. His implementation demanded too much of people. Thirty-four years later, we might finally have a protocol where the trust graph builds itself.

I'm presenting some of this work at the Wotathon tomorrow. If you're interested in where decentralized identity is headed, it's worth watching.