Meh, it sounds creepy, but the article goes into detail on why the iris hashes are sufficiently private.
I suspect the media and uninformed commenters will far overblow concerns about this, without actually learning how it works and why it's private enough.
> the article goes into detail on why the iris hashes are sufficiently private.
The problem is that if it something goes wrong, you can't fix things by changing your biometrics. That means that "sufficiently" private is a much, much higher threshold than it would be in other contexts.
It also requires a lot of trust of the entities gathering the biometric information, and it's hard to come up with any entity that seems trustworthy enough. Especially any entity in the cryptocurrency space.
Even ignoring the extremely creepy aspect of this (something worldcoin amplified immensely with those orbs), this seems like a very bad and dangerous idea. Even if the odds of a terrible mistake are very low, if you roll the dice enough times, you will eventually roll badly.
Personally, I wouldn't touch any of this at all. I'd feel more comfortable having the entire internet think I'm not human than expose myself to this sort of thing.
How is the hash of an iris scan "sensitive biometric information," any more than a CCTV camera at your coffee shop, or the government minting your ID? It is a hash, for god's sake.
It is more privacy preserving than the latter two, or any currently known proof-of-personhood currently in existence - while still accomplishing the goal of proof-of-personhood.
The hash is sensitive because it's a (reasonably) unique identifier that has been assigned to you.
> any more than a CCTV camera at your coffee shop, or the government minting your ID?
It's not, fundamentally, but that's not an argument in favor of things like this. The less of this sort of thing, the better.
But a big difference is that my local coffee shop is, you know, local and not likely to be sharing the images with anyone as a routine matter, and they certainly aren't correlating the images they capture with my identity.
The difference with government ID is twofold: it's the government, which means it's not optional. Second, it's the government rather than private entities. I can have some sort of influence over my government. I have zero influence over private entities. So while I don't like it in either case, I prefer the government-issued ID over something done by companies.
> while still accomplishing the goal of proof-of-personhood.
I'm not sure why this is a goal that is so important that it's worth any reduction in privacy.
The hash is less sensitive than literally any other proof of personhood currently in existence. Go ahead, try to name a proof of personhood that's more private than a hash.
You seem to be framing this as a reduction in privacy but it is quite the opposite.
You can be informed on the subject and still think this is an awful idea.
Even if I took their word that it’s “private enough”, it’s still a world-scale project to solve a vague problem with a broken-on-the-face-of-it-literally gimmick.
For me, the real-world need for such a thing in the first place. It's not often I dismiss something as a solution in search of a problem, but I think that's what this is.
I don't eat pork, I don't like the taste (except bacon but that's beside the point). That doesn't mean I think pig farmers are solving a vague problem. I hadn't heard of this coin before today, and as mentioned I don't like this specific solution but I don't think the problems are vague at all.
You might trust your current bank, but are you confident that you can start any kind of legal business you want? Payment providers have shutdown completely legal customers for political reasons. Would it be nice to anonymously sign a vote? Or change it after the fact? Verify that a vote (as opposed to paper ballot) is valid? Absolutely. UBI shouldn't need an explanation for what problem it solves.
I mention other problems something like this could solve in another comment[1] if you're interested. I think many people today are quick to dismiss good ideas just because it involves crypto, it's a shame.
I don't think voting is a great use case for this. Surely, if you're concerned about fraud in voting, simply being able to prove the voter is a person is insufficient. It wouldn't stop double-voting, etc.
Anti-spam? That seems like shooting mosquitos with missiles. And I doubt it would be that effective at spam prevention. Spammers will just start paying tons of actual people to vet the messages as coming from real people, much like how captchas and the like are circumvented.
> And most use cases in which you're required to present an ID.
We already have ID for that. And surely, in those cases, what is trying to be established isn't just whether or not you're human, but which specific human you are.
I've also heard that it's useful to administer UBI (just to round out your list), but UBI is a thing that -- at least in the US -- is but a vague dream, not anything that's realistically going to happen anytime soon. And even if it is, I don't think a system that just demonstrates proof-of-humanness would be sufficient.
Why not? One vote per human is trivial. Just read the last entry before the poll closes. Solved. That's how we do it today, with paper ballots.
> We already have ID for that
While modern IDs have biometrics they aren't usually validated as such. Just a quick glance is more common. It can be circumvented and fake/borrowed IDs are common.
> UBI is a thing that at least in the US -- is but a vague dream, not anything that's realistically going to happen anytime soon
Only because of lack of understanding and FUD. I agree that the US has a long way to go but in Europe where we have working welfare system UBI would save billions in administration costs. We already have it but with strings and hoops. I don't think a country where an ambulance ride costs a monthly salary should serve as an example to that argument. That's like claiming police is worthless because -- at least in Saudi Arabia -- is but a vague dream, since they're so easily bribed.
That's only true in the case when you're willing to put in the effort to prove/disprove yourself, which the parent commenter is clearly unwilling to do.
Otherwise you're just ignoring someone that is objectively more knowledgeable than you, which is quite lame indeed.
This is a 'guns don't kill people' argument, which historically has been a bit more complicated than that. Humans are not context-free actors independent of their environment - our environment shapes us. And the argument here is that this technology would create an environment that would have a tendency to bend us into a shape we may not like.
If you'd like to ask anyone in the Human Factors space for literature on this topic they'd be happy to load you up with so many books it'll break your arms.
Thats a bold claim, especially when TFA has this quote:
>Proof of personhood is valuable because it solves a lot of anti-spam and anti-concentration-of-power problems that many people have, in a way that avoids dependence on centralized authorities and reveals the minimal information possible.
>If proof of personhood is not solved, decentralized governance (including "micro-governance" like votes on social media posts) becomes much easier to capture by very wealthy actors, including hostile governments. Many services would only be able to prevent denial-of-service attacks by setting a price for access, and sometimes a price high enough to keep out attackers is also too high for many lower-income legitimate users.
Now you could say and then what, but I remember about 10 years ago when all discussions about how to fix email got shutdown by counter posts with that form letter, nothing changed in the open source world and then Google went ahead and solved the problems by doing some of the things that went against the consensus of the letter and today its so hard to run your own email that most nerds don't.
If we do not get a handle on the fake-person situation, how knows if it will even be possible to run your own Mastodon in 10 years?
Now I really hope that it isn't the case that WorldCoin is going to solve this problem (personal preference: the govenments of the world solve this by signing keys of citizens, enabling key rotation and the ability to ban keys signed by countries that abuse your service), but don't kid yourself that there aren't people who would want to use such a service or that it doesn't solve an actual problem.
It always comes down to trust. With WorldCoin you have to trust a private company which in turn trusts random "Orb Operators" to operate the Orb devices which you again have to trust. For a system which wants to be used for UBI and voting the incentives are too strong to not to abuse this big amount of required trust.
It doesn't matter if the source code and hardware plans of the Orbs are made public if we can't inspect a given Orb. Who's to say if that Orb doesn't generate 10% more IDs for someone than real ones.
And then there is the inflationary nature of the coin itself due to the weekly issueance of coins for each user. This gives an incentive for the people behind the project like Sam Altman and Andressen Horowitz to cash out their part. They allocated 20% of the whole supply to themselves. A quarter billion dollars was put into the project and you can bet they'll want a good return on it while trying to portrait it as something like a charitable project.
I think that’s dead on arrival in the US. Having been raised in a conservative evangelical church, there’s the notion that in the “end times”, this kind of thing (referred to as the “mark of the Beast”) would be required to buy and sell goods, at the cost of eternal damnation for getting the mark. The linked webpage is nightmare fuel for the many tens of millions of Americans in such churches. Everything about it is a giant “here come the end times!” dog whistle, even if it wasn’t meant to be.
Also, why do we suddenly need to prove who’s an actual human? Is that going to change how I talk to chatbots on company websites? Is there the laughable notion that this won’t be immediately subverted by social media bot accounts so they can prove that they’re real people? What exact problem does this solve?
Also also, sucks if you’re blind, I guess. Now having eyes is new our fundamental definition of being a human. I’ll snag a few of these for my pets, who’ll be happy to know they can be official people on the Internet.
> Having been raised in a conservative evangelical church
What's their stance on Usury [1]? I have no doubt that if say tax credits were tied to having World Coin as opposed to a SSN that they would end up going along with it.
But to channel the scary pastors of my youth, “that’s also a sin, and people shouldn’t do that, but I’m not going to sit back and let the One World Government roll out the mark of the Beast!”
If you want to see how quickly a quarter of the US can organize and mobilize, things like this are a great way to find out.
Voting on a decentralized platform. Decentralized governance and decentralized UBI in general.
> Also also, sucks if you’re blind, I guess.
Blind people tend to have irises. Even when both eyes are missing - the article mentions other ways to verify proof-of-personhood (at the expense of privacy compared to iris scans.)
> A decentralized platform is verifiable and less prone to being rigged. All that's missing is proof of personhood.
That seems to be an extraordinary claim, and I'm skeptical that 1) it's true, and 2) that's all that's missing.
In short, I've voted for many things in many contexts in the existing world. I don't think I've ever bumped into a problem with voting that any form of a decentralized platform would have improved.
> You are picking a really tiny edge case and saying the entire system can't work because of this.
It's just the first example I thought of. I'm sure that 8 billion people could crowdsource all source of other edge cases.
> You aren't considering the possibility that the edge case can be adequately resolved with enough thought and investment.
I wasn't the one making the proposal. The onus is on the proposer to explain how they're going to deal with the edge cases and convince the rest of us that this is a real, thought-through idea.
> That seems to be an extraordinary claim, and I'm skeptical that 1) it's true, and 2) that's all that's missing.
Are you aware of how decentralized computers work? Every computation can be verified by every participant. It's objectively true that such a platform would be less prone to being rigged.
And completely horrible for anyone who values anonymous voting.
For instance, under no circumstances, ever, do I want it to be possible for guys with machine guys to show up at my door and "help" me verify that I voted "for the right person". Any proposal that would make that possible is a human rights disaster and can be dismissed.
What makes you think voting would be non-anonymous? Of course it could be anonymous.
Your understanding of cryptography as it related to decentralized systems seems to be limited, and you're reaching wildly misinformed conclusions. You have a strong opinion about decentralized systems being bad and haven't bothered to actually learn the area before making statements like this. Monero is an example of an anonymous decentralized system. There are plenty of anonymous decentralized systems and nothing precludes a system with proof of personhood also being anonymous.
I understand very well how all this works. I just think it’s a bad idea.
You can’t have vote verification and anonymity at the same time. Either your vote goes into the anonymous, aggregated pool of all votes, or it’s possible for you to look yours up afterward to make sure it was recorded directly.
That latter option has fire real-world consequences, and any system that allows someone (and especially the people looking over their shoulder) to see their choices is dead on arrival.
The ability to verify votes after casting them isn’t just unneeded: it’s completely unwanted. It’s the sort of thing that gets people killed, and that’s not hyperbole.
There needs to be decentralized ID using an open protocol with any vendor able to join. The quality of those vendors will be based upon which firms trust them. I do think blockchain makes sense here, because the trust layer is decentralized and the native cryptographic signing primitives means it can’t be spoofed nor manipulated in a proprietary database locked from the public.
No idea if world coin is a workable solution, but I would like to be able to conduct KYC a single time and then selectively reveal my information to necessary parties, ideally only as a confirmation rather than data transfer. Why I have to constantly scan my ID for various vendors is absurd.
It’s for AML / Know Your Customer which financial institutions need. But extend that to everything - I’d rather not reveal my phone number if all you want to know is that I have one verified.
I share the sentiment. It's sad that given the tools available to securely verify someone without exposing PII we still scan people's ID and shrug when they get leaked/resold/etc. (By design, of course)
Complete reliance on biometrics to establish “personhood” is not only ableist but also opens some really frightening doors to future bad actors, like the removal of eyes as a means to revoke access/rights.
Let’s reduce an oppressor’s canvas of options rather than extend it further into our bodies.
I still haven't seen anyone address the question of how the orb will determine that I am one person, and not two one-eyed persons. It seems like by chosing something that most people have two of, people can easily create a left and right identity.
Part of me wants to snark at just how far the crypto people have fallen, from “we are going to build a completely private and anonymous economy free from government control” to ”of course you have to be subject to mandatory retinal scans to engage in commerce”, but that wouldn’t really be true. The sad truth is that they don’t really have a choice and neither does anyone else: basically everu web technology will have to implement something like this eventually, because the space is just so overrun with bots and spammers. And it’s only going to get worse as LLMs get better.
People are free to build whatever they want on permissionless blockchains like Ethereum, which is way more open to experimentation and new things (like zero-proof knowledge) than Bitcoin ecosystem, which has more cypherpunk roots.
Buterin reminds me a little of string theorists in physics. There is a lot of intellect but they have chosen to chase something that doesn't produce anything really useful despite a ton of effort.
Ethereum may not be useful to you but it is very useful to me and many others. It will become even more useful in the future as people learn what happens when your money is centralized to one particular government, based on nothing at all, and just keeps getting printed more and more of.
I think crypto solving this issue is definitely of value. How many wars were started by a government debasing their currency and having to start a war to fix it? I'd say a lot of them.
Yup. One thing that I find respectable about Ethereum, contrary to what many Bitcoiners say, is that it’s always trying to find the minimum viable issuance, with less and less issuance, that makes the chain work effectively.
Bitcoin on the other hand, was a one time deal with the 21 million, but the original economics thought up by Satoshi was forever changed after the blocksize was constrained in 2017, and now, there’s a high risk that there won’t be enough transaction fees in the future to support Bitcoin, even with Lightning Network.
> I think crypto solving this issue is definitely of value.
I am far from convinced that cryptocurrencies are actually a solution to this, but even if it is -- at what price? Not all solutions are worth the cost. I am not saying cryptocurrency would fail this test, but I am saying that it's a mistake to proceed without a genuine cost/benefit analysis.
I bet crypto will have the same problems any other type of money has once it gets widely used. I don’t see anything in crypto that can solve our current problems.
I remember a long time ago, on a talk by Benoit Mandelbrot, who visited my university in what may have well been a "Farewell Tour"
that towards the end he says: but the only "practical" application is gaming financial markets, and proceeded to talk about his work in this area; or something like this, my memory is a bit vague. I remember feeling disappointment.
In theory, the biometric data collected and hashed is unique to a particular person, and therefore non-matching hashes of biometric scans validates that 57 accounts represent 57 unique people rather than one person signing up with a lot of different monikers, email addresses or phone numbers or bank cards
Like a social security number, except relying on the worthlessness of the handout "currency" and other perks to defend against subversion instead of the long arm of the law....
The particularly awkward phrasing is inevitable in a subculture that already has "proof-of-work" and "proof-of-stake" and claims that the proof doesn't reveal your "identity". Of course, the reality is that most people won't feel the need to prove their "personhood" to a VC backed crypto startup by getting their eyeballs scanned, not even for daily handouts of tokens with no purchasing power
If you're going to talk about collectable data then your first visit on the security tour should be replay attacks.
Every idiot who comes up with a biometric solution does not want to talk about replay attacks (which is why they get the moniker), and it should be the first thing we talk about.
I have only read about Worldcoin from comments on Hackernews so I was surprised by such a balanced take on it from Vitalik. I'm not necessarily in favor of it now, but it doesn't seem quite as evil as I had previously believed. I'm not ready to scan my iris or anything, but I'm pretty interested to see how this will go.
Interesting, I didn't know the space was thinking about proof-of-personhood. I've been entertaining the thought of something similar for years, to solve a lot of the problems we face.
A rough and very simplified version of the way I see it working is:
- When someone is born a private-key is created just like an SSN today and a fixed amount of coins are created on that "wallet"
- The amount would be based on the actual resources of the planet that are reasonable to spend during a life (inspired by Jacque Fresco and his Venus Project)
- The protocol would have a negative income tax set at a threshold where basic needs are met, so the broke would get UBI, the rich pay taxes
- Progressive tax to prevent ridiculous hoarding where the top 0.1% own almost everything (hoarding finite resources is a work around still to be solved)
- When someone dies that money could still be inherited, or when no next of kin and no will exists distributed to the poor as UBI
- Exploiting global resources would and should be costly
- There could still be corporations but they wouldn't create new coins
I see this solving a lot of problems:
- No more printing money to solve short term problems
- Everyone starts their adult life with some coin that could go towards education, drivers license etc
- No more tax havens since taxation is built into the protocol
- No more need for many of the government agencies we have today, reducing need for taxes
- Encourages a more circular economy with less waste
It's not perfect but I think it would be a nice compromise between the endless discussions of socialism vs capitalism.
What this technology needs to succeed is some kind of scary worldwide disinformation plot that scares everyone into adopting it.
I don't think the Internet filling up with AI spam is scary enough, we need to dream bigger on this one.
Whatever the plot is, I think people should remain indoors while it's going on and watch their televisions or iPhones.
Next, we could make people scan their eyeballs before they eat at restaurants, go to the gym, or perhaps even visit the mall or ride the subway. We could have a greeter at every door who points the orb at you before you go in. This will create jobs, and also drive up the price of stanchions and someone can at least profit from that.
Finally in a few years we could relax the restrictions because the human population will be accustomed to KYC before every transaction.
