Exploring the future of Web3 social networking (2): personal identification and cryptography technology to solve user identity problems

By PAUL VERADITTAKIT, Partner, Pantera

Compilation: Deep Tide TechFlow

This article is the second in a series of decentralized social articles written by Pantera partner PAUL.

This series explores how today's technologies and trends can solve a series of problems in decentralized social networks, and provides specific explanations and explorations for each problem.

The first article in the previous issue: "Exploring the future of Web3 social interaction (1): From 0 to 1, using social graphs to complete the cold start of applications"

In 2017, a group of MIT Media Lab researchers claimed in Wired that decentralized social networks "will never succeed." In their article, they cite three impossible challenges:

1. The problem of attracting (and retaining) users from scratch
2. Issues with handling personal information of users
3. User-facing advertising issues

In all three cases, they argue, the incumbent tech giants, such as Facebook, Twitter, and Google, simply do not leave room for any significant competition due to their extensive economies of scale.

Now that the time has come, what was once hailed as "impossible" no longer seems so far away, and we seem to be at the dawn of a shift in the concept of social media networks. In this three-part series (this is the second), we will explore how new ideas in Decentralized Social (DeSo) can solve these "old" problems, including:

1. Solve the cold start problem with an open social layer
2. Use personal identification and cryptography to solve user identity issues
3. Use the token economic model and incentive mechanism to solve the income problem

In this article, the author mainly discusses the solution to problem 2.

User Identity Issues in Social Media

Modern social media faces a bot problem. While social media platforms have an obligation to uphold free speech, the issue becomes tricky when the “users” involved are not actually real users but bots.

Bots have proven to have had a major impact on public discourse, from being accused of meddling in the US presidential election to influencing public perception of COVID. Especially with an emphasis on anonymity, security, and privacy, any decentralized social media platform will inherit the "bot problem" — that is, in the age of advanced AI, how do you convince people of accounts on your platform? Is it real and not a robot?

A naive approach would be to adopt traditional KYC protocols, but this approach immediately runs into privacy issues - the other side of the problem. Why would you trust any social media platform to hold our sensitive data (from government IDs to private messages and financial transactions) that can reconstruct a person's entire personal, social and professional life?

The question of "user identity", therefore, is essentially a tension between the confirmation that users are "really human" and privacy guarantees for personal data. In this article, we explore two different approaches to this problem, a biometric approach (using zero-knowledge proofs) and a social assurance approach.

Worldcoin and Biometric Authentication

Worldcoin is one of the most famous and controversial projects in the area of the "proof of personality" problem. In addition to having OpenAI CEO Sam Altman as one of its backers, Worldcoin's solution to the "proof of identity" problem is straightforward: use retinal scans to create biometric proof that you're a human (since robots don't yet have retinas), and from that Obtain an authentication token. As for data privacy, Worldcoin claims to use zero-knowledge proofs to ensure that the biometric data obtained is stored securely.

Worldcoin's thesis is that, as artificial intelligence plays an increasing role in society, there will be a need to distinguish humans from robots in a privacy-preserving and decentralized manner. By using the retinal scan of the Worldcoin sphere, people can obtain a World ID similar to a "digital passport", making it possible for the holder to qualify for a global basic income mechanism based on cryptocurrency and participate in a new mechanism for global democratic governance. In essence, this World ID is intended to be the social primitive mechanism of the digital social network of the future.

In its documentation, Worldcoin highlights its privacy-first solutions. For example, it says it deletes images collected by the spheres, stores only hashes of users' irises, and runs zero-knowledge proofs (zk-SNARKs) to share personally identifiable information without revealing any personal data. Although at the current rollout stage, these hashes are stored in a centralized database, the team is committed to storing these iris hashes on the blockchain once the hashing algorithm is fully mature.

But despite these privacy claims, there are still many controversies about real guarantees of privacy, security, and fairness. For example, it has been claimed that Worldcoin operator credentials were stolen and World IDs were sold on the digital black market so that users could earn Worldcoin tokens without iris scans. And there's also the overall fairness issue, with MIT Technology Review publishing a scathing article in April 2022 accusing nearly 500,000 users (mostly in developing countries) of cheating, manipulating, and exploiting during the beta phase , and even called it a kind of "crypto-colonialism." In fact, as of August 2, 2023, Kenya, once one of Worldcoin's largest data collection locations, banned Worldcoin's scans due to security, privacy, and financial concerns.

In addition to these project-specific controversies, there are broader concerns about Worldcoin's overall adoption of dedicated hardware for biometric authentication. Because the sphere is basically a hardware device, even if Worldcoin's software were flawless, there would be no guarantee that there would be no hardware backdoors that would allow Worldcoin (or other third-party manufacturers) to surreptitiously collect users' actual biometric data, or insert fake profiles into the system . To skeptics, all of Worldcoin's privacy guarantees (zero-knowledge proofs, iris hashing, on-chain decentralization) seem like ironic claims.

Proof of Humanity and Social Security

Another way to solve the personal identification problem is to use the social security method. Basically, if verified human Alice, Bob, Charlie, David all "vouch" that Emily is a verified human, then Emily is likely to be a human too. The central question here is thus one of game-theoretic design - how do we design incentives to maximize "validating humans".

Proof of human identity is one of the oldest and most important projects in this field. In order to "prove your human identity", you need

1. Submit personal information, photos and videos, and a deposit of 0.125 ETH,
2. A person who already exists on the registry testifies for you,
3. Pass before the "3 Challenge Periods". If someone challenges you during this time, the case will be brought to the Kleros decentralized court and the deposit will be at risk.

During the attestation process, users are first paired with a credentialing person through a credentialing form. Once the user is paired with a credentialed person, they make a video call to verify that the profile matches a real person. As with Worldcoin's thesis, the proof of human identity community has long had the idea of a universal basic income (UBI) that would be provided to those verified on the human identity registry.

A number of other projects are on a similar path, utilizing social graphs to verify people's identities, including BrightID's video call verification where everyone verifies each other, Idena's continuous captcha creation and solving game, and Circles' trust-based circles.

Perhaps the biggest appeal of these social proof-based platforms is that they seem less intrusive than Worldcoin, which requires you to scan your iris on a metal ball. Some of these methods, like Idena’s captcha “checkpointing ceremony,” even seem to preserve a level of anonymity that doesn’t require extensive sharing of personal data or third-party identity authorities.

The Future of Human Identity

As artificial intelligence continues to advance and exhibit characteristics that are closer and closer to human behavior, it will become increasingly important to design novel proof-of-human mechanisms, not only for the incentives discussed by Universal Basic Income and many other proof-of-human projects measures, and more importantly, as a way to better sanitize and regulate future social networks.

However, the process involves many trade-offs, from data privacy to the intrusiveness of the process, to determining the validity of a human’s identity, and is one of the famous “hard questions in cryptocurrency.” As Vitalik points out, there doesn't seem to be one optimal form of human identification, and suggests a possible hybrid path: a biometric-based approach to startup, but transitioning to a more social-based approach in the long-term The graph method.

![Explore the future of Web3 social interaction (2): personal identification and cryptography technology to solve the problem of user identity] (https://img-cdn.gateio.im/resized-social/moments-69a80767fe-f030d15fe5-dd1a6f-1c6801)

Going forward, this space requires more process, code, and data transparency. In short, there cannot be the ironic paradox that users need to "believe this is a trustless solution". Only in this way can we truly create the foundation of a social network that lives up to cryptocurrency’s original vision of decentralization and privacy.