Ethereum’s Vitalik Buterin Skeptical of Worldcoin’s Privacy with Iris Scans
Key Takeaways
- Decentralized ID platform Worldcoin releases its native token.
- Protocol provides digital passports tied to a physical iris scan.
- Web3 divided over pros and cons.
Decentralized identity platform Worldcoin launched its ecosystem token, grabbing headlines as opinions remain divided about the potential positives and negatives of the blockchain-based digital passport project.
Major cryptocurrency exchanges including Binance and Crypto.com announced support for the WLD token upon its launch. The token is tied to the Worldcoin ecosystem, which users receive upon creation of a privacy-preserving digital identity (World ID).
In order to create a World ID, users have to have their biometric data captured. This is taken in the form of an iris scan carried out by Worldcoin’s proprietary, high-tech optic Orb hardware.
The long term vision of the project would see Orb’s being built and distributed around the world, allowing users to create their own World ID’s which can be used for a myriad of use cases.
World ID’s act as a “proof of personhood” that make use of zero-knowledge proofs (ZK-proofs) to protect the underlying data, including biometric, KYC and AML data. WorldCoin will also enable users to “reserve” their respective IDs with a phone number in select countries, with an iris scan required to complete the process and receive a World ID.
The concept of proof of personhood is not new to the blockchain and cryptocurrency ecosystem, as Ethereum co-founder Vitalik Buterin addressed at length in a thought-provoking essay centered around the use case.
Unpacking Worldcoin
Buterin delves into the technicalities of proof of personhood blockchain protocols and the potential benefits and pitfalls of projects that are blazing a trail for the use case.
The Ethereum co-founder highlighted two key focal points of proof of personhood protocols, namely proving human identity and potential being a means to distribute universal basic income in the future.
“Worldcoin is unique in that it relies on highly sophisticated biometrics, scanning each user’s iris using a piece of specialized hardware called “the Orb”.”
As Buterin explains, WorldCoin Orbs are set to be distributed around the world to allow users to create their respective digital ID. He also highlighted privacy and security concerns around the Orb, design issues regarding its native token and some ethical concerns around whether biometrics “are a good ideal at all”.
The protocol was originally deployed on Polygon in its beta phase, while the current version runs on the Ethereum mainnet using a scalable batching architecture through layer 2 protocol Optimism. The project has over two millions users enrolled.
Socioeconomic Considerations
As Buterin continues to explain, Worldcoin aims to produce Orbs to be widely distributed around the world in public spaces that will make digital IDs accessible for anyone to get.
Buteriun crediting Worldcoin for committing to decentralizing through a variety of technical aspects , including its architecture as a layer on Ethereum using Optimism’s scaling SDK. Worldcoin also makes use of privacy centric zero-knowledge proofs, which allow a person to prove ownership of a credential without revealing any of the underlying data.
Nevertheless, efforts to ensure decentralization do not detract from criticisms against the protocol which Buterin highlighted, including privacy and security concerns around the Orb, issues with its WLD tokens and ethical issues relating to company decisions.
Buterin opined that broader considerations around biometrics and proof of personhood projects are “a good idea at all”:
“Risks include unavoidable privacy leaks, further erosion of people’s ability to navigate the internet anonymously, coercion by authoritarian governments, and the potential impossibility of being secure at the same time as being decentralized.”
Four Major Risks
Buterin’s essay outlines four major risks that come to mind when considering Worldcoin’s approach to proof of personhood.
The first is privacy and whether the registry that contains human iris scans may reveal information:
“At the very least, if someone else scans your iris, they can check it against the database to determine whether or not you have a World ID. Potentially, iris scans might reveal more information.”
World IDs are not easily accessible and may not be reliably accessible around the world unless the hardware is mass produced and easily accessible.
Buterin highlights centralization as another risk, considering that the Orb is a hardware device which leaves users with no way of verifying that it was built properly and doesn’t have “backdoors”:
“Hence, even if the software layer is perfect and fully decentralized, the Worldcoin Foundation still has the ability to insert a backdoor into the system, letting it create arbitrarily many fake human identities.”
Security is the fourth risk, with Buterin pointing to scenarios like mobile device hacks or social engineering schemes:
“Users could be coerced into scanning their irises while showing a public key that belongs to someone else, and there is the possibility of 3D-printing “fake people” that can pass the iris scan and get World IDs.”
Buterin also joked that despite the “dystopian vibez” of staring into an Orb to scan your eyeballs, the specialized hardware systems “can do quite a decent job of protecting privacy”. However this comes with the caveat of the centralization required to produce and manage the hardware.
Security Issues of Proof of Personhood
As a gauge of where the proof of personhood ecosystem is at, Buterin also provides a handful of concerns that affect projects of similar designs.
This included the possibility of 3D-printed fake people, where a user could use AI to generate photographs or even 3D prints of fake people that are convincing enough to get accepted by the Orb software.
“If even one group does this, they can generate an unlimited number of identities.”
Buterin also suggested the possibility of selling IDs, where one user provides someone else’s public key instead of their own when registering, giving that person control of their registered ID, in exchange for money.
“This seems to be happening already. In addition to selling, there’s also the possibility of renting IDs to use for a short time in one application.”
Phone hacking is another risk, giving an attacker full control of a users World ID. Lastly Butering also says there’s a risk of a government forcing citizens to get verified while showing a QR code belonging to the government.
“In this way, a malicious government could gain access to millions of IDs. In a biometric system, this could even be done covertly: governments could use obfuscated Orbs to extract World IDs from everyone entering their country at the passport control booth.”
While some of these dystopian risks sound far-fetched, Buterin believes they are points that have to be carefully considered as the drive to create proof of personhood protocols that are beneficial, secure and privacy-preserving
