What is Proof of Personhood (PoP)?
Proof of personhood (PoP) is a mechanism aimed to address the issue of fake identity in the digital age — showing there is a unique human behind an identity.
The method has gained traction in the decentralized world of cryptocurrency, where attackers can exploit the open and democratic nature of blockchain systems and create multiple fake identities to manipulate voting or rewards.
PoP can also ensure that each unique human participant in a project gets an equal vote and share of rewards. In contrast to other popular consensus mechanisms, such as proof of work (PoW) or proof of stake (PoS), PoP does not tie voting power or rewards to economic investment, further democratizing the system.
The need for PoP verification systems arises from the looming threats to individuals’ identities. Identity fraud, although not a new problem, has become a societal issue, posing substantial risks to people’s financial well-being and overall personal security.
Why is Proof of Personhood (PoP) Needed?
Proof of personhood is intended to identify the humanness and uniqueness of individuals participating in a system. It is a solution to the threat against Web3 democracy when people use bots to manipulate voting outcomes.
PoP can also be considered a direct response to the growing issue of Sybil attacks. A Sybil attack is a kind of security threat on online systems that involves one person creating multiple accounts, nodes, or computers in a bid to take over the network.
Currently, CAPTCHAs attempt to rate-limit automated Sybil attacks by using automated Turing tests to distinguish humans from machines. While the method has been partially successful, CAPTCHAs still allow one human to obtain multiple accounts or shares of a resource simply by solving multiple CAPTCHAs in succession and thus do not satisfy the one-per-person goal in proof of personhood.
Aside from CAPTCHAs allowing people to obtain multiple users, this method has other issues. For one, many users who are visually impaired or have learning disabilities may struggle to complete the puzzles.
The rapid rise and development of artificial intelligence (AI) technologies further highlight the need for PoP verification systems. As AI becomes more intelligent, the ability to differentiate between human and AI-generated content online is becoming crucial.
PoP Verification Samples
Proof of personhood (PoP) can be used to verify identity in numerous ways. Here are some of the more popular methods:
1. Biometric Verification
Specific platforms use biometric verification techniques like facial recognition or other biometric data to prove personhood and confirm user identity. These biological identifiers include fingerprints, hand and earlobe geometries, retina patterns, voice prints, and written signatures.
For instance, Sam Altman’s WorldCoin project employs iris scanning to confirm a user’s identity. While this method can be powerful, it also raises privacy concerns as individuals must trust platforms with sensitive personal information.
2. Physical Verification Methods
Another way to verify your identity is through physical verification, mainly through attending Web3 events or physical gatherings. In this case, attendees may receive tokens or non-fungible tokens (NFTs) representing their verified status at the event.
These tokens are non-transferable, also known as soulbound NFTs. As the name implies, soulbound NFTs cannot be transferred or traded but are instead tied to the user’s account and represent their credentials, affiliations, and even achievements.
3. Time-Locked Wallets and Activity
A different approach in PoP verification involves users locking up funds for a specified duration to monitor their activity over time. This can provide evidence of uniquely human behavior, adding an additional layer of verification to combat Sybil attacks. However, this method is not foolproof.
4. Use of Zero-Knowledge Proofs
Zero-knowledge proofs (ZK-Proofs) allow users to prove specific attributes about themselves, such as age or nationality, without revealing the actual information. This can be implemented in a decentralized system where users prove their uniqueness without divulging personal details.
Popular PoP Projects
Numerous projects are working on blockchain-based identity protocols that empower users to control and prove their identity without relying on a central authority. These protocols can be integrated with various decentralized applications (dApps) to ensure consistent proof of personhood across a network.
While WorldCoin has recently gained attention regarding PoP, the concept is not entirely new. In 2014, Vitalik Buterin proposed developing a “unique identity system” for cryptocurrencies. From this idea, PoP evolved, resulting in several projects utilizing this technology, including the following:
- Gitcoin Passport: The project collects ‘stamps’ from Web2 and Web3 authenticators, serving as credentials for cross-platform identity verification without sharing private information.
- Idena: It involves participating in a CAPTCHA game at a designated time to prevent multiple participation, creating and verifying CAPTCHAs that are used to verify others.
- Proof of Humanity (used by Gitcoin Passport): The project combines webs of trust with reverse Turing tests, implements dispute resolution, and creates a sybil-proof list of humans.
- BrightID: Conducts video call “verification parties” with other users for mutual verification, offering higher verification levels through the Bitu system, requiring enough Bitu-verified users to vouch for an individual.
- Worldcoin Project’s World ID: An open, permissionless identity protocol that anonymously verifies human identity online utilizing zero-knowledge proofs.
- Circles: Verification is done through vouching by an existing Circles user, creating a trust graph of relationships to verify an individual’s trustworthiness.
- Civic Pass: It offers on-chain and cross-chain identity management and is available to businesses, users, and developers. It enables web3 trust with access control in dApps, decentralized finance (DeFi), NFTs, etc., and includes automated market makers, allowing users to own a portable identity for decentralized web exploration.
Downsides to Proof of Personhood
While PoP offers innovative ways of confirming digital identity and authentication, there are also certain downsides associated with it, including:
- Privacy Concerns: Protecting personal information is crucial, and although ZK-Proofs help alleviate some privacy concerns, individuals may still hesitate to participate in PoP verification without a guarantee that their data is handled securely.
- Cost and Complexity: Building and maintaining a decentralized PoP system that is secure, reliable, and universally accepted can be expensive and technically challenging.
- Theft or Misuse: Utilizing biometrics, such as facial recognition, can provide unique identification, but it also raises potential issues, including data theft or misuse.
- Authentication Errors: Similar to any authentication platform, there is a risk of false negatives (real persons denied authentication) or false positives (non-human entities authenticated), undermining the effectiveness and fairness of the platform.
The Bottom Line
Proof of Personhood (PoP) offers an innovative way of verifying identities in the digital age. In blockchain applications, the method can ensure that each unique human participant gets an equal vote and share of rewards, helping democratize the system.
While PoP offers several advantages, it also comes with certain downsides. For one, there may be unavoidable privacy concerns. Other issues with this method include cost and complexity, risk of data theft or misuse, as well as authentication errors.