Ethereum co-founder Vitalik Buterin highlighted four potential pitfalls of Worldcoin's iris-scanning identity verification solution, co-founded by OpenAI CEO Sam Altman, which launched its WLD token earlier today.
Buterin pointed to privacy, accessibility, centralization and security as the major risks associated with Worldcoin’s Proof-of-Personhood (PoP) construction and proposed an alternative solution to mitigate against them in a blog post on Monday.
PoP is a system designed to authenticate the uniqueness of a user in a decentralized way without relying on a central authority or revealing personal information. Use cases include avoiding Sybil attacks by preventing multiple account creation, event tickets, airdrops and DAO voting.
Worldcoin users install an app and have their irises scanned by a device called the "Orb." The Orb verifies the user's humanity and iris uniqueness, creating an iris hash. This process results in a unique "World ID" for each user, who can then prove their uniqueness without revealing their specific identity, ensuring privacy and security.
Risks in Worldcoin’s construction
As the Worldcoin project involves iris scanning, it raises substantial privacy concerns, according to Buterin. Even though the system currently only stores hashed versions of iris scans, not the actual images, and aims to protect user identity with ZK-SNARKs and other cryptographic techniques, there is an inherent risk of identity-related information being misused or leaked, Buterin said. “At the very least, if someone else scans your iris, they can check it against the database to determine whether or not you have a World ID. Potentially, iris scans might reveal more information,” he added.
Buterin also had accessibility concerns, with users needing to physically access a Worldcoin Orb to participate, limiting the project's reach. Unless enough Orbs were created so that anyone could easily access one, it could lead to an imbalance of Worldcoin distribution favoring urban centers where Orbs are likely to be more available. However, Worldcoin has previously highlighted phone number verification as an alternative to the Orb biometric imaging device.
The third risk Buterin put forward was centralization. The integrity of Worldcoin's Orb hardware device construction can’t be verified, leaving the possibility of backdoors, Buterin said. Even if the software layer is decentralized, the Worldcoin Foundation has the potential to insert a backdoor and create fake human identities, he added. Worldcoin’s governance and proprietary algorithms are further centralization concerns, according to Buterin. Though, “to Worldcoin's credit, they have also committed to decentralize over time,” Buterin added.
Finally, the security of the Worldcoin system was also a risk for Buterin. Phone hacking, coercion into scanning irises for someone else, selling or renting IDs and 3D-printed “fake people” used to dupe the scan for World IDs were examples of such risks, Buterin said. Though, these issues are not specific to Worldcoin’s solution.
Buterin did find the concept behind Worldcoin valuable, arguing that not having any proof-of-personhood systems involves risks too. But more progress on the types of systems was needed.
"The concept of proof-of-personhood in principle seems very valuable, and while the various implementations have their risks, not having any proof-of-personhood at all has its risks too: a world with no proof-of-personhood seems more likely to be a world dominated by centralized identity solutions, money, small closed communities or some combination of all three. I look forward to seeing more progress on all types of proof of personhood, and hopefully seeing the different approaches eventually come together into a coherent whole," Buterin said.
Buterin’s proposed solution
While Buterin said there was “no ideal form of proof of personhood” to address these risks, he suggested combining the three current approaches: social-graph-based, general-hardware biometric and specialized-hardware biometric techniques. Such a solution could provide a decentralized, scalable and privacy-conscious system that is secure against fake identities, he added.
Worldcoin launched its WLD token earlier today. The price of WLD surged 88% following listings on multiple exchanges including Binance, Bybit, OKX and Huobi. Last week, Worldcoin completed its migration to the OP Mainnet, an Ethereum Layer 2 scaling solution.
Worldcoin did not immediately respond to a request for comment from The Block.