# Proof of Humanity: the cost of attack The purpose of proof of humanity (PoH) is to offer sybil resistance for things like quadratic funding, universal basic income, etc. Dishonest parties that want to warp quadratic votes, receive extra basic income, etc will have an incentive to gain control of multiple proof of humanity registrations. If attacks are cheap, PoH has limited utility. A core metric for PoH: **what's the market price of an illicit registration?** ## The Puppeteer Attack The cheapest attack I know of costs on the order of $10 [1]: An attacker (puppeteer) can just pay a random person off the street (a puppet) ten dollars for the privilege of taking a photo and video of the puppet holding a sign and uttering the PoH registration sentence. The puppeteer can then take these media files and use them to generate a registration in PoH. A puppeteer could head to an area with lots of relatively poor people and use a stack of $10 bills and public key signs and collect a ton of photos/videos that allow them to register lots of times. ## How can we increase the cost of the Puppeteer Attack? *NOTE: some of the ideas in this section might not be good, but could spur thinking/discussion nonetheless* ### Require ongoing coordination/trust between puppeteer & puppet For example: some days or weeks after registration is first submitted, require the registrant to submit a second video which contains evidence of a recent block hash. - This challenge could come after a random period of time, and have a limited window of time to respond in ### Incent the puppet to defect on their puppeteer For example: Registrations could require a long-term deposit of e.g. $200 which can be confiscated by anyone who can prove (via video/voice/kleros arbitration) that they are the person depicted in the registration. Puppets would thus have an incentive to confiscate te deposits laid down by their puppeteers. - Cost to a puppeteer is roughly `deposit_size * P(defection)` - Could increase `P(defection)` by ensuring that the person in the video is educated; the video could require that they say e.g. "I know that if someone else is paying me to record this video, I can accept their money and still go to proofofhumanity.id afterwards and claim a free $200 bounty." - **Could also increase `P(defection)` by having lots of benefits available for people who are registered with PoH, e.g. valuable universal basic income, etc.** - Cost to a genuine registrant: - If the genuine registrant has at least `deposit_size` that they'd like to save/invest in crypto long term, then the cost is only `deposit_size * P(false claim) * P(false claim is misarbitrated)` - They could earn defi yield on the deposit if they wanted - They could withdraw the deposit early, although doing so would destroy their PoH registration - Genuine registrants who do not actually have `deposit_size` of capital that they want to invest in crypto could be priced out 🙁 - Side benefit: if a registrant loses their private key by mistake, they can still reclaim their own funds. (It's kind of like crowdsourced social wallet recovery.) ### Prove that the registrant personally controls their own private key - This is difficult to achieve because a puppet can be equipped with software that secretly proxies challenges to the puppeteer for signing. - Possibilities: - On videochat, while phone is in airplane mode, sign a challenge presented as a QR code - Would require registrant to have one device to run the PoH app on, and a second device for video chat (e.g. laptop+phone or phone+phone) - Could be defeated by fake hardware or rootkitted phone that pretends to be in airplane mode - Sign a QR code challenge within a very short time bound (proves that it was not relayed > certain distance due to limit of speed of light) - Would have to be done in person — huge UX cost. - Could be defeated via custom phone hardware + a puppeteer who is secretly hanging out very nearby - Notes: - Because the UX costs here are so high, we could only require this in cases where community detectives suspect that something may be off and submit a challenge that requires this extra verification. - Even if we do prove that the puppet has their own private key, it could just be temporarily loaded in memory and they might not have the skills or desire to extract it. ### Increase incentive for someone to control their own key - E.g., if UBI is very valuable, people have a lot to gain from controlling their own key. - Unfortunately, if controlling a key is valuable, then attackers 'earn' more per attack and can thus offer higher bribes. This may net out to a ~0 security increase. - We would need ways to make owning your own key differentially more valuable than someone else owning your key. - For example, maybe you need to control a key to get into some desirable in-person events. No matter how many keys an attacker controls, they can only attend once. ### Require the puppet to be willing to lie - For example: registration videos could require that the registrant say something like, "I swear that I am registering on my own behalf and that no one is paying me for this video." - Some would-be puppets may be reluctant to lie out of fear they could get in trouble. - This might be a smallish win, but it's inexpensive and additive. ### Open Question How else could we increase the cost of the puppeteer attack? ## How expensive do we need attacks to be? If an illicit registration costs $10, how much utility do we create? What about if it costs $100, or $1k, or $10k? ### Open question How can we roughly estimate the `attack_cost` -> `poh_utility` function? --- [1] The actual current cost of an illicit registration is higher, because registering on PoH consumes ~$100-200 in gas fees. Eventually though PoH should move to an L2, and this extra cost would ~disappear.