# How Proof of Humanity Can Succeed Proof of Humanity could become a world-wide standard that allows the decentralized applications of our future to be influenced by people rather than money. If we can't count people, people won't count! How do we make it happen? We can accelerate Proof of Humanity's growth by including as many people and projects as possible. [The more we have, the faster others will join](https://www.youtube.com/watch?v=GA8z7f7a2Pk). Everyone will want to use the identity system that everyone is already on because it's convenient. So: we should include as many people and projects as possible. PoH should be **maximally inclusive**. ## Maximally including people Participating in Proof of Humanity should be: - **Free**: for people without much money - **Fast**: for people without much time - **Easy**: for people who don't have a ton of technical knowledge - **Open**: to people who don't already know someone in the registry - **Safe**: for people who want to remain anonymous [1] - **Accessible**: for people who don't know English/Spanish or who have a speech disorder | |Current Reality|Possible Future| |------|---|---| |Price |~$300 deposit, ~$100 in gas |~free| |Time|~30 minutes across 3-4 sessions |~3 min| |Skills required|uploading photos and videos, navigating crowdvouching google sheet, DMing in telegram to schedule a vouching session, prereading instructions carefully, metamask...|metamask| ## Maximally including projects Projects that integrate with PoH will want: - **Smooth UX**: that lets users easily identify with proof of humanity and then immediately return to the application. Perhaps a "Prove You're Human" button? - **Great APIs**: simple, well-designed, concisely documented - **Ubiquity**: long term, PoH identities should be easily usable on any chain or service (centralized or decentralized) - **Credible longevity**: projects will only integrate with PoH if they believe it will be around for a long time ### Credible longevity Proof of Humanity's future is mainly guaranteed by its **big, active, caring community**. Aside from that, it's important that PoH is: - **Scalable**: has a plan for eventually growing to 1B+ people - **Sustainable**: can pay for its own development and maintenance - **Decentralized** - **Secure**: against sybil attacks --- # Technical details ## How can registering take only ~3 minutes? It might be possible to allow someone to register in a single short web session by changing the user interface and registration rules: - **Remove need for a tutorial**: the tutorial is great, but we should make registering so intuitive that you can just go through it without reading anything ahead of time. - **Remove the photo step?** the video already contains many de-facto photos! (we may need to keep the photo because it's often higher quality, which is likely helpful for facial recognition.) - **Record video in browser**: don't require a separate upload - **Don't require making a sign:** - All that we need to know is that the person in the video is specifically signing up for their public key - We could instead ask people to say aloud a sequence of words like "elephant blue door dog tree" which are derived deterministically from their public key. (People who have impaired speech could write these words on a piece of paper instead) - **Automatically check validity**: e.g. along the line of [Justin's suggestions](https://gov.proofofhumanity.id/t/list-of-ux-ui-submit-profile-ideas/437) - **Real-time crowdvouching**: - The PoH crowdvouching telegram group is awesome. - We could make it part of the default registration flow: once a new registration is ready, we can ping community volunteers to find someone ready to immediately connect with them over videochat (the registrant could do the videochat right from their browser) - After the videochat closes, the community volunteer can thoroughly check that the application is valid, and if so submit their vouch. - **Automatic deposit**: if someone makes it through the vouching process, we can automatically deploy some community capital along with their registration - **Automatic advancement**: e.g. don't require the registrant to come back and send a new transaction after the challenge period is over — after it ends, accept them automatically, and start giving them UBI automatically. - **Usability makeover**: right now, for example, it's not that obvious that the first step to registering is to press the "connect" button. ## How can registering be free? It would be necessary to migrate PoH into an L2 which is more scalable and whose security is still fully guaranteed by Ethereum. - Space in calldata only costs 16 gas/byte; registration probably takes order 100-1000 bytes, which at 100 gwei/gas and $2000/eth works out to $0.30–$3. - This fee is small enough that the community could just subsidize it. - If gas fees increase too much, we could rely on off-ethereum solutions for data availability and only verify zk proofs and store merkle roots on ethereum. The registration bounty can be automatically crowdfunded as part of registration: once a community notary determines that an application seems valid, it can be funded from an ongoing pool of community capital (hey! is this LITERAL social capital? :D). The amortized cost per registrant would be tiny. ## How can people participate anonymously? **NOTE:** the following protocol is *totally unaudited* and *almost certainly suffers from problems*. Zero-knowledge proofs make anonymous participation possible. When someone wants to prove for a particular purpose that they are human without revealing *which* human they are, they could generate a proof of: - knowledge of a `private_key` whose corresponding public key is registered with proof of humanity and will not have expired by a particular block, and - the result of `hash(purpose_id + vote + private_key)` where `purpose_id` is a simple string which is e.g. specific to a particular election and `vote` is how they would like to vote (e.g. `0` or `1`) and - the `purpose_id` and `vote` values. This would allow projects to verify that someone is *a* member of PoH, but not *which* member they are. The hash output can be used to prevent someone from voting more than once for a given purpose. Note that this protocol is *not* coercion-resistant. Three complications: 1. Verifying zero-knowledge proofs on-chain is expensive. - Could batch by generating a zero-knowledge proof that other proofs are valid (as seen in Mina and Starkware), and verify the metaproof on chain. - Or, could have a bonded third party service that validates proofs off-chain and signs ones that are valid. - The third party's bond could be ganked by anyone who successfully challenges the validity of the proof on-chain (which could be done just by submitting a proof which is invalid and also was signed) - Dapps would need to handle the rare case where the vote needs to be re-run due to the third party being slashed - To reduce the odds of needing to cancel a vote, could have `n` third parties of which `k` signatures are required; this would make it harder to cancel a vote by manipulating signing services. 2. It's not simple to prove that an Ethereum private key corresponds to a given public key, because Ethereum's elliptic curve (secp256k1) is not very amenable to zero-knowledge proofs. A workaround: - We could include an extra piece of information with each PoH registration: the zk-friendly hash (e.g. Pedersen) of an additional secret. - To prevent the user from needing to expressly record and keep track of this additional secret, we could take it to be the [metamask signature](https://docs.metamask.io/guide/signing-data.html#sign-typed-data-v4) of a static string. - It would then be possible for a zk prover running in [WASM in the user's browser](https://github.com/iden3/wasmsnark) to prove that they're in possession of the secret input to the hash which is included in an active PoH registration 3. Proving a Ethereum sha256 merkle path would be expensive; we could maintain our own snark-friendly merkle tree. (If PoH is running in an L2, we'd need to maintain our own merkle tree anyway.) Designing/implementing this system well, and making it usable, and coming up with good APIs for decentralized applications to integrate against would be a huge challenge. ## How can PoH be decentralized? - Registration documents (photos/videos) need to be archived somewhere with cryptoeconomic guarantees (e.g. on Filecoin) - Adjudication protocol tokens (PNK) need to be broadly distributed among many active jurors ## How can we ensure security? We could offer bounties for people who manage to trick us: if you can register twice, then prove *that* to us in order to win a prize! This would teach us our own vulnerabilities, which is a key to solving them. Open problems: - **Doppelgangers**: What happens once we have 50 million registrants, and each new applicant looks *very similar* to 50 people who are already registered? Even facial recognition algorithms and humans working together might not be able to tell if someone is already registered or not. - **Illicit identities**: How do we handle people paying someone who isn't in the registry yet for the right to take a photo/video of them? This seems hard to prevent, and could mean that the cost of owning an entry in the registry is <$10. - **Deepfakes**: What's our plan for when deepfakes get really good? ## This sounds awesome, how can I help? Proof of Humanity is hiring! In particular it's looking for a strong software engineer (how would you like to be the first person in history hired by a one-vote-per-person open democratic decentralized autonomous organization?) Come get involved! - https://t.me/proofhumanity - https://gov.proofofhumanity.id/ - https://snapshot.org/#/poh.eth - https://gov.proofofhumanity.id/t/hiring-developer/300 --- [1] thanks Paula for highlighting the importance of this!
Last changed by  
RoboTeddy
1904

Read more

Practical StarkNet lessons learned

About this guide This guide will probably be most helpful for people who have already used StarkNet some. I've been implementing a project on StarkNet full time for the past 3-4 weeks, and this contains some of the lessons learned. Questions or suggestions: ping me on twitter @RoboTeddy. Sidebar for anyone who is new to StarkNet Public Service Announcement: You don't need to understand how STARKs work in order to use StarkNet! Thanks to hard work by the Starkware team, you can just learn and use Cairo (a programming language) and StarkNet (a place to deploy programs written in Cairo). The best way to learn is by following the StarkNet documentation. You can learn any Cairo you need as you go by using the Cairo documentation and completing exercises in the cairo playground.

1/10/2022
Let's make it easier to register by using registration phrases instead of signs!

The problem with signs A lot of challenges these days are due to mistakes people make in their signs. For example, of the 13 registrations that are challenged while I'm writing this, a whole 10 of them (77%) are about problems with signs: https://app.proofofhumanity.id/profile/0xc19c81a04055c1e398f52e7cc28b4c39d3b0e2c9 https://app.proofofhumanity.id/profile/0xe98829b18767db78434cde5c0367225444e32b85 https://app.proofofhumanity.id/profile/0x0589a39ae8b8b5f09d1e19af08b2190009d4a294 https://app.proofofhumanity.id/profile/0xe385fa81138e777a7ce46e44c4f0aa10ad78e2dd https://app.proofofhumanity.id/profile/0x8377548a05081ab027ee3b5bff208bd3c40a40fa https://app.proofofhumanity.id/profile/0xe11d5a0e63af66befc7c0b228c122323a600efff https://app.proofofhumanity.id/profile/0x9e1fe3cbdcfd651059da35b781c73083563a1bfc

7/31/2021
The economic security of Proof of Personhood services

Decentralized quadratic funding, democratic voting, fair airdrops, basic income, etc depend on there being a set of keys which are each controlled by a unique person acting under their own agency. Services like Proof of Humanity, BrightID, Idena, etc attempt to provide this guarantee by having a process for approving particular keys. Economic security Ideally, it would be free for someone to obtain their first approved key, and then any subsequent approved keys would have infinite cost. In practice, there will be ways for a single person to collect more than one approved key. We can quantify security by asking how much it costs an attacker to obtain their 2nd, 3rd,... nth approved keys (we can call these additional keys illicit keys.) Let's call the cost of acquiring $n$ illicit keys $C(n)$ Let's call the value of having $n$ illicit keys $V_{attacker}(n)$

7/28/2021
Proof of Humanity: the cost of attack

The purpose of proof of humanity (PoH) is to offer sybil resistance for things like quadratic funding, universal basic income, etc. Dishonest parties that want to warp quadratic votes, receive extra basic income, etc will have an incentive to gain control of multiple proof of humanity registrations. If attacks are cheap, PoH has limited utility. A core metric for PoH: what's the market price of an illicit registration? The Puppeteer Attack The cheapest attack I know of costs on the order of $10 [1]: An attacker (puppeteer) can just pay a random person off the street (a puppet) ten dollars for the privilege of taking a photo and video of the puppet holding a sign and uttering the PoH registration sentence. The puppeteer can then take these media files and use them to generate a registration in PoH. A puppeteer could head to an area with lots of relatively poor people and use a stack of $10 bills and public key signs and collect a ton of photos/videos that allow them to register lots of times.

6/5/2021
Read more from RoboTeddy
Published on HackMD