# How Proof of Humanity Can Succeed
Proof of Humanity could become a world-wide standard that allows the decentralized applications of our future to be influenced by people rather than money. If we can't count people, people won't count!
How do we make it happen?
We can accelerate Proof of Humanity's growth by including as many people and projects as possible. [The more we have, the faster others will join](https://www.youtube.com/watch?v=GA8z7f7a2Pk). Everyone will want to use the identity system that everyone is already on because it's convenient.
So: we should include as many people and projects as possible. PoH should be **maximally inclusive**.
## Maximally including people
Participating in Proof of Humanity should be:
- **Free**: for people without much money
- **Fast**: for people without much time
- **Easy**: for people who don't have a ton of technical knowledge
- **Open**: to people who don't already know someone in the registry
- **Safe**: for people who want to remain anonymous 
- **Accessible**: for people who don't know English/Spanish or who have a speech disorder
| |Current Reality|Possible Future|
|Price |~$300 deposit, ~$100 in gas |~free|
|Time|~30 minutes across 3-4 sessions |~3 min|
|Skills required|uploading photos and videos, navigating crowdvouching google sheet, DMing in telegram to schedule a vouching session, prereading instructions carefully, metamask...|metamask|
## Maximally including projects
Projects that integrate with PoH will want:
- **Smooth UX**: that lets users easily identify with proof of humanity and then immediately return to the application. Perhaps a "Prove You're Human" button?
- **Great APIs**: simple, well-designed, concisely documented
- **Ubiquity**: long term, PoH identities should be easily usable on any chain or service (centralized or decentralized)
- **Credible longevity**: projects will only integrate with PoH if they believe it will be around for a long time
### Credible longevity
Proof of Humanity's future is mainly guaranteed by its **big, active, caring community**. Aside from that, it's important that PoH is:
- **Scalable**: has a plan for eventually growing to 1B+ people
- **Sustainable**: can pay for its own development and maintenance
- **Secure**: against sybil attacks
# Technical details
## How can registering take only ~3 minutes?
It might be possible to allow someone to register in a single short web session by changing the user interface and registration rules:
- **Remove need for a tutorial**: the tutorial is great, but we should make registering so intuitive that you can just go through it without reading anything ahead of time.
- **Remove the photo step?** the video already contains many de-facto photos! (we may need to keep the photo because it's often higher quality, which is likely helpful for facial recognition.)
- **Record video in browser**: don't require a separate upload
- **Don't require making a sign:**
- All that we need to know is that the person in the video is specifically signing up for their public key
- We could instead ask people to say aloud a sequence of words like "elephant blue door dog tree" which are derived deterministically from their public key. (People who have impaired speech could write these words on a piece of paper instead)
- **Automatically check validity**: e.g. along the line of [Justin's suggestions](https://gov.proofofhumanity.id/t/list-of-ux-ui-submit-profile-ideas/437)
- **Real-time crowdvouching**:
- The PoH crowdvouching telegram group is awesome.
- We could make it part of the default registration flow: once a new registration is ready, we can ping community volunteers to find someone ready to immediately connect with them over videochat (the registrant could do the videochat right from their browser)
- After the videochat closes, the community volunteer can thoroughly check that the application is valid, and if so submit their vouch.
- **Automatic deposit**: if someone makes it through the vouching process, we can automatically deploy some community capital along with their registration
- **Automatic advancement**: e.g. don't require the registrant to come back and send a new transaction after the challenge period is over — after it ends, accept them automatically, and start giving them UBI automatically.
- **Usability makeover**: right now, for example, it's not that obvious that the first step to registering is to press the "connect" button.
## How can registering be free?
It would be necessary to migrate PoH into an L2 which is more scalable and whose security is still fully guaranteed by Ethereum.
- Space in calldata only costs 16 gas/byte; registration probably takes order 100-1000 bytes, which at 100 gwei/gas and $2000/eth works out to $0.30–$3.
- This fee is small enough that the community could just subsidize it.
- If gas fees increase too much, we could rely on off-ethereum solutions for data availability and only verify zk proofs and store merkle roots on ethereum.
The registration bounty can be automatically crowdfunded as part of registration: once a community notary determines that an application seems valid, it can be funded from an ongoing pool of community capital (hey! is this LITERAL social capital? :D). The amortized cost per registrant would be tiny.
## How can people participate anonymously?
**NOTE:** the following protocol is *totally unaudited* and *almost certainly suffers from problems*.
Zero-knowledge proofs make anonymous participation possible. When someone wants to prove for a particular purpose that they are human without revealing *which* human they are, they could generate a proof of:
- knowledge of a `private_key` whose corresponding public key is registered with proof of humanity and will not have expired by a particular block, and
- the result of `hash(purpose_id + vote + private_key)` where `purpose_id` is a simple string which is e.g. specific to a particular election and `vote` is how they would like to vote (e.g. `0` or `1`) and
- the `purpose_id` and `vote` values.
This would allow projects to verify that someone is *a* member of PoH, but not *which* member they are. The hash output can be used to prevent someone from voting more than once for a given purpose. Note that this protocol is *not* coercion-resistant.
1. Verifying zero-knowledge proofs on-chain is expensive.
- Could batch by generating a zero-knowledge proof that other proofs are valid (as seen in Mina and Starkware), and verify the metaproof on chain.
- Or, could have a bonded third party service that validates proofs off-chain and signs ones that are valid.
- The third party's bond could be ganked by anyone who successfully challenges the validity of the proof on-chain (which could be done just by submitting a proof which is invalid and also was signed)
- Dapps would need to handle the rare case where the vote needs to be re-run due to the third party being slashed
- To reduce the odds of needing to cancel a vote, could have `n` third parties of which `k` signatures are required; this would make it harder to cancel a vote by manipulating signing services.
2. It's not simple to prove that an Ethereum private key corresponds to a given public key, because Ethereum's elliptic curve (secp256k1) is not very amenable to zero-knowledge proofs. A workaround:
- We could include an extra piece of information with each PoH registration: the zk-friendly hash (e.g. Pedersen) of an additional secret.
- To prevent the user from needing to expressly record and keep track of this additional secret, we could take it to be the [metamask signature](https://docs.metamask.io/guide/signing-data.html#sign-typed-data-v4) of a static string.
- It would then be possible for a zk prover running in [WASM in the user's browser](https://github.com/iden3/wasmsnark) to prove that they're in possession of the secret input to the hash which is included in an active PoH registration
3. Proving a Ethereum sha256 merkle path would be expensive; we could maintain our own snark-friendly merkle tree. (If PoH is running in an L2, we'd need to maintain our own merkle tree anyway.)
Designing/implementing this system well, and making it usable, and coming up with good APIs for decentralized applications to integrate against would be a huge challenge.
## How can PoH be decentralized?
- Registration documents (photos/videos) need to be archived somewhere with cryptoeconomic guarantees (e.g. on Filecoin)
- Adjudication protocol tokens (PNK) need to be broadly distributed among many active jurors
## How can we ensure security?
We could offer bounties for people who manage to trick us: if you can register twice, then prove *that* to us in order to win a prize! This would teach us our own vulnerabilities, which is a key to solving them.
- **Doppelgangers**: What happens once we have 50 million registrants, and each new applicant looks *very similar* to 50 people who are already registered? Even facial recognition algorithms and humans working together might not be able to tell if someone is already registered or not.
- **Illicit identities**: How do we handle people paying someone who isn't in the registry yet for the right to take a photo/video of them? This seems hard to prevent, and could mean that the cost of owning an entry in the registry is <$10.
- **Deepfakes**: What's our plan for when deepfakes get really good?
## This sounds awesome, how can I help?
Proof of Humanity is hiring!
In particular it's looking for a strong software engineer (how would you like to be the first person in history hired by a one-vote-per-person open democratic decentralized autonomous organization?)
Come get involved!
 thanks Paula for highlighting the importance of this!