Semaphore integration as a solution for privacy issues on Proof of Humanity

# Semaphore integration as a solution for privacy issues on Proof of Humanity ## Overview Digital identity is a crucial topic nowadays, as well as privacy and security. [Proof of Humanity](https://blog.kleros.io/proof-of-humanity-a-building-block-for-the-internet-of-the-future/) aims to create a decentralized registry of humans by combining social verification with video submissions, thus attempting to tackle problems surrounding human identity on the internet, such as Sybil attacks. Proof of Humanity is presented as a solution to ensure that opinions come from real people. However, this solution also presents a privacy issue: the exposure of personal information, such as biometric data, voice, and video, when transacting with a Proof of Humanity registered account. This is known as doxing. As a possible solution to this problem, the integration of [Semaphore](https://semaphore.appliedzkp.org/) with Proof of Humanity has been explored to ensure privacy. Semaphore is a protocol that uses [zero-knowledge protocol](https://en.wikipedia.org/wiki/Zero-knowledge_proof) to prove membership in a group and cast signals without revealing identity. ## Proposal To explore this potential solution, the [ZK Proof of Humanity](https://github.com/elmol/zk-proof-of-humanity) (zkPoH) project was created on GitHub, which integrates Semaphore with Proof of Humanity (PoH). The project consists of a smart contract that allows subscribing as a member to a Semaphore group only if the subscriber is registered in PoH. In this way, any member of this group can emit signals (votes, approvals, etc.) without revealing their identity and ensuring that they are registered in PoH as a human. ### Implementation When a human subscribes to zkPoH, they must send the [identity commitment](https://semaphore.appliedzkp.org/docs/glossary#identity-commitment) with the account that is registered in Proof of Humanity. The protocol only allows subscribing to valid accounts in PoH that are not already registered in zkPoH. Once the human is registered in zkPoH, they can generate proofs and emit signals, [like the Semaphore protocol](https://semaphore.appliedzkp.org/docs/guides/proofs#verify-a-proof-on-chain), without exposing their identity. To generate the identity, the [deterministic method](https://semaphore.appliedzkp.org/docs/guides/identities#create-deterministic-identities) is used which signs a message with the account registered in Proof of Humanity ![](https://i.imgur.com/ulFZbxy.png) #### Registration When a valid human in PoH registers in zkPoH, they subscribe with their account and identity commitment. The protocol ensures that the account is not already registered in zkPoH and is valid in PoH. Afterward, the human is added as a member to the Semaphore group. #### Verification and Signaling: The protocol uses the `verifyProof` method to delegate the proof verification and signaling to Semaphore. The human generates a proof using their deterministic identity, an external nullifier, and the signal they want to send. Then, they emit the signal, just like in Semaphore, double signaling is avoided. #### Human Verification The protocol presents a public view method `verifyHumanity` that verifies if the proof is valid and proves that the user is a human. This method does not avoid double signaling, so it must be validated or controlled by the caller. It is used as an extension of the protocol. ## Assessment ``` ·-------------------------------------------------|---------------------------|-----------------|-----------------------------· | Solc version: 0.8.4 · Optimizer enabled: true · Runs: 1000000 · Block limit: 30000000 gas │ ························|·························|·············|·············|·················|···············|·············· | Contract · Method · Min · Max · Avg · # calls · usd (avg) │ ························|·························|·············|·············|·················|···············|·············· | Methods · 33 gwei/gas · 1651.85 usd/eth │ ························|·························|·············|·············|·················|···············|·············· | ZKProofOfHumanity · register · 974390 · 1751356 · 1523169 · 17 · 83.03 │ ························|·························|·············|·············|·················|···············|·············· | ZKProofOfHumanity · verifyProof · 350468 · 350504 · 350487 · 10 · 19.11 │ ·-------------------------------------------------|-------------|-------------|-----------------|---------------|-------------· ``` > *Gas Reports Links:* [Semaphore](https://github.com/elmol/zk-proof-of-humanity/blob/main/docs/semaphore-gas-report.out?raw=100) and [zkPoH](https://github.com/elmol/zk-proof-of-humanity/blob/main/docs/zkpoh-gas-report.out?raw=100) As we can see, the registration and verifyProof costs, while expected, are high. This is a possible issue for the proposed solution because Proof of Humanity is currently productive on Ethereum and one of the main registration incentives is the receipt of [UBI](https://ubi.eth.limo/). Therefore, it is required that users bear these costs to protect their privacy. An opportunity for improvement in the further development of the proposed solution is the exploration of options such as deploying zkPoH on lower-cost sidechains or L2 and accessing the PoH registry through oracles can be considered. In some cases, Semaphore could also be used off-chain or in a centralized manner to reduce costs. Another enhancement opportunity is maintaining consistency between the Proof of Humanity registry and the members subscribed to the Semaphore group in zkPoH. In this case, incentives could be offered to keepers to maintain registry integrity. Another option could be to re-subscribe or revalidate by use cases. This latter solution would be suitable for off-chain use cases such as Snapshot. Or like Sismo, [could limit it by periods](https://docs.sismo.io/sismo-docs/faq/general-faq#will-my-badge-be-burnt-if-i-am-no-longer-eligible). However, a more effective solution would be for future versions of Proof of Humanity to take responsibility for maintaining a single registry in Semaphore, as [World Id](https://https://worldcoin.org/blog/worldcoin/solving-for-privacy-worldcoin-approach-keeping-information-safe) does. Since Semaphore is an audited solution that is constantly improving, with a dedicated team exclusively focused on developing solutions for privacy issues, it is considered the perfect privacy protocol to be directly integrated with PoH as a complement and a definitive solution to privacy problems. This makes creating a custom zero-knowledge protocol solution to address this issue pointless, since Semaphore is a stable and specialized solution in this field. ## Conclusion In summary, the integration of Semaphore with Proof of Humanity presents itself as a promising solution to address the privacy issue. The implementation proposed showed to be effective. Although there are opportunities for improvement, such as operational costs and consistency of records, solutions have been proposed to address these issues. It is important to consider that the direct integration of Semaphore in future versions of Proof of Humanity would be an interesting option to address these challenges more effectively.