How Proof of Humanity Can Succeed

Proof of Humanity could become a world-wide standard that allows the decentralized applications of our future to be influenced by people rather than money. If we can't count people, people won't count!

How do we make it happen?

We can accelerate Proof of Humanity's growth by including as many people and projects as possible. The more we have, the faster others will join. Everyone will want to use the identity system that everyone is already on because it's convenient.

So: we should include as many people and projects as possible. PoH should be maximally inclusive.

Maximally including people

Participating in Proof of Humanity should be:

Free: for people without much money
Fast: for people without much time
Easy: for people who don't have a ton of technical knowledge
Open: to people who don't already know someone in the registry
Safe: for people who want to remain anonymous [1]
Accessible: for people who don't know English/Spanish or who have a speech disorder

	Current Reality	Possible Future
Price	~$300 deposit, ~$100 in gas	~free
Time	~30 minutes across 3-4 sessions	~3 min
Skills required	uploading photos and videos, navigating crowdvouching google sheet, DMing in telegram to schedule a vouching session, prereading instructions carefully, metamask…	metamask

Maximally including projects

Projects that integrate with PoH will want:

Smooth UX: that lets users easily identify with proof of humanity and then immediately return to the application. Perhaps a "Prove You're Human" button?
Great APIs: simple, well-designed, concisely documented
Ubiquity: long term, PoH identities should be easily usable on any chain or service (centralized or decentralized)
Credible longevity: projects will only integrate with PoH if they believe it will be around for a long time

Credible longevity

Proof of Humanity's future is mainly guaranteed by its big, active, caring community. Aside from that, it's important that PoH is:

Scalable: has a plan for eventually growing to 1B+ people
Sustainable: can pay for its own development and maintenance
Decentralized
Secure: against sybil attacks

Technical details

How can registering take only ~3 minutes?

It might be possible to allow someone to register in a single short web session by changing the user interface and registration rules:

Remove need for a tutorial: the tutorial is great, but we should make registering so intuitive that you can just go through it without reading anything ahead of time.
Remove the photo step? the video already contains many de-facto photos! (we may need to keep the photo because it's often higher quality, which is likely helpful for facial recognition.)
Record video in browser: don't require a separate upload
Don't require making a sign:
- All that we need to know is that the person in the video is specifically signing up for their public key
- We could instead ask people to say aloud a sequence of words like "elephant blue door dog tree" which are derived deterministically from their public key. (People who have impaired speech could write these words on a piece of paper instead)
Automatically check validity: e.g. along the line of Justin's suggestions
Real-time crowdvouching:
- The PoH crowdvouching telegram group is awesome.
- We could make it part of the default registration flow: once a new registration is ready, we can ping community volunteers to find someone ready to immediately connect with them over videochat (the registrant could do the videochat right from their browser)
- After the videochat closes, the community volunteer can thoroughly check that the application is valid, and if so submit their vouch.
Automatic deposit: if someone makes it through the vouching process, we can automatically deploy some community capital along with their registration
Automatic advancement: e.g. don't require the registrant to come back and send a new transaction after the challenge period is over — after it ends, accept them automatically, and start giving them UBI automatically.
Usability makeover: right now, for example, it's not that obvious that the first step to registering is to press the "connect" button.

How can registering be free?

It would be necessary to migrate PoH into an L2 which is more scalable and whose security is still fully guaranteed by Ethereum.

Space in calldata only costs 16 gas/byte; registration probably takes order 100-1000 bytes, which at 100 gwei/gas and $2000/eth works out to $0.30–$3.
This fee is small enough that the community could just subsidize it.
If gas fees increase too much, we could rely on off-ethereum solutions for data availability and only verify zk proofs and store merkle roots on ethereum.

The registration bounty can be automatically crowdfunded as part of registration: once a community notary determines that an application seems valid, it can be funded from an ongoing pool of community capital (hey! is this LITERAL social capital? :D). The amortized cost per registrant would be tiny.

How can people participate anonymously?

NOTE: the following protocol is totally unaudited and almost certainly suffers from problems.

Zero-knowledge proofs make anonymous participation possible. When someone wants to prove for a particular purpose that they are human without revealing which human they are, they could generate a proof of:

knowledge of a private_key whose corresponding public key is registered with proof of humanity and will not have expired by a particular block, and
the result of hash(purpose_id + vote + private_key) where purpose_id is a simple string which is e.g. specific to a particular election and vote is how they would like to vote (e.g. 0 or 1) and
the purpose_id and vote values.

This would allow projects to verify that someone is a member of PoH, but not which member they are. The hash output can be used to prevent someone from voting more than once for a given purpose. Note that this protocol is not coercion-resistant.

Three complications:

Verifying zero-knowledge proofs on-chain is expensive.
- Could batch by generating a zero-knowledge proof that other proofs are valid (as seen in Mina and Starkware), and verify the metaproof on chain.
- Or, could have a bonded third party service that validates proofs off-chain and signs ones that are valid.
  - The third party's bond could be ganked by anyone who successfully challenges the validity of the proof on-chain (which could be done just by submitting a proof which is invalid and also was signed)
  - Dapps would need to handle the rare case where the vote needs to be re-run due to the third party being slashed
  - To reduce the odds of needing to cancel a vote, could have n third parties of which k signatures are required; this would make it harder to cancel a vote by manipulating signing services.
It's not simple to prove that an Ethereum private key corresponds to a given public key, because Ethereum's elliptic curve (secp256k1) is not very amenable to zero-knowledge proofs. A workaround:
- We could include an extra piece of information with each PoH registration: the zk-friendly hash (e.g. Pedersen) of an additional secret.
- To prevent the user from needing to expressly record and keep track of this additional secret, we could take it to be the metamask signature of a static string.
- It would then be possible for a zk prover running in WASM in the user's browser to prove that they're in possession of the secret input to the hash which is included in an active PoH registration
Proving a Ethereum sha256 merkle path would be expensive; we could maintain our own snark-friendly merkle tree. (If PoH is running in an L2, we'd need to maintain our own merkle tree anyway.)

Designing/implementing this system well, and making it usable, and coming up with good APIs for decentralized applications to integrate against would be a huge challenge.

How can PoH be decentralized?

Registration documents (photos/videos) need to be archived somewhere with cryptoeconomic guarantees (e.g. on Filecoin)
Adjudication protocol tokens (PNK) need to be broadly distributed among many active jurors

How can we ensure security?

We could offer bounties for people who manage to trick us: if you can register twice, then prove that to us in order to win a prize! This would teach us our own vulnerabilities, which is a key to solving them.

Open problems:

Doppelgangers: What happens once we have 50 million registrants, and each new applicant looks very similar to 50 people who are already registered? Even facial recognition algorithms and humans working together might not be able to tell if someone is already registered or not.
Illicit identities: How do we handle people paying someone who isn't in the registry yet for the right to take a photo/video of them? This seems hard to prevent, and could mean that the cost of owning an entry in the registry is <$10.
Deepfakes: What's our plan for when deepfakes get really good?

This sounds awesome, how can I help?

Proof of Humanity is hiring!

In particular it's looking for a strong software engineer (how would you like to be the first person in history hired by a one-vote-per-person open democratic decentralized autonomous organization?)

Come get involved!

[1] thanks Paula for highlighting the importance of this!

Syntax	Example	Reference
# Header	Header	基本排版
- Unordered List	Unordered List
1. Ordered List	Ordered List
- [ ] Todo List	Todo List
> Blockquote	Blockquote
Bold font	Bold font
Italics font	Italics font
~~Strikethrough~~	~~Strikethrough~~
19^th^	19^th
H~2~O	H₂O
++Inserted text++	Inserted text
==Marked text==	Marked text
[link text](https:// "title")	Link
![image alt](https:// "title")	Image
`Code`	`Code`	在筆記中貼入程式碼
```javascript var i = 0; ```	`var i = 0;`	在筆記中貼入程式碼
:smile:		Emoji list
{%youtube youtube_id %}	Externals
$L^aT_eX$	L^aT_eX
:::info This is a alert area. :::	This is a alert area.