There is a thorny nest of technical and structural problems to confront when implementing such a system in the real world, and WorldCoin’s whitepaper wades directly into it.
Technologically, World ID’s solution draws together strands for many different fields–biometrics, AI, blockchain, zero-knowledge–and combines them into a novel whole. Apart from the grandiose goal of altering the face of the Earth with a global participation engine, the means to achieve it are noteworthy. Perhaps WorldCoin will fall short of its ambitions. Nevertheless, it will probably spin-off ideas that will be absorbed by mainstream software, both Web 2.0 and Web 3.0.
The process begins by installing the World App, which is similar in function to a crypto wallet. The wallet app generates a cryptographic key pair, the private key is held securely in the wallet and the public key can be distributed.
Visit an orb to complete the process
Next, the user visits an orb, which is a custom hardware device packed with cameras, multi-spectrum lights and specialized chips and software. The main thing the orb does is take a scan of the user’s eyes and render it down to a compact format, and then hash that with a one-way hash. That is, the orb output can confirm that a given eye scan goes with the encrypted scan output, but there’s no way to take the hash and get back to the scan. The orb also scans a QR code from the wallet in order to associate the scan with the keys.
The orb has been the subject of a lot of WorldCoin’s research and development. It has to try to make sure the person is a real human being and get a good read of the distinctive information, then turn it into a useful format, and do all of this securely.
Once the orb generates the encrypted scan and the QR code from the wallet, it has enough information to send off a request to the WorldCoin blockchain to check for uniqueness and the blockchain itself now takes up the process.
WorldCoin runs on Ethereum using Semaphore protocol
WorldCoin runs on Ethereum using an interesting zero-knowledge protocol called Semaphore to validate membership in the set of verified humans. Essentially, it allows for checking if the eye scan hash exists in the set without revealing the hash itself.
If the iris scan is determined to be “sufficiently distinct” from all the others, it is added to the set of accepted humans. The system does some work around optimizing the way it interacts with Ethereum, noting at one point that naively using the L1 chain would cost around $100 per scan. (Originally, Polygon was used, but Ethereum was adopted for its broad popularity.)
With the identity installed in the blockchain, the user now has an attestation mechanism in the form of the World App. Of course, the system requires a means of proving that the same person who scanned their eye is the one using the phone. For this purpose, the phone has some mechanisms for checking on the user, like a face-scanning feature similar to Apple Face ID.
Building with World ID
World ID can be used by third-party apps, both Web 2.0 and Web 3.0. The spec goes into detail on how this is done. As a developer looking at it, the first thing that jumps out is it’s a lot more involved than other typical mechanisms. Building security for applications is always a bit finicky, even with modern solutions, but using World ID looks like a whole other level.
Part of that is the level of privacy built into the system, and part of that is the newness of the system. A developer needs to compute a ZKP proof of Merkle tree inclusion. Some of this will be smoothed out with abstraction at the SDK level. In the longer run, the more important point for app developers is that using Web2 solutions for login, things like Sign-in With Ethereum (SIWE) is going to become more common.
Likely influence on authentication
The use of zero-knowledge proofs at various points in the interaction is one that is very likely to grow in the world of cybersecurity. It is already gradually saturating into the Web 3.0 world and will probably continue to permeate traditional authentication systems as well.
In general, WorldCoin’s efforts will bring more attention to the whole idea of decentralized identity. It’s worth it to start thinking about it now. Some tools like Auth0’s SIWE support make it easy to add web3 as a sign-in provider. It’s also worth noting that World ID uses a centralized database at the moment for the identity store, but plans are in the works to make it fully decentralized.
Aside from the noticeable orb device, the idea of blockchain-based proof-of-personhood and more generally identity systems is an active and long-standing space into which World ID is making an entry. A good review of other such solutions, compared and contrasted to World ID, is given by Vitalik Buterin in his blog, which includes ruminations on the pitfalls of PoP systems in general.
The WorldCoin whitepaper says: “In the future, it should be possible to issue other credentials on the protocol as well” and when combined with other statements about expanding its usage and making it a single, universally referable identity source for multiple verifiers, it becomes clear that the project has ambitions for the service apart from the history-making. It seems likely that it will move to make itself available in some easy-to-consume incarnation for the app developers of today as an IAM provider.
Is WorldCoin a viable solution?
It is clear that World ID represents an interesting and even bold step towards something. It may not be a viable step that gets traction for its stated vision, but it’s probable that elements of it will influence future evolution. It’s also likely that World ID in some shape will play a role in the provider space.
As for the goal of a global ID system, it’s interesting to think about the outcome of the success of such a system as a mind experiment. Let’s set the dial to “best possible outcome” and think about the utopian dream World ID proposes. In short, no bots allowed, every human being gets an equal say in a decentralized online system flexible enough to host and accommodate everyone’s ideas, interests and needs.
Now turn the dial all the way to “Orwellian nightmare” and it doesn’t take much imagination to see how very wrong it could go. Of course, there are guardrails in place to prevent it from becoming a universal tracking and surveillance mechanism, but Murphy does have his law.
There is in fact an unease to be found in people’s reaction to the project, perhaps beginning with the eye scan with what looks a lot like an imperial droid. Perhaps there is an innate and historical distrust in people to be too neatly identified and cataloged by the powers that be. One can too easily imagine a powerful organization deciding it needs to know who did what on the internet and let’s go round them up and have their eyes scanned to prove it. (I hasten to reiterate that the system as designed is intended to prevent this kind of thing.)