How does Worldcoin specifically handle privacy?

How does Worldcoin handle privacy?

Author: Sydney, Cryptocurrency KOL; Translator: LianGuaixiaozou

Worldcoin has launched. How does it protect privacy? Let’s take a closer look at the Semaphore protocol and ZK-SNARKs.

Worldcoin uses Orbs specialized hardware that can scan users’ irises to verify their identity. Worldcoin is an L2 solution running on Ethereum, extending Semaphore (which will be explained in detail later) and using ZK-SNARKs.

With Worldcoin’s use of Zero-Knowledge Proofs (ZKP), users can prove ownership of their database private keys without revealing the corresponding public keys. This means that no one can link any operations to a specific identity.

Orb scans your iris and generates a hash value. It is not a typical SHA256 hash value. It uses an algorithm based on Gabor filters, as two photos of the same iris are not exactly the same.

Unless approved by you, the original biometric data does not leave Orb, and the hash value is stored separately from your profile or wallet. In the worst case scenario, if an attacker scans your iris, they can only know whether you are in the database.

The Semaphore protocol is an anonymous identity verification tool, which works as follows:

(1) Users create an identity;

(2) The identity is submitted to a Merkle tree;

(3) When a user wants to perform an operation, a ZK-SNARK is generated;

(4) Anyone can verify based on the root of the Merkle tree.

Worldcoin extends Semaphore using ZK rollup, as follows:

(1) Identity commitments are forwarded to the signup sequencer;

(2) The signup sequencer inserts the commitment into a queue;

(3) A single fixed batcher processes the queue (current) and computes a Merkle tree update proof;

(4) The Prover computes a Groth16 proof using the initial root, final root, and insertion start index;

(5) The Batcher creates a transaction and submits it to a relayer;

(6) The Relayer allocates fees, signs the transaction, and submits it to blockchain nodes;

(7) The World ID contract verifies transactions from the sequencer;

(8) The Groth16 verifier contract checks the integrity of the ZKP;

(9) The old root is deprecated and the new root is placed into the contract.

In his blog post about Worldcoin, Vitalik Buterin made two suggestions for improving privacy:

· The first is to improve the iris hash algorithm to reduce scan variances. This will reduce the amount of stored data by using “helper data” instead of storing the complete hash value.

· Secondly, the iris hash database is stored in a multi-party computation (MPC) system that can only be accessed by Orbs. This makes the data inaccessible but introduces governance complexity.

Personally, I wouldn’t scan my eyeballs, but this technology is interesting. I do think the current doomsday discourse is a bit exaggerated.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Blockchain

Long text: the change of the encrypted asset exchange and the risk challenge

Encrypted asset exchanges, like traditional exchanges, are products that develop to a certain period of time. With th...

Blockchain

Is the 'big boss' of the cryptocurrency world, Binance, starting to decline?

LianGuaiBitpushNews Mary Liu As 2022 comes to a close, it seems that Zhao Changpeng, co-founder and CEO of Binance, ...

News

Exclusive speech by Li Xiaojia, the Hong Kong Stock Exchange: In the 5G era, technologies such as blockchain will give birth to new exchanges and trading models.

On March 31, Li Xiaojia, Chief Executive Officer of the Hong Kong Stock Exchange Group, delivered a speech entitled &...

Blockchain

The original market maker is not "Zhuang"? What is the significance of the coin safety ball recruitment market?

On September 30th, the company announced that it has launched the Global Markets Program and will recruit Market Make...

Blockchain

Will NOVA be the next Pepe? Analysis from the perspective of trading techniques.

"Ten years of speculation in cryptocurrency can all be in vain, but a successful gamble on meme can make you live in ...

Blockchain

The game of the exchange after the BCHSV "belowed"

The representative of the BSV community, Craig S Wright (CSW), has always claimed to be Nakamoto, and the people in t...