-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Draft open problem statement: Proof of Personhood #11
Comments
https://zerobyte.io/publications/2017-BKJGGF-pop.pdf is a great start, but we should clarify and highlight our long-term hopes |
Universal Self Sovereign Identification. |
Not really, a single person can have multiple identities. The idea here is to solve the Sybil problem (single person pretending to be multiple people). |
Every living person has a social/bio graph kinda of like a unique merkle forest, this forest can only be occupied by one human at a time. The Sybil problem requires that you continue to input data until the system is satisfied that you are real only then would it issue an ID. Some game theory, human behaviour elements would be required to ensure that it is way too difficult to create and maintain a fake ID. |
I think what you're proposing could close a lot of the distance toward solving some identity problems. However, I think there are some substantial problems yet to solve, embedded in statements like "just need to see what technologies can be used" and "Some game theory, human behavior elements," which trivialize what I think are real research and engineering problems that have yet to be solved. Part of why I think the Sybil problem is highly nontrivial, even with human behavior elements, is that there are few if any tasks or interactions that one couldn't fake with a reasonable amount of computation power, including spoofing location data, interacting with friends (build a network of Sybil friends), and performing most if not all casual interactions online. I guess it's also worth noting that I wouldn't consider this problem "solved" if the proposed solution required everyone to spend all day responding to captchas. I also realize an detail that I hadn't added to the problem statement is that the solution should be decentralized. It's important to me (and to Protocol Labs) that a single individual, company, or government should not be be the arbiter of who does or does not count as an individual. Anyway, thanks for prompting some quality clarifications on the problem statement. Do you have more information on how you plan to implement your identity solution? |
Apologies if it seemed like a trivial responses however Github Issues isn't really the place to give an in depth explanation, especially when you consider the enormity of scope. What I was trying to convey is that there is a need for a non engineering understanding of the problem first. |
DNA test is the only sure way to identify any person, all other evidences can be forged, stolen, etc. Since DNA test for opening account is not realistic, the problem should be restated as not to make impossible but to reduce number of incidents. Proof of work allowed to do just that. But ASICs made it easy barrier to jump over. In conclusion, I think this problem is unsolvable. We just have to deal with it, we can't solve it. |
I think you may be misunderstanding the problem statement.
Think of this as a stronger CAPTCHA. CAPTCHA tries to prove that there is a human sitting at a computer completing a task. Here, we want to extend that to "there is a human and said human participates only once". |
Let's say there is a database (or blockchain) that records a genetic proof. In each record, your encoded DNA sequence (hashed) is associated with a cryptographically secure public key. Since you have the private key, you can sign any message to prove that you are indeed a single person (but doesn't reveal who you are directly, or even your DNA sequence). However, you do not need to reveal any additional information to prove you're human: no ID, first name, address, etc. These records are maintained by a network of public hospitals or clinics. They are capable of analyzing a DNA sample to assure that it is indeed a real sample and not a fabricated one. Samples are sent to 5 (or so) randomly selected nodes (lab nodes) and they must agree that the sample is indeed real human DNA (not a dog, cat, or other organism) and not fabricated. Once confirmed, it is recorded on the public blockchain. Now, it is possible that DNA can be stolen. Therefore, when DNA is submitted, if a duplicate record is found, then we can invalidate the old one given that a lab confirms the identity of that person. The original record holder (owning the private key) is also contacted and given the opportunity to dispute the new one that is attempting to override the record. A fraudulently submitted sample would most likely not respond to the request within 60 days. Furthermore, the sooner people submit their genetic proof of personhood, the harder it will be for others to submit their stolen one in advance. There could be many side chains created that work together with the genetic chain. For example, residents of a town could have a town chain that allows you to vote as a resident once registered. Online voting becomes a matter of proving your identity by signing with your private key. It may seem like a lot of work to have this done, but the privacy implications are significant. Although you would need to protect your private key quite dearly, it eliminates the need to provide a mountain of private and personal information every time you want to prove who you are. And although the infrastructure for this may be large, I would contend that it's not any more complex than existing personhood record keeping databases we already have today such as social security and birth certificates. In fact, this could help reduce or eliminate these privacy-leaking hacker-prone private databases with a single public blockchain that contains no personal information. |
Hello folks, |
Hi all, thank you for your comments 🚀 We are now closing the issue, feel free to reopen it in the future if you want to restart the conversation on this topic. |
Proof of Personhood
Building trustless protocols with incentives has so far required disincentivizing the creation of Sybil identities. For example, in cryptocurrencies based on Proof-of-Work, you only have a finite amount of resources and it does not behoove you to split across multiple identities. However, These protocols could be simplified with an external prevention of Sybil identities. In addition, there are specific applications in which the desired incentive structure cannot solve the intended problem if they are modified to resist Sybil identities. While these problems may seem impossible to solve in a trustless, distributed manner, I argue that the introduction of a Proof of Personhood as a cryptographic primitive would drastically simplify the solutions of these problems.
Examples of interesting problems include
Solution constraints
Ideally it would be nice to have
Note that it likely isn't necessary that it should be (cryptographically) difficult to forge a proof of a known individual, since a Proof of Personhood could probably be combined with a cryptographic signature.
The text was updated successfully, but these errors were encountered: