IETF Logo Mail Archive

Re: [Identity-discuss] OpenAI World ID

Neal McBurnett <nealmcb@gmail.com> Wed, 09 August 2023 17:09 UTC

Return-Path: <nealmcb@gmail.com>
X-Original-To: identity-discuss@ietfa.amsl.com
Delivered-To: identity-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0E59C14CE27 for <identity-discuss@ietfa.amsl.com>; Wed, 9 Aug 2023 10:09:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gREjoMD86tnn for <identity-discuss@ietfa.amsl.com>; Wed, 9 Aug 2023 10:09:41 -0700 (PDT)
Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F11F5C151980 for <identity-discuss@iab.org>; Wed, 9 Aug 2023 10:09:38 -0700 (PDT)
Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-99c0cb7285fso13674866b.0 for <identity-discuss@iab.org>; Wed, 09 Aug 2023 10:09:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691600977; x=1692205777; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=FCUavOiymiQbcdDjCkIAuulqN5Yl9Xmu1KY3sRzuIV0=; b=htnYZXJBOqhmCI36ZSzQjTAr5ifYj2+P2Tj6rVvygJ/HL+kbue43m+ArXD/3ROHkLZ nzMWenUkqUng0MwM4l3Mo/JsXrNBKvw79PIfEbWNSBSnmwAhP6QZp++Ca/6lKlGIbqim x5CiM2GVUYRaVyOcF7aQRtZAE0GvYEBg3iKjCm694uHPWf0E2wwENrxLsb4TCFj5jN7D FPVCyNAntjHs4wXBioGpxbeRCSx1kB6BwlXepkhS4MwRjlfrEIdz8iF6g8CCowG8lQX/ js1F26L6n72JQ0xEuESFpLYkwfFnzhRsCbWK5NSlbm1j4fg1XgCCPflK5zvHCF5lMlYU /8KQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691600977; x=1692205777; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=FCUavOiymiQbcdDjCkIAuulqN5Yl9Xmu1KY3sRzuIV0=; b=bCOl842/1DWBZnaIQ+xfK02czAhs9dHJm5C3+N3UUeOM94ii/bLiQPYfjFnxEcKQbR As+/RFXq9oUEQehtcxO7lmI/bmUCZ7XJkldYsuFHpW2zpa9bWzVs/vHoF2EKoTIuPJbF Vc/65uW/4XSY3VOJqsNl6ZLquFdO84kxxBo6xMQ6eMCF9GaxdJby4hMDF9rl3PB9HLEj Q2agDPSJIKMOlG9yzwh10L3KBs6Zv8i7ZNM6F7OdoOqtXQQBYpCxbmSoWs20pFFf5iCa d4rjjLV1mjEzPWREZp1NfFOx/z3sz0SDmvrgQWYGa5KTxhBET7+0WT8CnhgNIifmqOC9 6CNQ==
X-Gm-Message-State: AOJu0Yy8Wy4WywR44HAwjzmlEqFqmruRqI32Mly9aY2EBSuO2BOcloyQ 2dLjTHWI4uQKuT2ywZJbBS9DfDb6kaGNzI1LtlI=
X-Google-Smtp-Source: AGHT+IHkTAnDddJdz2eJB8cvrDx/kmbjSzY9Y7tIsp/4vx/CISQNs0XH6fDdtOy0q+St8CYh1odIDX6JS45EGz+pxGg=
X-Received: by 2002:a17:906:535e:b0:99b:5a73:4d09 with SMTP id j30-20020a170906535e00b0099b5a734d09mr2009551ejo.43.1691600977009; Wed, 09 Aug 2023 10:09:37 -0700 (PDT)
MIME-Version: 1.0
References: <CAFvDQ9oQUo6_+kOrHs8cftJEnTVH0-WSS7i5xS7p6PePzXnd-w@mail.gmail.com> <CAMm+LwhhTB1a1Gtc3+7DLNETWXXiAQ+zd=vkgLLmvvuyvx0KYw@mail.gmail.com> <CAD9ie-sgmYTWw2ZNJgSv2Vf3WOh-RA_ZLELRQnUNTPHV0_ZbqQ@mail.gmail.com> <CAMm+LwiFN+MrAhUrDAbT=fnDfthWrMmB7icsB-AEVQd=BQd5hQ@mail.gmail.com> <804b37f6-bf52-ea45-7abd-e68660ecc1c7@gmail.com> <CAD9ie-vYMQjGiTV9pLosoa9KOZb=uw3k+RSWO5Vu6b5==NmDpw@mail.gmail.com> <CANez3f7-H8RiLL-QbmuUBBeOJm6pwRy3Jff3Qr9tjiNvZvoZ9w@mail.gmail.com>
In-Reply-To: <CANez3f7-H8RiLL-QbmuUBBeOJm6pwRy3Jff3Qr9tjiNvZvoZ9w@mail.gmail.com>
From: Neal McBurnett <nealmcb@gmail.com>
Date: Wed, 09 Aug 2023 11:09:25 -0600
Message-ID: <CAAPZQpQgf7mvo4itAQWHEnQ1ApNm4eGRz-aNx7ZjYxh3bFZDiQ@mail.gmail.com>
To: Kaliya Identity Woman <kaliya@identitywoman.net>
Cc: Dick.Hardt@gmail.com, Hesham ElBakoury <helbakoury@gmail.com>, Phillip Hallam-Baker <phill@hallambaker.com>, identity-discuss@iab.org
Content-Type: multipart/alternative; boundary="0000000000005624dc0602808b5a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/identity-discuss/-Xbm0GCcGIfvsIL7woSlMVm6KLI>
Subject: Re: [Identity-discuss] OpenAI World ID
X-BeenThere: identity-discuss@iab.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Proposed IAB Program on Wholistic Human-Oriented Discussions on Identity Systems \(WHODIS\)" <identity-discuss.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/identity-discuss>, <mailto:identity-discuss-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/identity-discuss/>
List-Post: <mailto:identity-discuss@iab.org>
List-Help: <mailto:identity-discuss-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/identity-discuss>, <mailto:identity-discuss-request@iab.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Aug 2023 17:09:46 -0000

Thank you, Kaliya, for the indirect link to this post on the generic "Proof
of Personhood" challenge by Vitalik Buterin, whom I consider a true
visionary:

What do I think about biometric proof of personhood?
 https://vitalik.eth.limo/general/2023/07/24/biometric.html

It is long and detailed, with discussion of several approaches besides
Worldcoin, and very worthwhile in my mind as a thoughtful overview. I think
Forrester's characterization of his opinion of Worldcoin as "not the
answer" is pretty misleading, since Worldcoin is an example of
the "specialized-hardware biometric" approach which he sees as at least
valuable to seed an inclusive social-network approach to proof of
personhood.

In general he notes the enormous potential benefits, and complex problems,
in establishing this sort of identity. Here are some tidbits to whet your
appetite.

Neal McBurnett  https://www.linkedin.com/in/nealmcb

Proof of personhood
<https://berkeley-defi.github.io/assets/material/Proof%20of%20Person.pdf>,
aka the "unique-human problem
<https://vitalik.ca/general/2019/11/22/progress.html#numberfifteensic>", is
a limited form of real-world identity that asserts that a given registered
account is controlled by a real person (and a different real person from
every other registered account), ideally without revealing *which* real
person it is.
...

The simplest way to define a proof-of-personhood system is: it creates a
list of public keys where the system guarantees that each key is controlled
by a unique human. In other words, if you're a human, you can put one key
on the list, but you can't put two keys on the list, and if you're a bot
you can't put any keys on the list.

Proof of personhood is valuable because it solves a lot of anti-spam and
anti-concentration-of-power problems that many people have, in a way that
avoids dependence on centralized authorities and reveals the minimal
information possible. If proof of personhood is not solved, decentralized
governance (including "micro-governance" like votes on social media
posts) becomes
much easier <https://vitalik.ca/general/2021/08/16/voting3.html> to capture
<https://vitalik.ca/general/2018/03/28/plutocracy.html> by very wealthy
actors <https://vitalik.ca/general/2021/09/26/limits.html>, including
hostile governments. Many services would only be able to prevent
denial-of-service attacks by setting a price for access, and sometimes a
price high enough to keep out attackers is also too high for many
lower-income legitimate users.

Many major applications in the world today deal with this issue by using
government-backed identity systems such as credit cards and passports. This
solves the problem, but it makes large and perhaps unacceptable sacrifices
on privacy, and can be trivially attacked by governments themselves.

...
So... what do I think?

There is no ideal form of proof of personhood. Instead, we have at least
three different paradigms of approaches that all have their own unique
strengths and weaknesses. A comparison chart might look as follows:


Social-graph-based General-hardware biometric Specialized-hardware biometric
Privacy Low Fairly low Fairly high
Accessibility / scalability Fairly low High Medium
Robustness of decentralization Fairly high Fairly high Fairly low
Security against "fake people" High (if done well) Low Medium


What we should ideally do is treat these three techniques as complementary,
and combine them all. As India's Aadhaar has shown at scale,
specialized-hardware biometrics have their benefits of being secure at
scale. They are very weak at decentralization, though this can be addressed
by holding individual Orbs accountable. General-purpose biometrics can be
adopted very easily today, but their security is rapidly dwindling, and
they may only work for another 1-2 years. Social-graph-based systems
bootstrapped off of a few hundred people who are socially close to the
founding team are likely to face constant tradeoffs between completely
missing large parts of the world and being vulnerable to attacks within
communities they have no visibility into. A social-graph-based system
bootstrapped off tens of millions of biometric ID holders, however, could
actually work. Biometric bootstrapping may work better short-term, and
social-graph-based techniques may be more robust long-term, and take on a
larger share of the responsibility over time as their algorithms improve.


*A possible hybrid path.*


All of these teams are in a position to make many mistakes, and there are
inevitable tensions between business interests and the needs of the wider
community, so it's important to exercise a lot of vigilance. As a
community, we can and should push all participants' comfort zones on
open-sourcing their tech, demand third-party audits and even
third-party-written software, and other checks and balances. We also need
more alternatives in each of the three categories.

At the same time it's important to recognize the work already done: many of
the teams running these systems have shown a willingness to take privacy
much more seriously than pretty much any government or major corporate-run
identity systems, and this is a success that we should build on.

The problem of making a proof-of-personhood system that is effective and
reliable, especially in the hands of people distant from the existing
crypto community, seems quite challenging. I definitely do not envy the
people attempting the task, and it will likely take years to find a formula
that works. The concept of proof-of-personhood in principle seems very
valuable, and while the various implementations have their risks, not
having any proof-of-personhood at all has its risks too: a world with no
proof-of-personhood seems more likely to be a world dominated by
centralized identity solutions, money, small closed communities, or some
combination of all three. I look forward to seeing more progress on all
types of proof of personhood, and hopefully seeing the different approaches
eventually come together into a coherent whole.


On Tue, Aug 8, 2023 at 4:25 PM Kaliya Identity Woman <
kaliya@identitywoman.net> wrote:

> Two more articles re: WorldCoin.
> The Web Needs A Way Of Proving That You’re A Real Person; Worldcoin Is Not
> The Solution
> <https://www.forrester.com/blogs/the-web-needs-a-way-of-proving-that-youre-a-real-person-worldcoin-is-not-the-solution/>
> 2023-07-26 ForresterWorldcoin has a problem
> <https://restofworld.org/2023/exporter-worldcoin-kenya-india-upi/>
> 2023-08-03 Rest of World
>
> On Mon, Aug 7, 2023 at 8:21 PM Dick Hardt <dick.hardt@gmail.com> wrote:
>
>> Worldcoin created an Auth0 integration — anyone can — mischaracterization
>> by Time
>>
>> https://marketplace.auth0.com/integrations/worldcoin
>>
>>
>> On Mon, Aug 7, 2023 at 8:15 PM Hesham ElBakoury <helbakoury@gmail.com>
>> wrote:
>>
>>> This Time Magazine article: [What to Know About Worldcoin and the
>>> Controversy Around It | Time
>>> <https://time.com/6300522/worldcoin-sam-altman/>] says that "in June,
>>> Okta became
>>> <https://worldcoin.org/blog/announcements/sign-in-with-worldcoin-available-okta-auth0-marketplace> the
>>> first major company to allow users to sign in with Worldcoin. Worldcoin
>>> officially launched in July, with the project embarking on a multi-city
>>> sign-up tour. Altman posted a video of long lines outside Orb centers, and
>>> said <https://twitter.com/sama/status/1684297687708098565> that the
>>> project was scanning in a new user every eight seconds. "
>>>
>>> Hesham
>>>
>>> <https://api.time.com/wp-content/uploads/2023/08/GettyImages-1490660707.jpg?quality=85>
>>>
>>>
>>> On 8/7/2023 7:59 PM, Phillip Hallam-Baker wrote:
>>>
>>>
>>>
>>> On Mon, Aug 7, 2023 at 7:23 PM Dick Hardt <dick.hardt@gmail.com> wrote:
>>>
>>>> Their OpenID Connect implementation is sloppy and full of potential
>>>> vulnerabilities to developers building on it. They are not following
>>>> published best practices.
>>>>
>>>> I've alerted them of the most egregious issues. Currently writing up a
>>>> critique.
>>>>
>>>
>>> Introducing a coin is kind of a giveaway...
>>>
>>> Not only do we solve this really difficult problem but our solution
>>> CREATES FREE MONEY OUT OF THIN AIR!
>>>
>>> It's like seeing an invention with a perpetual motion machine, there is
>>> no way it can work.
>>>
>>> There are some really worrisome stories about folk going off to sell
>>> this scheme in the third world collecting biometrics on promises of money
>>> to come in the future. Why is that supposed to prove anything?
>>>
>>> I'm going to start calling the guy Sam Altman-Fried on purpose at this
>>> rate.
>>>
>>> --
>> Identity-discuss mailing list
>> Identity-discuss@iab.org
>> https://www.iab.org/mailman/listinfo/identity-discuss
>>
> --
> Identity-discuss mailing list
> Identity-discuss@iab.org
> https://www.iab.org/mailman/listinfo/identity-discuss
>


-- 
Neal McBurnett                 http://neal.mcburnett.org/

v2.38.3 | Report a Bug | By Email | System Status