Worldcoin Analysis: Utopian Dream or Dystopian Nightmare?
On July 24th 2023, people around the world lined up in the hundreds to get their irises scanned by an enigmatic chrome orb in exchange for a cryptographically verifiable, self-sovereign, and private digital identity, or perhaps more interestingly, to receive one of the most sensational token airdrops of this year.
Worldcoin is OpenAI CEO and poster boy Sam Altman’s ambitious project to combat the growing intelligence of AI (a revolution that ironically turned a new leaf under his command) and to end global economic disparity created by the fiat money regime.
“If successful, we believe Worldcoin could drastically increase economic opportunity, scale a reliable solution for distinguishing humans from AI online while preserving privacy, enable global democratic processes and eventually show a potential path to AI-funded UBI” – Sam Altman
Needless to say, the project has people flocking up in the millions, with sign-ups coming from several major cities, including New York, Seoul, Tokyo, and Berlin. Like any other crypto project, Worldcoin has the cryptosphere polarized. While Binance expresses its support by listing the WLD token on its exchange, crypto critics like Vitalik Buterin have refuted the project’s bold claims (more on that later). Reports of people selling their IDs and governments suspending the project have surfaced within a week of its launch.
This article attempts to demystify the Worldcoin protocol, analyze the criticisms made against it and explore the controversies surrounding it. After reading this article, readers can decide if they should bend their knees to the Orb nearest to them.
What is Worldcoin?
At its core, Worldcoin is an identity protocol and a financial network.
- An identity protocol – Worldcoin is on a mission to create a self-sovereign and privacy-preserving digital identity for all humanity.
- A Financial network – The Worldcoin network is a blockchain protocol that will host its native WLD token. The network will issue WLD tokens and enable its exchange between account holders. The blockchain network will also facilitate protocol governance.
The team has also developed a set of tools that work together to set the Worldcoin ecosystem in motion –
- World ID – The Worldcoin protocol issues a unique ID to participants that verifies their personhood. Worldcoin seeks to issue sybil-resistant World IDs by establishing a cryptographic link between the ID and the scan of the holder’s iris. Participants must get their irises scanned via a proprietary biometric device called the Orb.
- Worldcoin Token (WLD) – WLD is an ERC-20 token on the Ethereum mainnet and native to the Worldcoin ecosystem. It is issued to World ID holders and is meant to serve as a store of value and empower protocol governance.
- World App – A fronted developed to register with Worldcoin and access its services. It primes the user credentials for sharing across Web3. The app is available on Google Play Store and Apple App Store in more than 120 countries.
The Worldcoin Foundation is the steward of the Worldcoin Protocol. It is responsible for overseeing the development and implementation of the Worldcoin project. Tools of Humanity is a global hardware and software company that operates the World App and oversaw the development of the Orb.
If you want Guy's take on Worldcoin, you can find that below:
Why is Worldcoin an Essential Discussion for Web3?
Worldcoin is an ambitious project that seeks to solve critical socio-economic issues with bleeding-edge technology. The project can potentially establish a new primitive for the internet and redefine how humans identify themselves in the real and virtual worlds. Here are some key issues Worldcoin is attempting to address –
A New Digital Identity
Worldcoin strives to establish a global network of digital identities that abstracts an individual’s geography, gender, beliefs, and economic status. It has pioneered a novel Proof of Personhood (PoP) system to achieve this.
In an increasingly AI-driven world, where generative AI is closer to human creativity than ever, PoP establishes a mechanism to verify a person’s humanness and uniqueness. PoP is a primitive on differentiating human activity from AI, which may become imperative as AI plays an increasingly integral role in our day-to-day online activities.
Proof of personhood also addresses an age-old challenge in Web3, the Sybil problem. The problem refers to the creation of multiple fake or pseudonymous identities by a single person to manipulate a peer-to-peer network. With PoP, decentralized online platforms (like DAOs) can disperse equal voting power to each contributing individual independent of their economic investment.
Universal Basic Income (UBI)
UBI is an idea to give every citizen a sum of money for life, regardless of their economic status. In theory, a UBI should be enough to cover a person’s basic needs. Supporters of the idea argue that it will encourage people to work out of self-interest and enjoyment, motivating them to innovate and take risks, leading to innovation and economic growth. Conversely, critics are concerned that a UBI can lead to inflation. It could discourage people from working and dent the GDP of the country.
Worldcoin is placed as a global distribution network for UBI, aimed to address the job-disrupting effects of an increasingly AI-driven world. The network will distribute this UBI in WLD tokens, paid out to World ID holders.
Economic Inclusion
The creators of Worldcoin argue that cash (fiat money) is easily stolen and forged. They want to build an economically equitable world economy where cash is digital (on-chain) and flows instantly and borderless. They want to leverage PoP and the Worldcoin network to render social welfare programs efficiently and tackle issues like fake identities and geopolitical friction hindering government-funded initiatives' effectiveness.
While Worldcoin has faced significant criticism and skepticism due to its bold claims, technical flaws, and deceptive means of collecting preliminary data from low-income countries, it sheds light on crucial issues that benefit the greater good.
With issues like the need for self-sovereign identity, UBI, and equal economic opportunity out in public, Worldcoin is open to critically examining its goals and practices. This can lead to improvements in its business model and more effective solutions.
Proof of Personhood
A robust Proof of Personhood (PoP) system is central to the whole philosophy of Worldcoin protocol. In the context of decentralized networks, PoP is an identification primitive that proves that a real person controls an on-chain address and that every registered real person is in control of just one address. Ideally, the identification system is privacy-preserving, meaning it does not reveal which real person it is.
The Philosophy Behind Proof of Personhood
Identity verification schemes are the foundation of blockchain networks. During a blockchain consensus process like Proof of Work or Proof of Stake, validators use transaction signatures to verify the cryptographic link between two digital, on-chain entities (sender’s public and private key). The consensus is not concerned about -
- What the owner of the keypair is (a human or a bot), or if,
- The owner controls multiple keys.
Sybil attacks are an ongoing challenge in the cryptosphere. Attackers create multiple nodes to multiply their odds of being selected for the consensus process. Even DAOs have a Sybil problem. One member with several fake identities can sway the voting process.
However, these concerns do apply to a Proof of Personhood protocol. The ability to verify a wallet owner’s humanness and uniqueness is imperative for a PoP system to work as intended. Therefore, it must link an unreplicable real-world attribute that proves humanness and uniqueness to a unique digital identity on the blockchain (a public address, like the World ID). Otherwise, it runs into the Sybil problem as well.
History of Proof of Personhood Schemes
Here is a summary of the various models proposed to establish Proof of Personhood. Each model described below relies on a unique real-world attestation to prove the uniqueness of a human.
In-Person Events
This model has participants organize pseudonym parties to meet in person to verify one another. Participants meet at a randomly selected location and verify each other’s presence. BrightID is a project where participants join an online ‘verification party’ over video calls to verify each other.
Evident drawbacks to this model, when implemented globally, are the inconvenience of meeting at a specific location or time and trusting that multiple verification parties happening simultaneously are all conducted ethically.
Social Networks
Another approach is to create a social network where participants verify each other's identities. If a new member in a social network gathers enough attestations from previously verified members, they are considered real and verified. Proof of Humanity is a project where a new member uploads their video with a deposit. Then, existing members vouch for the new member and prove their humanness.
Social networks fall apart at a global scale as well-known individuals can use their reach to create multiple sybil identities using several social networks.
Online Turing Tests
Another approach is to use CAPTCHA tests to solve the unique human problem. Idena is a PoP project where participants solve and make captcha tests that other participants solve later.
The strongest argument against this system is the inconvenience of solving Turing tests and the belief that AI will soon become capable of beating such tests.
Proof of Personhood in the Worldcoin Protocol
The Worldcoin protocol is designed with the goal of onboarding a billion people from around the world. A PoP protocol implemented at this scale raises significant scalability and inclusivity issues. It must be accessible around the globe, regardless of the participant’s geography, economic status, race, or gender. Worldcoin adopts an iris-based biometric Proof of Personhood identity mechanism to achieve this ambition.
Why Biometrics?
Each PoP system described above fails to meet at least one primary requirement to achieve global adoption. In-person events may not be accessible at remote locations; one may not possess a social network large enough to get verified, whereas Turing tests are difficult to scale. So far, biometrics is the only solution to meet the above-listed criteria at a global scale. They are unique, almost everyone possesses one, and they are quite reliable (hard to forge, duplicate or destroy).
Why Irises?
An essential concept in Proof of Personhood is the idea of negative identification. Fingerprint and face scanners on our phones conduct a 1:1 biometric identification, where a sample is tested for similarity against a prerecorded template (if this person is the same as before). Conversely, a biometric PoP system tests for uniqueness in a 1:N identification against all other participants (if this person is unlike anyone before), which demands a significantly higher accuracy than our handheld sensors.
Worldcoin claims that irises scanned by the Orb achieve this accuracy. They argue that iris scans are more privacy-preserving and scalable than any other biometric alternative. Fingerprints are already widely used and easy to replicate; face scans are too private and difficult to scale, while DNA reveals sensitive information (like gender and medical information). Irises reveal the most minor information about an individual. Furthermore, they believe irises are hard to replicate and don’t usually distort easily with time and physical damage.
How Does the Worldcoin Protocol Work?
The Worldcoin identity protocol and the blockchain network are accessed via the World App.
Worldcoin Network: Enrolment Process
After downloading the app, users follow these instructions to enrol in the Worldcoin protocol –
- When the user downloads the World App, it creates two random private keys –
- The World ID private key attests to the user’s biometric identity. The app then creates a public key using Semaphore(a privacy-preserving signalling mechanism). This World ID public key is used to verify the user’s uniqueness in the protocol.
- The Wallet private key is used to store and transact WLD tokens.
- The user then walks to an Orb to get their face scanned. The Orb uses various sensors to capture the user’s face, ensuring the subject is human and non-fraudulent. It later uses machine learning models to find the eyes and capture both irises. The user also scans a World app-generated QR code with the Orb. All the face captures are stored in local Orb memory.
- The Orb then runs an algorithm to turn the iris captures into a numerical representation called the iris code, which can be compared against other iris codes.
- The Orb then sends a message with the iris code to a signup service, signing it with its own private key to prove the Orb’s legitimacy.
- The signup service and the uniqueness service together compare the user’s iris code against all iris codes in the records for a factor called Hamming distance. They also check if the message came from a legitimate Orb.
- If this distance is below a certain threshold, the iris scan is considered a duplicate and rejected.
- If all the desired criteria are met, the uniqueness service submits a request to include the user’s World ID public key in a list of verified public keys. The list lives on a smart contract on the Ethereum mainnet.
The protocol makes the following design choices in the enrolment process -
The World App
The World app uses a randomness function to generate the private keys even before reaching an Orb. Therefore, the keys are independent of the Orb, the user’s biometric data, or each other. The World ID public key is similarly independent of the wallet private key.
The Orb
The images taken by the Orb are kept in local memory only. After calculating the necessary codes, all images are destroyed unless the user opts to have them saved for implementing future upgrades. All Orb private keys are stored in secure hardware called a Trusted Platform Module (TPM).
The Worldcoin Enrolment Process
A user never directly shares their World ID public key. Instead, the app uses zero-knowledge proofs to hide the link between the ID and its holder when using the World ID. A Biometric uniqueness service is performed in a server run by Tools of Humanity. This server also stores all the previously verified iris codes.
The Iris Codes
The Worldcoin team claims that so far, there are no known ways to reverse engineer a perfect image of an iris from its iris code. They say that while producing an image from an iris code is possible, the result may vary significantly from the original, owing to minuscule deviations in specific characteristics (like lighting, angle of the face, etc.) during the computation.
Worldcoin Network: Verification Process
The verification process aims to prove someone is a unique human without revealing their personal information. The World ID can also prove ownership over any data. For example, let’s say a World ID user needs to sign a letter and prove that –
- A human signed the letter.
- The letter was not tampered with after the signature.
Here, the letter app sends a verification request containing the letter data. The proof is calculated with both user’s World ID and the letter. This proof fulfills both conditions, as a wrong ID or tampered letter data will yield the wrong proof.
The verification process happens as follows -
An app triggers the verification process with a QR code or a link that opens the World App.
- A verification request is sent to the World App containing the following data –
- Context – The app ID(unique to each app) and any additional data that might be needed for computation.
- Signal – It can be any data the user may want to commit to (like the letter in the example above).
- The list of user identities (verified World ID public keys) is stored on the chain. The user’s World App fetches this list through an indexing service.
- The user’s World App then computes a zero-knowledge proof with the Merkle root (which is basically a cryptographic summary) of the list, context, signal, World ID private key, and other relevant cryptographic data.
- The verifying application will receive the ZK proof and run it through its backend for verification.
The protocol makes the following design choices in the verification process -
The App
The app can integrate with World ID by adding a Worldcoin-provided SDK to its front-end, enabling it to trigger the World App with QR codes and receive the ZK proof.
The Indexing Service
The user identities are stored on the chain in a Merkle root. To calculate the ZK proof, the user’s World App must first prove its ID’s inclusion in the Merkle root, called a Merkle inclusion proof. The World App sends its public key to the indexer, which replies with the inclusion proof.
This process could involve downloading gigabytes of data without an indexer, causing scalability bottlenecks.
The Zero-Knowledge Proof
The ZK proof calculated by the World App guarantees the following –
- The signer is indeed who they claim (without revealing their identity).
- The signer is a unique human registered on the Worldcoin protocol.
- The data getting verified was not tampered with.
Versioning
With the gradual evolution of iris code generation algorithms, older iris codes could become obsolete. In this case, the user has to revisit an orb for a fresh scan, compromising their privacy.
Wallets
The World App is currently the only front-end client of the World ID wallet. The Worldcoin Foundation hopes third-party applications integrate the World ID wallet. SDKs to support World ID creation are still unavailable.
Worldcoin Tokenomics
The World Token (WLD) is the native token of the Worldcoin ecosystem. WLD is positioned to create incentives for participating in the identity protocol, like public utility and ownership. Another utility of the WLD token is its potential involvement in protocol governance. The responsibility to develop further use cases for the WLD token rests in the hands of the community.
The Worldcoin Foundation’s goals for the WLD token are pretty lofty. They foresee that WLD will become the most widely distributed digital currency and the largest privacy-preserving identity network.
WLD Token Overview
- Name – Worldcoin token
- Ticker – WLD
- Launch date – July 24, 2023
- Token standard – ERC-20
- Addresses – Ethereum, Optimism
- Initial supply cap – 10B WLD
- Circulating supply at launch – 143M WLD
- Upgradability – None (except inflation)
Characteristics
- User Grants: Periodic airdrop of WLD tokens to World ID holders. It will be paid out on the Optimism mainnet, with the ability to bridge back to Ethereum via the Optimism bridge. Grants are subject to change via governance. WLD tokens are not available in the US.
- Inflation: Inflation will be locked at a default rate of 0% for 15 years, after which it is subject to protocol governance, capped at 1.5% per year.
Allocation
- Worldcoin community – 75%
- Initial development team – 9.8%
- TFH – 13.5%
- TFH reserve – 1.7%
Vesting Schedule
Here are some noteworthy facts about the WLD unlocked supply schedule; please refer to the tokenomics section of the whitepaper for further details –
- Team and investor tokens are locked at launch, whereas user-claimed tokens are not.
- All the community-allocated tokens will be minted, most of which will be locked at launch. Four smart contracts will gradually unlock the tokens over the next 15 years.
- The tokens allocated to Tools of Humanity (TFH) investors will be locked up for 12 months of exercising warrants. After that, the tokens will unlock evenly over 24 months. Allocation to the initial development team follows a similar unlock pattern.
Wordcoin Protocol - A Critical Analysis
There is probably no crypto project in existence to receive unanimous approval from the entire crypto community. Every crypto project is prone to technical limitations, inadequate design choices, and inevitable trade-offs to achieve specific characteristics or technological constraints.
The Worldcoin protocol has received its fair share of criticisms as well. Several crypto critics, like Ethereum founder Vitalik Buterin and blogger Molly White have voiced their concerns regarding the efficacy of the protocol. Here is a comprehensive summary of the concerns voiced by the community, along with some observations we made in our analysis –
Privacy Risks
Image Custody Service
The Orb deletes the iris images during enrolment after calculating the iris code by default. However, creators argue that the iris code could become obsolete with updates to its calculation algorithm. The user has two choices in this situation –
- Revisit an Orb to get a fresh scan.
- Opt-in to have the Orb backup user’s image.
Both choices pose significant privacy risks. Revisiting an Orb may be undesirable to maintain anonymity while having it stored makes the Orb sensitive to data leaks. Users who opt out are still at risk as the creation of Sybil identities from a compromised Orb breaks the integrity of the financial network. The protocol deploys sophisticated ZKP commitments to secure the data, but the mere existence of a weak link is a noteworthy privacy risk.
Iris Codes
Vitalik argues that while iris codes are significantly better at preserving privacy than the full images, some abuse is still possible. Iris codes may reveal sensitive information like sex, ethnicity, or medical conditions.
Indexing Service
The indexing service proves the user’s World ID public key is included in the on-chain Merkle root. The proof generation process exposes the user’s IP address, constituting a privacy breach.
Control
Crypto blogger Molly White has also raised two noteworthy concerns regarding recovery and scalability. In case of a loss of World ID, the Worldcoin Protocol does not offer recovery options so far. Furthermore, she mentions the possibility of privacy breaches outside the protocol (due to theft, government coercion, or voluntary selling of IDs). The Worldcoin whitepaper acknowledges these concerns but fails to provide any solutions.
Centralization Risks
Worldcoin Protocol
Currently, the World App is the only available frontend to access the protocol. The biometric uniqueness service is a centrally controlled service operated by TFH. The World App is the only wallet to support the WLD token (and its functions within the protocol), and there are limited means for third-party developers to build atop the Worldcoin protocol.
Credentials
The Orb is the sole World ID credential provider. To issue credentials in a decentralized manner, the protocol needs to decentralize the enrolment and verification services, deploy more verification devices worldwide and install appropriate third-party fraud prevention measures. The storage of verified credentials (iris codes) also needs to be decentralized (currently done by TFH). The centralized indexing service is a significant risk as well.
The Worldcoin Orb
As TFH is the only organization supplying the Orbs, users are forced to trust their integrity. While the Orb design is made public and the protocol is open-source, there is still room for creating potentially malicious Orbs (by installing backdoors). Furthermore, the Orb private keys are stored in a centralized server, adding another layer of trust.
Security Risks
Vitalik’s blog post on biometric proof of personhood does a great job of summarizing security risks associated with the Worldcoin protocol –
- Selling IDs – Someone may buy a World ID by having the seller use their public key when registering initially. Renting out is also similarly possible.
- Government coercion – Governments could force citizens to get verified and reveal their IDs. Governments may also limit the issuance of WLD tokens (like in the US).
- Phone hacking – Gaining access to one’s phone exposes the stored World ID.
- Forging fake people – One may use AI and 3D printers to trick the Orb into verifying an illegitimate individual.
Such risks fall outside the Worldcoin protocol's scope, making mitigation difficult for the team. Furthermore, there are inherent trade-offs with open-source and closed algorithms. Open-source models are transparent but prone to frequent attacks. Closed algorithms suffer from fewer attacks but involve a trust element.
Accessibility Risks
These are the risks associated with scaling the Worldcoin infrastructure to accommodate over a billion people. This entails rapidly upscaling the production of Orbs and securely distributing them worldwide. Issues may arise in upholding the integrity of a large number of Orbs. Furthermore, accessibility issues also arise out of not having an Orb with sufficient reach, even in the most remote places. Accessibility risks also arise from a lack of technical know-how for operating smartphones, wallet apps, and private keys. Finally, The Worldcoin protocol does not address the instances where the participant’s irises are unfit for verification (due to medical defects).
Risks With the Tokenomics
The Worldcoin protocol boasts grand aspirations for their WLD token, like a means to distribute UBI and have WLD holders use it as a store of value. However, the Worldcoin token economics paints an utterly distinct picture from what’s claimed in press releases and public announcements.
Not Ideal for UBI
The Worldcoin token is very uncharacteristic of a UBI token. For instance, about 25% of its supply is reserved for initial investors and development teams, reminiscent of VC-backed crypto projects, which does not sound like creating equal opportunities.
Not Ideal for a Store of Value
A store of value token must possess some fundamental qualities like –
- It should be scarce.
- It should be decentralized and launched fairly.
- A significant number of people must believe in its value.
Let’s see how well these conditions hold up for the WLD token against Bitcoin, the most widely accepted store of value token to date –
- The scarcity of BTC doubles every four years, with a fixed supply of 21 million units. WLD, in contrast, could have unlimited supply (if governance decides so).
- BTC is the most decentralized token in Web3 and was launched fairly (every unit was mined). Significant WLD tokens are allocated to early investors and developers.
- BTC is the most widely owned cryptocurrency, which means magnitudes more people believe in its value.
Finally, a token’s value may also depend on its utility. Apart from UBI and store of value, the only other utility for the WLD token is potential use in Worldcoin protocol governance processes. Considering how aggressively the Worldcoin ecosystem promotes the “one person, one vote” philosophy, the relevance of WLD tokens in governance processes remains indecisive.
Worldcoin Closing Thoughts - Right Place at the Wrong Time
The Worldcoin Foundation talks about a dystopian future where state-of-the-art machine learning models have made AI indistinguishable from humans facing an identity epidemic in the virtual world. Worldcoin also expresses an acute distrust in the fiat money regime, blaming it for huge disparities in individuals’ economic statuses induced by their geography.
Looking beyond all the fluff, Worldcoin seems to piggyback on two evident trends in the world – the rapid advancement of AI and the rapidly increasing global inflation, to push its agenda. All their cards seem to bet on the dystopian future of hyper-intelligent AI and a crumbling monetary system. Therefore, even if we look past all risks posed by the Worldcoin protocol, the success of its business model rests on a future that does not seem to play out in the current global landscape anytime soon.
Having said that, Worldcoin is the most sophisticated attempt at establishing a decentralized identity protocol and a global network for UBI, both of which are pressing issues in their own regard—public discussions about such issues open doors to even better solutions in the future.
Frequently Asked Questions
Worldcoin is a global cryptocurrency project that aims to distribute a digital currency to every person on Earth through a unique biometric verification system using iris scanning technology. The digital currency will form the basis for a global AI-funded UBI.
Worldcoin uses a proprietary device called the "Orb" to scan users' irises, which serves as a unique and secure identifier for each participant in the network. The Orb captures a high-resolution image of the user's iris, and an algorithm converts this image into a unique code. This code then creates a digital wallet for the user, ensuring that each person can only receive Worldcoin once and preventing fraud or duplicate accounts.
Worldcoin claims that its iris scanning technology is non-invasive, secure, and protects users' privacy. The Orb does not store any personally identifiable information, and the unique code generated from the iris scan is securely linked to the user's identity using zero-knowledge technology. Additionally, the data is encrypted and stored on a decentralized blockchain network, which ensures that it is secure from hacking or unauthorized access. Though there are concerns about data leaks, privacy and the centralization of the project.
To participate in Worldcoin's distribution, you will need to find a local Orb operator and complete the biometric verification process. Orb operators are responsible for setting up and maintaining the Orb devices, as well as assisting users with the verification process. Once your iris has been scanned and your unique digital wallet has been created, you will receive your share of the Worldcoin token. The distribution process is designed to be simple and accessible to people of all backgrounds and technical abilities.
Key criticisms against Worldcoin include concerns about privacy, centralization, and the effectiveness of its distribution model. Critics argue that iris scanning could lead to potential privacy breaches or misuse of biometric data. Additionally, the reliance on Orb operators for distribution may introduce centralization risks. Lastly, skeptics question whether distributing cryptocurrency to everyone will effectively address wealth inequality and financial inclusion, as access to digital infrastructure and financial literacy remain significant barriers for many individuals worldwide.
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.