Cointime

Download App
iOS & Android

ADVANCING DECENTRALIZATION

Repost from Worldcoin: “ADVANCING DECENTRALIZATION” The full report and all related findings are available on the official website of Worldcoin.

The goal of the Worldcoin project is to ingrain humanness and financial equitability in the global digital infrastructure. Grand challenges in the next decade are global income inequality, governance of existential risks and distinguishing humans from artificial intelligence. Humanity needs a protocol to solve these challenges. Worldcoin aims to be this protocol.

To succeed, Worldcoin must grow beyond its current community, to be built, owned and governed by all the people. You can join the community and help make the protocol robust by:

- taking part in Community Grants Program- reading the Worldcoin Whitepaper- reviewing the Worldcoin Tech Tree

To become part of the global digital infrastructure, Worldcoin must be as robust, widespread and neutral as the internet itself. Any lesser standard is insufficient to effectively address the grand challenges. This has been a priority from day one, and much has already been achieved. To understand the challenges and opportunities associated with advancing Worldcoin, the goal itself needs to be defined more concretely.

Distributed Robustness

In the broadest sense, becoming part of the global infrastructure means becoming a collective system like TCP/IP, WiFi, or the English language. These all have a quality of distributed robustness: they are networked over multiple participants and can recover from failures localized to certain groups of participants. Participant failures can range from losing internet connection to organized collective malicious behavior. A robust system, when adopted widely, becomes global infrastructure, so it suffices to focus on robustness.

A litmus test for distributed robustness is forkability. Forking is the process of creating an independent copy of the system that can diverge from the original. If a system can be easily forked by a subset of users then it can in principle recover from any failure by forking in a direction that has the failure corrected. But if this is not done unanimously, it splits the system in two, with two separate communities. Such fragmentation is often undesirable to the community and thus the existence of competing forks is considered a failure of the original community. In practice this means that the threat of a fork acts to keep the community in check. To make forking easy, the system should be easy to understand and observe, i.e. open source and transparent.

At the core of Worldcoin is a system for global agreement on the set of all humans. Distributed robust systems that require global agreement were not solved until the arrival of blockchains. Initially targeting digital currencies, the solution generalizes to a wide range of computable systems including most of Worldcoin. This solves one challenge to robustness, but three remain: oracles, governance and privacy.

Oracles: Orbs

The Orbs address what is known as the Oracle problem. Orbs observe the real-world property of personhood. Real-world observations are not verifiable, but fortunately they can be repeatable. To make observations robust against failure, the reliability, independence and diversity of the observers needs to improve. To increase reliability independent hardware designers and manufacturers are needed, open verifiable designs, and a distributed robust auditing process are all needed. Multiple independent observations would be a high burden on the user if it requires multiple trips to an orb. Fortunately much of the benefit can be gained by using statistical sampling and secondary observations that utilize the user’s own phone.

The goal would be to create a standard protocol that anyone can adopt for building hardware to prove humanness. To realize a world in which anyone with the right capabilities can build and integrate their own hardware for observing humanness, the protocol needs open standards for reliability of the observations and a credibly neutral process to certify the hardware.

Governance: Foundation

Distributed robust governance is a challenge. The simplest and natural solution is to simply avoid governance and have a system that is stagnant and unable to evolve with a changing environment. This is perfectly fine when ossification is desirable and changes should go through forking or replacement. For systems like financial and identity infrastructure, where cohesion is important, migration costs are high, and the environment develops rapidly, this is not always an option. To be robust, governance should be transparent, include all participants, be credibly neutral and achieve global agreement. This often leads to large governance structures that are slow and costly to make decisions. Slow and costly may be desirable for big strategic decisions like amending a constitution, but may be detrimental with respect to other decisions, such as those related to security breaches where confidentiality and swift action is required. Additionally, in the early growth stages of a project it is important to nimbly adapt to developing opportunities. Hence there are a variety of considerations with respect to distributed governance.

Worldcoin has a superpower for governance with its proof-of-personhood. This allows implementing one-person-one-vote democracies, something not previously possible. In fact, this opens the door to new promising forms of governance such as those involving quadratic voting. Fortunately the Worldcoin Foundation’s grant program is an excellent place to incubate such mechanisms with decisions of meaningful but non-critical importance. As solutions prove themselves, community governance responsibilities can grow over time until they cover all significant governance decisions, through one mechanism or another. This allows exploration of the exciting space of global governance mechanisms.

Privacy: Uniqueness Service

Robustness abhors secrets. After all, it takes only a single failure to lose one (either forgetting or leaking). Similarly, secret processes are troublesome because errors can go unnoticed. Self-custody, where secrets relating to a user are exclusively in the custody of that user, contains failures by that user to that user (though users are free to enlist third-parties to help safe-guard the secret). Secret processes can be made verifiable using zero-knowledge proofs and similar techniques.

Both self-custody and zero-knowledge proofs are incomplete solutions to robust secrets as cases remain cases where a tradeoff between more robustness or more privacy results. In Worldcoin this happens primarily in the uniqueness service, the part that verifies an iris code does not match an already registered one. Here privacy is maximized, trading off some robustness. Cryptographic solutions that can achieve both simultaneously are being investigated.

Continuous Robustness

Much has already been achieved: the Worldcoin Foundation is set up and holds the treasury and IP, the World ID claims are on-chain and permissionless, the WorldApp wallet is self-custodial and the Orb hardware is open-source (save for anti-tamper). Going forward, robustness can continue to evolve in several dimensions:

Fig. 1

The Worldcoin Tech Tree showing the key areas of the project and respective potential improvements.

  • User AgentThe user agent, i.e. the wallet, is what connects the user to the system and executes all user actions. It manages the user’s keys for both finance and identity. The finance part is a self-custody crypto wallet and thus quite robust. For the identity part the system has an architecture where the user agent combines independent components into a full featured system. Even more robust is if anyone can implement a user-agent and users can use one of their choosing. Diversity in user-agents mitigates common mode failures and allows catering to the needs of specific user segments.
  • HardwareOrbs are a key component for verifying humanness and uniqueness. Besides the aforementioned Oracle problem, robustness here means that Operator access to Orbs is as reliable as it can be. The main concern here are common mode failures: while each Orb operates independently, a fault in the construction can create correlated failures. Creating open standards and having multiple independent manufacturers is a proven way to solve this, as demonstrated by Ethernet and WiFi.
  • OperationsOperations in the Worldcoin project are processes in the physical world that help users to get their World ID verified. Orb Operators (i.e., independent entrepreneurs and their organizations around the world who provide Orbs in physical locations for people to verify) are key contributors to these operations. Certain infrastructure primitives can help reduce trust assumptions, align the incentives of all participants and thereby further the robustness of operations. Those include in-person auditing of operations as well as mechanisms that help increase the integrity of World IDs like face authentication to make it difficult to pass World IDs on to someone else.
  • ProtocolWorld ID claims are quite robust. Using World ID only requires the private key and public information on the Ethereum blockchain. Similarly application developers can verify World ID using only public information. Both are permissionless as no approvals are required. However, the sign-up process depends on the uniqueness service, which will be further ruggedized over time.
  • GovernanceIntellectual property foundational to the mission, including Orb IP, sits with the independent Worldcoin Foundation. The Worldcoin Foundation currently oversees governance of the project, which is being transitioned to governance by all of humanity.

Focus on the User-Agent

Is there a process you can follow to ruggedize a traditional software system? It turns out that to a large extent there is: something one could call “focus on the user-agent”. Assume you start with a traditional architecture, like the diagram on the left, where there is an app (the user-agent) and a number of backend services that each perform a logical function. These backed services are closed-source, run in the cloud and may talk to each other and may hold state.

Fig. 2

Focusing the architecture on the user agent enables the separation of different system components and thereby makes them easier to replace.

The first step is to reroute all the internal communication through the user-agent. Often the internal messages can be naturally attributed to a specific user. Of course, the user-agent can be anything the user chooses, so it cannot be trusted. To ensure the user does not manipulate the messages, they can be cryptographically signed. If the information should be hidden from the user, they can even be encrypted, but note that this will likely cause problems further down the process. Any state in the architecture should be stored on the user-agent, or in public (e.g. on a blockchain). If all goes well, what is left are stateless services that interact only with the user-agent and public state.

The second step is to look closely at each stateless service and see how it can be ruggedized. Maybe it is possible to push it to the user-agent, using zero-knowledge proofs if necessary. Or maybe it can be pushed onchain and execute as a smart contract. Maybe it can be made easily verifiable, and anyone could host an implementation. The end goal here is that the user is free to build their own implementation, or there is a single instance running onchain.

Of course, this process will likely hit a blocker. Messages may not be user-attributable. State can be neither user specific nor public. A service may not fit a well-known pattern. Or things that should be onchain or zero-knowledge proven exceed the capacity of current technology (which is arguably extremely limited compared to cloud providers). In this case creativity and innovation is required. But at this point the problem is already contained to that service, where other services may have been successfully ruggedized.

Once you go through this process it becomes very natural to think from the user's perspective where the user is free to shop around and combine parts to a greater whole. For example World ID’s Orb Verification process becomes

  1. The user installs a wallet app of their choice to act as their user-agent. 
  2. The user finds a nearby Orb. This can be done using onchain information from the Orb registry or using a third-party indexing website.
  3. The user has their picture taken at an Orb. The Orb communicates directly with the user-agent and sends a signed iris picture (after establishing liveness).
  4. The user computes the iris code from the image together with a zero-knowledge proof.
  5. The user sends the iris code and proof to the uniqueness service.
  6. The uniqueness service verifies the proof and the uniqueness. It inserts the iris code into its state and responds with a uniqueness certificate (a signed message).
  7. The user sends their public key and uniqueness certificate to a signup sequencing node.
  8. The signup sequencers batch-update the onchain Merkle tree, and the user now has a verified account.

In this perspective it is clear that the hard problem is the uniqueness service, and mostly because the iriscodes are not public state. It also raises second order questions like governance of the orb registry or how account recovery will work. The presentation here is simplified, please see the whitepaper for a more detailed account.

Infrastructure Meant to Last

Humanness will become critically important as the world continues to digitize and artificial intelligence becomes widespread. To meet the challenge, a solution is needed that can scale globally and survive the pressures that come at scale. And only a robust system can do that. There are already many independent contributors working on various projects to further the robustness of Worldcoin, and more to join in the first wave of grants. But ultimately, to be as robust as possible, Worldcoin must be owned and governed by all the people.

Comments

All Comments

Recommended for you

  • U.S. Congressman Mike Flood: Looking forward to working with the next SEC Chairman to revoke the anti-crypto banking policy SAB 121

     US House of Representatives will investigate Representative Mike Flood's recent statement: "Despite widespread opposition, SAB 121 is still operating as a regulation, even though it has never gone through the normal Administrative Procedure Act process." Flood said, "I look forward to working with the next SEC chairman to revoke SAB 121. Whether Chairman Gary Gensler resigns on his own or President Trump fulfills his promise to dismiss Gensler, the new government has an excellent opportunity to usher in a new era after Gensler's departure." He added, "It's not surprising that Gensler opposed the digital asset regulatory framework passed by the House on a bipartisan basis earlier this year. 71 Democrats and House Republicans passed this common-sense framework together. Although the Democratic-led Senate rejected it, it represented a breakthrough moment for cryptocurrency and may provide information for the work of the unified Republican government when the next Congress begins in January next year."

  • Indian billionaire Adani summoned by US SEC to explain position on bribery case

    Indian billionaire Gautam Adani and his nephew, Sahil Adani, have been subpoenaed by the US Securities and Exchange Commission (SEC) to explain allegations of paying over $250 million in bribes to win solar power contracts. According to the Press Trust of India (PTI), the subpoena has been delivered to the Adani family's residence in Ahmedabad, a city in western India, and they have been given 21 days to respond. The notice, issued on November 21 by the Eastern District Court of New York, states that if the Adani family fails to respond on time, a default judgment will be made against them.

  • U.S. Congressman: SEC Commissioner Hester Peirce may become the new acting chairman of the SEC

    US Congressman French Hill revealed at the North American Blockchain Summit (NABS) that Republican SEC Commissioner Hester Peirce is "likely" to become the new acting chair of the US Securities and Exchange Commission (SEC). He noted that current chair Gary Gensler will step down on January 20, 2025, and the Republican Party will take over the SEC, with Peirce expected to succeed him.

  • Tether spokesperson: The relationship with Cantor is purely business, and the claim that Lutnick influenced regulatory actions is pure nonsense

     a spokesperson for Tether stated: "The relationship between Tether and Cantor Fitzgerald is purely a business relationship based on managing reserves. Claims that Howard Lutnick's joining the transition team in some way implies an influence on regulatory actions are baseless."

  • Bitwise CEO warns that ETHW is not suitable for all investors and has high risks and high volatility

    Hunter Horsley, CEO of Bitwise, posted on X platform that he was happy to see capital inflows into Bitwise's Ethereum exchange-traded fund ETHW, iShares, and Fidelity this Friday. He reminded that ETHW is not a registered investment company under the U.S. Investment Company Act of 1940 and therefore is not protected by the law. ETHW is not suitable for all investors due to its high risk and volatility.

  • Musk said he liked the "WOULD" meme, and the related tokens rose 400 times in a short period of time

    Musk posted a picture on his social media platform saying he likes the "WOULD" meme. As a result, the meme coin with the same name briefly surged. According to GMGN data, the meme coin with the same name created 123 days ago surged over 400 times in a short period of time, with a current market value of 4.5 million US dollars. Reminder to users: Meme coins have no practical use cases, prices are highly volatile, and investment should be cautious.

  • Victory Securities: Funding Rates halved and fell, Bitcoin's short-term direction is not one-sided

    Zhou Lele, the Vice Chief Operating Officer of Victory Securities, analyzed that the macro and high-level negative impact risks in the cryptocurrency market have passed. The risks are now more focused on expected realization, such as the American entrepreneur Musk and the American "Efficiency Department" (DOGE) led by Ramaswamy. After media reports, the increase in Dogecoin ($DOGE) was only 5.7%, while Dogecoin rose by 83% in the week when the US election results were announced. Last week, the net inflow of off-exchange Bitcoin ETF was US$1.67 billion, and the holdings of exchange contracts and CME contracts remained high, but the funding rates halved and fell back, indicating that the direction of Bitcoin in the short term is not one-sided, and bears are also accumulating strength.

  • ECB board member Villeroy: Falling inflation allows ECB to cut interest rates

     ECB board member Villeroy de Galhau said in an interview that the decline in inflation allows the ECB to lower interest rates. In addition, the slow pace of price increases compared to average wages is also a factor in the rate cut. Villeroy de Galhau emphasized that the ECB's interest rate policy decision is independent of the Fed. Evidence shows that the ECB began to lower interest rates in early June, while the Fed lowered interest rates three months later. With the decline in inflation, we will be able to continue to lower interest rates. Currently, the market generally expects the ECB to cut interest rates by 25 basis points at the next meeting in December, but weaker data increases the possibility of a 50 basis point cut.

  • State Street warns Bitcoin craze could distract gold investors

    George Milling-Stanley, the head of gold strategy at Dominion Bank, warned that the rise of Bitcoin may mislead investors to overlook the stability of gold. He believes that Bitcoin is more like a return-driven investment, while gold provides long-term stability. He also criticized Bitcoin promoters for misleading the market by using the term "mining," and believes that gold is still a more reliable investment choice.

  • Rich Dad Poor Dad author strongly supports Michael Saylor’s BTC strategy

    Robert Kiyosaki, the author of "Rich Dad Poor Dad," expressed strong support for Bitcoin and Microstrategy CEO Michael Saylor's BTC strategy on X this week. Kiyosaki quoted Saylor's prediction that BTC would reach $13 million and said, "I believe he's right, he's a smart man." He also pointed out that if Saylor's prediction is correct, buying 0.01 BTC at today's price could potentially make investors millionaires in the future and advised to buy in a timely manner.