Why Proof-of-Humanity is so Important and Why Rarimo Built the World’s First POH Aggregator
Kitty Horlick, Director, Rarify Labs
In 1993, when the World Wide Web was released into the public domain, the New Yorker published the now iconic cartoon ‘On the Internet, nobody knows you’re a dog.’ This sketch of a computer-savvy canine educating his companion on the possibilities of online personas was rapidly reproduced as a warning that in the faceless corridors of the internet, people may not be who they say they are.
Thanks to a16z’s Dan Boneh who first referenced this cartoon in relation to bots during an a16z web3 podcast and inspired many of the ideas in this blog post
But while the internet users of the late twentieth century fought to stay vigilant against tricksy household pets, the most pernicious threat facing today’s users is bots. These autonomous programs are so dangerous not because they represent the kind of one-on-one, personalized deception of the traditional dog or human adversary, but because they have the ability to endlessly replicate, overwhelming entire systems in the process.
Take, for instance, the 2016 US election where speculation that Russia mobilized bots to flood Twitter with pro-Trump content triggered widespread distrust in democratic processes. Though never fully resolved, the scandal highlighted how bots are often a centralizing force, enabling a single entity, be it an individual or an organization, to raise armies from dust. With the growth of AI, this risk has only escalated over the years, reaching a recent, urgent crescendo following the release of generative models.
Blockchain as anti-bot infrastructure
Thankfully, preventing such attacks has always been at the heart of blockchain design. As permissionless networks, blockchains allow anyone to participate, including possible adversaries who might hope to seize control of a network by masquerading as multiple participants. The 2009 Bitcoin whitepaper was such a revelation in computer science because the Proof-of-Work mechanism showed that it was possible to maintain an open network with an honest majority. If you want to masquerade as a thousand people, you have to do the work of a thousand people, and the cost will be a thousand times higher.
It is no surprise then that the most promising protections against bots are arising from Web3. Of particular importance are Proof-of-Humanity solutions (POH), also referred to as Proof-of-Personhood (POP). These provide cryptographic proofs that a user is a human and not a bot without revealing any additional information about them. This emphasis on privacy distinguishes POH from the identity solutions of the real-world and Web2 where personal details such as addresses or dates of birth are typically required.
From social media to DAO voting, or from managing air-drops to gating reward programs, the range and number of applications and platforms that could make use of the POH solution is limitless.
Vitalik on PoH
In his recent blog post ‘What do I think about biometric proof of personhood?’, Ethereum founder Vitalik Buterin wrote that POH solutions are ‘one of the most valuable gadgets that people in the Ethereum community have been trying to build,’ but that they are also ‘one of the trickier’ ones to develop. This is because POH solutions not only need to provide incontestable proof while maintaining privacy, but also uphold additional Web3 principles including user-based ownership, and decentralization.
Already a range of solutions exist, but there is debate throughout the Web3 community about which are the most robust. To get a full sense of the nuances in variations between different approaches, we recommend reading Vitalik’s blog, where he compares biometric and social-graph-based methods, but to summarize his thinking:
There is no ideal form of proof of personhood. Instead, we have at least three different paradigms of approaches that all have their own unique strengths and weaknesses.
To some extent POH solutions are ice cream flavors; personal taste is often a determining factor. Biometric solutions like Worldcoin which uses spherical, futuristic-looking pieces of specialized hardware named ‘Orbs’ to scan people’s irises are simply too redolent of invasive dystopian sci-fi for some. Yet, the orb computes and stores only a hash of users’ iris scans meaning that even in highly improbable, worst-case scenarios, the amount of personalized data about a person that could be leaked is negligible. So, for other users, this kind of privacy guarantee makes the Orb remarkably non-invasive.
Why POH Solutions Need Aggregating
With so many trade-offs between different types of Proof-of-Humanity solutions, it is unlikely that a single verification method will become ubiquitous, and nor would Web3 want it to be. For, if a single method becomes overly prevalent and becomes the only way of accessing the services we know and love, users will be forced to choose between complicity or exclusion from the space. Optionality is then the key to freedom and allows users to maintain control over their identity.
It is for this reason that Rarimo decided to aggregate four of the biggest identity providers in the space: Worldcoin; Unstoppable Domains; Gitcoin Passport; and Civic, into the world’s first Proof-of-Humanity plug-in for dApps. This allows applications and platforms seeking to protect users from bots to automatically integrate with a range of providers rather than spending time and resources partnering with each one, and it allows users to opt for the provider of their choice.
After selecting their provider, users generate an on-chain proof which verifies they’ve met requirements only a real person could meet. The proofs themselves make use of zero-knowledge (ZK) technology which makes the aforementioned goal of enabling one party (in this case, the user) to prove to another (in this case, the platform) that a certain statement (in this case, that they are human) is true without disclosing additional information, a reality.
If, for instance, a user selects Unstoppable Domains as their provider, Rarimo will enable them to generate a Proof-of-Humanity on the basis that the complex steps required for ownership, including possessing and making payments from a bank account, could not be executed by a bot, but not even the name of the domain is disclosed. If you’re interested in learning more about ZK technology, you can read about it here in our July newsletter.
Why we need multi-chain POHs
As an interoperability protocol, Rarimo also makes all proofs instantly multi-chain and available across all networks. This enables dApps and smart contracts on any chain to interact with the plug-in and ensures that users are not only free to use the provider of their choice but the network(s) of their choice as well.
Just as having a variety of providers is vital to the health of the digital identity ecosystem, a variety of chains is equally vital to the health of Web3. For, chains also have trade-offs that mean no single one can provide all of the infrastructure the ecosystem requires. The more decentralized a blockchain is, for instance, the less scalable it tends to be. The more secure it is, the less smart contract functionality it has. By enabling users to port seamlessly between platforms or networks, Rarimo again works to fuel diversity and maintain optionality.
Under the hood, Rarimo enables the Proofs-of-Humanity to become multi-chain, syncing the on-chain states for each proof across all its connected chains. The integration significantly reduces the costs providers would otherwise face publishing states across multiple chains because Rarimo allows them to be published on-demand, preventing unnecessary synchronization fees. Rarimo also has several additional cost-reducing features such as transaction bundling.
Despite these complex mechanics, Rarimo’s Proof-of-Humanity solution provides a seamless experience for users — with only a few additional clicks, they can select the identity provider they wish to use, generate a proof, and submit it to the platform they’re on.
This process can be observed here in this demo.
Rarimo’s POH Launch
The plug-in was launched via integration with community-building platform Galxe, where users complete Web3-related tasks in exchange for OATs (on-chain achievement tokens), and Decentraland via DCL Curations, a virtual library that rewards users for completing educational exercises. These integrations enable the platforms to filter out bots and ensure that verified humans are using their services.
The future of web3 and POHs
Rarimo is so excited about this solution, not only because aggregation is such a core aspect of ensuring that Proofs-of-Humanity remains a force for good in Web3, but because the need to distinguish humans from machines is going to grow increasingly urgent, and Proof-of-Humanity solutions are an important stepping stone for next-gen infrastructure.
In the past year, for instance, great glimmering tidal waves of AI-generated music, poetry and imagery have flooded the internet. Being able to distinguish which of this content has been generated by humans and which has been generated by machines is vital in the battle against disinformation.
Proof-of-Humanity forms an early blueprint for possible solutions and presents an invaluable example of the way that the traceability, anonymity, and security provided by blockchain technology can counteract the challenges of AI.
Generate your own POH credential
'Proof of humanity' plug-in for crypto apps launched by Rarimo
By prompting users to prove they are human, Rarimo aspires to block AI spam bots from logging into platforms like…