Worldcoin talks about UBI which based on what Sam has said in the past I would take them at their word on. But beyond UBI what WorldCoin is going for is identity.
In the nonblockchain world your identity is your Country ID, Passport, etc.
In the blockchain world none of that stuff exists and people get uncomfortable when you start asking for it.
This leaves a situation where a person is often just represented by a wallet. Well as you may know a person can make dozens or hundreds of wallets.
This problem leads to all kinds of weird tricks that crypto projects get up to when trying to verify 1 wallet 1 person. For example in the idea of 1 person 1 vote on a project or for something like an airdrop early in a project where people on a discord get free crypto for being early adopters but you don't want one person registering with many wallets.
Today that might look verification based on a phone number associated with discord or something. Real flimsy stuff.
Worldcoin bases it on retina, which I admit creeps me out as well even if it's just a hash. But I can see what they're getting at. The need is there, maybe there is a better way.
I used to work at crypto startup and we ran into this exact problem.
Devil's advocate: I think the point is not to solve a problem the users have, but rather a problem the company dabbling in crypto has, e.g. that no user benefits twice from one-time offers, this kind of things.
"Worldcoin says it eventually wants to erase the iris images to protect the privacy of those who sign up for its currency. If perfected, the company says the technology will distill the image of each set of irises into a unique string of letters and numbers, called an iris-hash, to be stored in Worldcoin’s database. As the company’s data consent form states, data gathered by the Orb will be used for “purposes such as training of our neural network for the recognition of human irises.”"
Because in our current environment, a data breach of your government issued ID can have more negative real world consequences through various forms of identity theft than a data breach of your retina can.
Here's what I don't get about this issue: Given that crypto's value prop is a decentralized, democratized currency free from any regulatory body's oversight, why are crypto people viewing this as "a problem"?
It seems to me that they want to have their cake and eat it too.
The "identity verification" function is one of the roles that governmental agencies are well-suited to perform.
Another is prosecuting fraud.
If crypto doesn't want government "interference" then why is the crypto community so invested in replicating that "interference", except in an objectively inferior way?
It's not an all-or-nothing situation, e.g. you might want to ensure that every user gets 100 tokens only once in their lifetime without further constraints afterwards on what they can do with this. Not saying there's any crypto project where this would make business sense, but a priori and without concrete example, why not.
The risks of retina scanning are the same regardless whether in blockchain or any other domain. The company collecting your retina signature/hash/data gets breached, your PII is stolen, sold on the black market, and criminals use your biometric data to create fake, fraudulent identities and accounts and steal stuff in your name. This is already happening, just without the biometric data.
- Abuse of orb operators by Worldcoin, as outlined in the article. This is basically equivalent to abuse of Uber drivers by Uber. They are offering a job and they need to be good employers.
- Abuse of orb operators by other actors, again, as outlined in the article. Since they are "giving away free money," it's quite natural for legitimate and illegitimate authorities to imagine there's an opportunity to prosecute or profit from taking advantage of the system. So far as I can see, there is no such opportunity, but it won't stop people who don't understand what's happening.
- Abuse of the biometrics themselves to create an unfair distribution, as mentioned in the article. If the eye scanners actually don't create a unique hash for each individual, or if people learn how to create fake irises, or otherwise hack the device, people could sign up multiple times and receive more free money than other people. If this scam works at scale, orb operators could become targets.
- Abuse of Worldcoin "users." Orb operators could sign people up, then steal their crypto wallets from them. This could be done through coercion or through misinformation.
- Scams: namely, people creating fake orbs that do collect and abuse biometric information
- Unlikely, but: collecting more information than needed and then getting compromised by bad actors or by some kind of corporate takeover. As far as I know, Worldcoin only collects hashes of irises (and maybe telemetry). This data is pretty much useless for any purpose other than the intended one: providing people with a unique wallet. Abuses of such data could do one thing: given the original person and the device, prove that they signed up for Worldcoin. If Worldcoin accidentally collects some other kind of data, which has some other abuse potential, this could be a problem. I suspect they will be very careful not to do this.
In conclusion, the "retina blockchain tech" has, really, no risks associated inherently. Distribution, however, must be carefully handled to avoid abuse.
This is especially complicated because most people will not understand how the technology works and will attempt to exploit it in ways that, in the end, won't work. Nevertheless, they may cause harm in the meantime.
The problem is analogous to a bank offering free money to anyone who shows up. Provided they can prove identity, there is no problem inherently. People show up and get free money, then leave. However, how would you maintain order in the line that has formed? What to do about someone who shows up with a gun? What if the teller is assaulted? What if the tellers are not protected or paid appropriately for their service?
Worldcoin, if it succeeds, will merely put everyone in the world on more equal economic footing, and make a few people rich. It will also launch the first ever decentralized identity system with a significant user-base. If they can pull this off, I'm more concerned about the geopolitical, governance and economic consequences of a cryptocurrency with wider distribution than Bitcoin, and of the identity system. What happens when anyone in the world can airdrop cryptocurrency to more than a billion people?
Worldcoin is absolutely collecting more information than iris hashes.
"Worldcoin says it eventually wants to erase the iris images to protect the privacy of those who sign up for its currency. If perfected, the company says the technology will distill the image of each set of irises into a unique string of letters and numbers, called an iris-hash, to be stored in Worldcoin’s database. As the company’s data consent form states, data gathered by the Orb will be used for “purposes such as training of our neural network for the recognition of human irises.”"
Would you like to invest in my new blockchain technology? Send me $100,000 and sign a non-consent and I'll explain it to you.
> What would be neat now is “proof of unique living individual” in the same way.. that would solve a number of problems, related to UBI and voting.
So, there was a project called Aurora that tried to do exactly this during the financial crisis fallout in Iceland, it failed, mainly because it was way too early and the blockchain itself wasn't protected as well as Bitcoin: it was presumed that PoS could serve as a possible solution if it has a specific usecase.
Unfortunately, we didn't gain as much info and data as we could have other than then from a security standpoint deviating from BTC was not tenable.
Jack Dorsey is seeking ways to just this with Block, he did a recent talk on how UBI could work via Bitcoin's blockchain as a way to facilitate seamless txs, the biggest obstacle being that this would need to be a layer 2 or possibly layer 3 because of the ID component that ensures that this info is not retained: think zero proof knowledge protocol.
It can be done on mainchain via a derivative for incredibly low cost (100 million sats/BTC), but just like colored coins was too early this may prove tricky.
What we learned from the COVID unemployment debacle was that the payments system in the US is entirely broken and cannot function even at the best of times, much less under any strain without being subject to total collapse or perpetual grift so this needs to happen either way.
Personally speaking, I'd really wish that we can derive more data from all the UBI test runs and then have this be a major part of layer 2/3 development: for all this talk about 'Web3,' a total boomerism if I ever heard one, and the money pouring into this space I wish some of it would be spent in this space.
I'd offer to help get involved if it were the case as a former co-founder, dev and consultant in this space, if that were to happen.
In the nonblockchain world your identity is your Country ID, Passport, etc.
In the blockchain world none of that stuff exists and people get uncomfortable when you start asking for it.
This leaves a situation where a person is often just represented by a wallet. Well as you may know a person can make dozens or hundreds of wallets.
This problem leads to all kinds of weird tricks that crypto projects get up to when trying to verify 1 wallet 1 person. For example in the idea of 1 person 1 vote on a project or for something like an airdrop early in a project where people on a discord get free crypto for being early adopters but you don't want one person registering with many wallets.
Today that might look verification based on a phone number associated with discord or something. Real flimsy stuff.
Worldcoin bases it on retina, which I admit creeps me out as well even if it's just a hash. But I can see what they're getting at. The need is there, maybe there is a better way.
I used to work at crypto startup and we ran into this exact problem.