HIP: 86
title: Anonymizing Humanity Profiles for Select 3rd Party Integrations
author: negroni
status: Phase 1
builds on: An anonymous PoH wrapper
created: 2024-07-19
Simple Summary
This proposal aims for the implementation of functionality where profiles registered on Proof of Humanity (PoH) can be leveraged to anonymously register accounts on select third-party applications.
Abstract
As the web3 ecosystem evolves, many applications require sybil-proof user registrations for purposes such as universal basic income distribution, DAO voting, airdrops and identity verification. While PoH has developed such a registry, some use cases only need to confirm that a user is unique and human without needing to link their real-world identity to their digital presence. Examples of these would be gaming platforms, multiverse identities, content creation platforms and reputation systems. In fact, in some applications like anonymous voting and whistleblowing platforms, exposing real-world identity should be strictly prohibited. By developing provisions to decouple real-world identities from PoH profiles, we can provide robust sybil resistance while encouraging a wider adoption of the protocol.
This proposal leverages Zero-Knowledge Proofs (ZKPs) to decouple a PoH profile from disclosing Personally Identifiable Information (PII) during some third-party registrations. By creating an optional abstraction layer for third-party integrations, users can generate ZKPs on their PoH profiles that would be used to prove their humanity as they register with external applications without revealing actual PII such as photos, videos or names.
Motivation
Decoupling registered users’ PII from some third-party applications builds on PoH’s sybil-resistant human registry for use cases that do not require the revelation of PII - thereby enhancing user privacy. Currently, PoH publicly discloses all user profile information. While this serves as a significant requirement for a community-curated user registry, it can hinder the protocol’s adaptability for specific use cases as mentioned above.
While recognizing that even successfully decoupling PII from these third-party user registrations is unlikely to guarantee absolute anonymity, we are encouraged that the anonymity set, which comprises all registered users among whom an individual’s identity is concealed, would be as large as the total number of verified profiles at any given time – making it indistinguishable from the set of all registered profiles that choose to maintain their anonymity. This ensures that a user’s identity remains hidden while guaranteeing that the profile in question belongs to a verified human.
Implementing ZKPs to generate proof of a unique human profile from PoH’s registry involves leveraging cryptographic techniques to create verifiable statements without exposing the underlying data. When a profile is successfully registered on PoH, ZKPs can use the submitted user information to generate a proof that asserts the uniqueness and validity of the profile without revealing the actual video, photo, or blockchain address. Essentially, the ZKP will mathematically demonstrate that the profile is verified and unique in the registry while maintaining the confidentiality of the user’s PII.
For instance, if a registered user’s blockchain address is not publicly displayed on PoH, users can transact anonymously on third-party applications unless proof of their address is specifically required. This can be achieved by implementing selective disclosure mechanisms like Attribute-Based Credentials (ABCs) to reveal only the necessary profile information as required.
This proposal aligns with the broader vision of PoH to create a sybil-resistant and privacy-preserving identity verification system that can be widely adopted across various platforms and services.
Rationale
ZKPs and ABCs were chosen for their ability to create verifiable statements without exposing underlying data; making them ideal for privacy-preserving third-party integrations. We propose the use of ZKPs and ABCs because:
- ZKPs allow for dynamic and Real-time Verification unlike the NFT based solution proposed in the discussions at An anonymous PoH wrapper which would rely on static snapshots hence does not adapt efficiently to real-time changes in user profile status.
- ZKPs allow real-time invalidation of proofs if a profile is deemed invalid thereby maintaining the registry’s integrity.
- ABCs allow users to prove specific attributes without revealing unnecessary information. Each attribute (e.g., name, photo or address) is associated with a credential, enabling the prover to selectively disclose only the relevant credentials. Verifiers can then verify these credentials without learning other attributes.
- Finally, NFTs being on-chain assets can complicate compliance with regulations such as GDPR due to their permanent and transparent nature and may expose more information than necessary for certain use cases, lacking the granular selective disclosure capabilities availed by ABCs.
By leveraging ZKPs and ABCs, we ensure efficient scaling, presenting a robust and future-proof solution for the wide adoption of PoH.