• DavidGarcia@feddit.nl
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Presumably they canonicalize the data coming out of the orb in some way, so you get the same number/ID out every time you use it. For example, you can represent molecules as many different strings (like C=CC or CC=C for propane) and you would want a canonicalization method to give you the same string every time for the same molecule.

    They might have some machine learning algorithm that is trained on the sensor data as an input and for the output they try to maximize distance between different people in some high dimensional vectorspace, while preserving a sense of similarity between similar people. So then after training the model, you put in the sensor data and you get out some 1069 dimensional vector oht that represents you. Kind of how word embeddings work, that they use for AI.

    Then they take that vector and “round” that vector to get the same result every time. Like one time it might be (1.775, … 2.854, 11.631) and another time it might be (1.777, … 2.863, 11.625), so they just round it to (1, … 2, 11), so they get the same vector 99.999% of the time you use the device.

    Or like some more clever scheme instead of literally rounding. Perhaps another NN.

    That’s how I would do it anyway.

    So that way they avoid a user registering multiple IDs, because the device will reject your new ID request if your vector is already found on record.

    Then they hash it in some way so your biometric data can’t be reconstructed and store it on the blockchain. That or maybe they do some RSA like voodo magic like with Monero.

    So that’s why all data can be deleted on the device, because they destill it down into your unique biometric fingerprint that comes out the same every time, ideally.

    That’s just what I’d expect them to do anyway.

    I’m not quite sure where the zero-knowledge proofs come in, but they are pretty cool in theory. They allow you to do things like knowing the result of a vote without knowing what everyone voted for.

    Also im not quite sure if it’s just a human verification system or an ID system. Those are two very different beasts. One would literally just tell anyone who’s asking if you are a human or not, the other would tell them your ID for tracking.

    Perhaps they use zero-knowledge proofs to avoid storing IDs publicly on the blockchain? That would be pretty cool.

    If it really is just a human verification system and I am correct in how it works, I don’t see much problems with the protocol privacy wise. We will need such a system anyway because of AI. It is unavoidable.

    Since we have no choice (except return to monkey) you would hope it to be as accurate, hard to crack, private, secure, decentralized, FOSS as possible.

    I don’t think WorldCoin and their Orb are FOSS or decentralized. So that’s a huge red flag for abuse. They could just in hardware send your unique ID to some malicious actor. Aside from all the possible software backdoors, exploits etc…

    But as bad as systems like that could be, it seemy pretty alright, all things considering.