> I've created a simple demo program to illustrate the concept of a human passport, inspired by World ID. It uses a zero-knowledge virtual machine (zkVM) to verify certain properties of a password without actually seeing the password itself.
I'm not sure what you're referring to specifically.
If you're asking why we need zero-knowledge proofs (ZKP) in a human passport system:
Imagine you have 6 billion to give away, and all lives worldwide should get their fair share. How could you do this? Giving money to authorities like governments and trusting them?
In the context of 'alllivesmatter.world', I propose the DUKI system. Here's how it works:
- Each person has a human passport (they should never have more than one)
- They can directly claim this money on the blockchain using the DUKI system
- This ensures that each unique person gets their share only once at each period
To achieve this and prevent multiple claims per person without considering privacy, we could use national security IDs, but these IDs need to be genuine, assuming that every human gets and only gets one.
However, using these IDs directly would compromise privacy. So instead, we let authorities prove that using ZKP:
- A valid national ID was used in creating the passport
- Each national ID is used only once in the system
This way, we preserve privacy while still ensuring the integrity of the distribution process.
Other service that focus on real people could also utilize on this. It just like currently wallet as an entry to web3 world, with only one key difference: that wallet represents a unique human in the world.
Thank you for highlighting the complexities around multiple passports and identity. Let me clarify the vision for a "human passport" concept:
1. The "human passport" I'm envisioning differs from traditional passports. Perhaps we could reuse the name WorldID that Worldcoin is developing, which uses biometric data like iris codes to ensure uniqueness. This approach is already working to some degree. Ideally, I just wish that it became a standard, with more implementations and also keep the iris-data at the device level, leaving countries with no excuse to refuse adoption. The goal is to have a standardized, cross-verifiable iris data system, rather than relying on a single authority to guarantee against forgery.
2. The varying name spellings on your different passports wouldn't be relevant to this system. Names are too variable to be components of a unique ID for each human. Instead, I imagine using something more like a social security number, that authorities issuing passports guarantee you never used twice at the same period. The ID thing is just a quick way to locate your public passport. The uniqueness check doesn't depend on this ID. It can be derived using your own private data to access your "human passport" released in public, which is generated using zero-knowledge proofs, and preserving privacy.
Its uniqueness relies on authorities, also relies on some biometric data for example iris-data one-way features, etc., so even if you try to trick the system and create multiple IDs, you'd probably get caught.
3. This isn't just a vision - WorldID is already in use with millions of users. I just wish for wider adoption and for countries to have no excuse not to adapt it as a worldwide standard. The human passport vision isn't about pushing crypto tech; it's about considering how to make 'all lives matter worldwide' from another perspective.
Because you can enforce password policies without the password ever leaving the (untrusted) client in clear text. I.e. the server only sees the hash and still knows it's dealing with a strong PW.
Why would I need it in practice?