[brian_cloutier]

Most criticisms of worldcoin completely misunderstand/misrepresent how it works but this one does not. The GP is correctly pointing out that the iris hash is only necessary for receiving some of the initial airdrop. It is completely true that once a wallet is generated (and you don't even need to visit an orb to create a wallet) anyone who possesses the private key, human or robot, can send transactions using that wallet. Receiving some of the initial airdrop really does require trusting worldcoin that they are telling the truth and not saving images of your iris.

[kemotep]

Is it possible for people to understand how it works and to still oppose it being broadly adopted in your opinion? Can you please clarify what exactly others are not understanding or misrepresenting?

[brian_cloutier]

It is of course possible to understand it and still be opposed. That's what makes it so frustrating that seemingly all of the negative coverage is ill-informed; I would love to read some informed criticism!

Just some simple examples:

> Imagine that your digital identity has been lost in some way — shut down by authorities for non-compliance, or otherwise blocked. With traditional cash — and other cryptocurrencies — you can always make a new wallet and stash some fresh coins in it. But this isn’t Minority Report, and you can’t get a new iris from your neighborhood surgeon.

You don't need to walk up to an Orb to create a wallet. You can own and transact worldcoin without ever showing your iris to an orb.

> When your immutable digital identity is locked — imagine merchants who won’t take your coins from you without a digital signature announcing your World ID — it’s over for you. No old account. No new account. No soup for you. You just lost your digital personhood.

This is also possible... with every other form of payment? Imagine merchants who refuse to accept cash. Once the government locks your credit card you're out of luck. Imagine a world where you have to sign in with google before you can pay for anything (why is the worldid dystoia apparently so easy to imagine, while the google one seems silly?). Once the government locks your google account you're out of luck. A dystopia has _many_ levers to pull and refusing to deploy worldcoin is not have any impact on the success of that dystopia.

There is really so much that it's not possible to clarify "exactly" what others aren't getting in a single comment, there are a dozen different misconceptions, if you have specific concerns I'm curious to hear them and attempt to reply to them.

[kemotep]

The company behind Worldcoin are making fairly bold claims about the capabilities of their cryptocurrency and “proof of humanity” project. I think it is important to fully evaluate these claims and not take them on face value.

From worldcoin.org

> could drastically increase economic opportunity, scale a reliable solution for distinguishing humans from AI online while preserving privacy, enable global democratic processes, and eventually show a potential path to AI-funded UBI.

This breaks down into 3 claims:

1. Be able to identify humans from AI online in a privacy preserving manner 2. Provide a platform for global democratic processes 3. Provide a universal basic income.

If we cannot agree that these claims are Worldcoin’s main goals then I am afraid Worldcoin is going to need to update their website as I do not see how it could be interpreted any other way in the language they use.

So now that we have their claims we can begin to look at some concerns. Starting with the ones you provided:

> You don't need to walk up to an Orb to create a wallet. You can own and transact worldcoin without ever showing your iris to an orb.

If this is possible, they why is the orb necessary and how can Worldcoin provide the guarantee that everyone using their wallet and blockchain is in fact a person? If UBI and voting are to happen using this as the platform, not needing verification via their iris scanning mechanism calls into question how they can claim to prove that each world id maps to one and only one unique human. If anyone can create an account without verification and transact using Worldcoin then voting and fair distribution of UBI cannot happen the way they describe.

The second concern is something that can happen in the non-crypto space. But if this is a valid concern of the current system, replacing it with something like Worldcoin doesn’t resolve that concern. We would have that same problem. So if we are to replace the current system with a new one, why would we willingly carry over these kind of issues if it were possible to not do so?

Now on to my concerns. I am not an expert in cryptographic mathematics and the nature of zero-knowledge proofs. So I will accept the following:

1. Iris Hash generation is cryptographically unique, privacy preserving, and the database of Iris hashes will be deleted.

2. Iris Hash to World Id is generated in a sufficiently zero-knowledge proof way that makes it so an Iris Hash cannot be used to identify any one specific World Id.

3. World Id to Wallet Private Key is also generated in a sufficiently zero-knowledge proof way that makes it so an Wallet’s private key cannot be used to identify any one specific World Id.

With those assumptions, I have the following concerns:

1. Has the company behind Worldcoin allowed for 3rd party audits? Code reviews, attestation of the zero-knowledge proofs, and other standard security audits we would expect of a global biometrics hardware company?

If they haven’t, and we cannot independently verify any of their claims, they really cannot be trusted. The Worldcoin company has a financial incentive in becoming the global identity solution. Saying they are safe from any vulnerabilities, privacy issues, or flaws in implementation is not good enough for me.

2. Sybil attacks. What has Worldcoin done to prevent sybil attacks? If I can modify the appearance of my iris with the use of a contact lense, and any other biometric data they would collect, can they identify me as the same person? Are chimpanzees inhuman enough to not be allowed to verify? Can attacking the orb operator by completing a sybil attack be enough to perform a denial of service attack against Worldcoin? If my goal is to prevent people from accessing the UBI or voting process then if this attack is possible, as an attacker, I win if my fake personas go undetected and I can collect the UBI and vote fraudulently or if my attack is detected but this compromises the identities of anybody scanned using that orb thus invalidating their accounts or preventing people from accessing accounts by being scanned for the first time as a replacement orb for that area is needed.

3. Which leads to the orbs. If you or I am unable to build our own orbs and join them to the network, then any claims of decentralization is invalid. Of only official orbs are allowed, if they cannot be examined to verify behavior then we cannot trust them either (ties into the audit issues).

I could go on with more but at least based on my surface level understanding of Worldcoin and their operations, I can see several attacks that if this is widely implemented as the global ubi and voting system would be untenable.

If there is no account recovery system, the average person could easily be denied access to participating in society by a simple mistake on their part, let alone any targeted denial of service style attack. And if there is an account recovery process then that is a vector that can be attacked today.

Putting all the world’s eggs in one basket makes this system a nonstarter. Claiming that they don’t want to do that means the language on their website and rhetoric they use in interviews are lies or misinformation of some kind so why should we trust them?