Cover photo

Sybil Resistance And Biometrics

Here in the future where geographic borders are being transcended and central authorities avoided, we’re presented with myriad identification problems that might just be solvable. We aim to provide the potential of equity and ownership of resources to all humans on Earth, but new problems arise when segmented businesses and governments are no longer individually responsible for their own citizens’ data. Banking the unbanked in undeveloped nations sounds like a beautiful utopian dream, but who is to store this new onslaught of data and provide initial or recovery access to these accounts? Is a global identity registry the only way to distribute a universal basic income, or is a UBI the only way to achieve a global registry?

The following is a conversation recorded live with host Humpty Calderon and several web3 builders on the Ontology Spaces.

For the full conversation you can listen to the recording here.

Illustration depicting sybil identities in a dark forest (Midjourney)

When providing an identifier for an individual to take part in a system such as UBI, the obvious first step is not just to make sure each person gets one– but to make sure no person gets more than one. Sybil-resistance comes in many shapes & sizes, but the current favorites tend to be identity verification (via phone number or credit card info) and economic costs (minimal transaction or subscription fees). So far for our purposes these work rather well, but they fall apart a bit when the individual is lacking a phone number, credit card, or the funds to initially participate at all. If these methods don’t prove sound, what might? What does every single person alive have? 

Surely every person on the planet has biometric data such as fingerprints, irises, retinas, a face, and the body-parts list goes on. Unfortunately, one can lose a finger or an eyeball, retinas change slightly over time, and face recognition data is subject to overlap. Biometrics work for smaller sets of people ranging into the millions, but once scaled to the billions to account for a true global registry, the previously small-sounding margins of error become intrusively daunting and overlap becomes more and more feasible.

Even if we used any or all of these in combination, we then have to consider how this data might be collected and where it’s to be stored. Currently most of it is stored on the device you enable, and the data within that is collected not as a snapshot of your face or finger, but instead as a hash or vector that lines up with your finger or face when scanned by the device. The solace here is that you store your own data, and that it isn’t two way, meaning that one wouldn't be able to conjure a picture of your face by reverse-engineering the hash created from your face ID data, so even if someone got ahold of this data, they wouldn’t necessarily be able to tell that it belongs to you. 

As this new company collects data and doles out worldwide identities, let’s say it begins to accept many forms of user authentication in order to widen the possibilities for login and asset recovery– we’ve unfortunately also opened equally as many avenues for attack, thus decreasing the security we thought we were providing. Some services have opted to offer a variety of anti-sybils to be used separately or all together and grant different levels of access based on the perceived security of the combination the user has opted into. The margin of error is reduced by a meaningful percentage each time another anti-sybil is added, but the more data we add to be able to confirm, the more data is potentially corruptible.

We morph every day into a society that looks nearly unrecognizable to people born just one generation prior, and as we do this we come up with new standards that produce new problems. This is not a new concept, and we’re here to produce new solutions in order to enact these new standards. Anti-sybil technology is one of these solutions and will adapt to fill in the gaps in security, even if there are a few bumps along the road. 

For more on the topic, check out the full conversation that Humpty Calderon hosted with several web3 contributors on a recent Twitter Space as a part of the ongoing Thursday Talks series.

If you enjoyed this article, consider subscribing to our newsletter by clicking the button below.

Are you following our content on YouTube? If not, go and subscribe now. We post video content weekly on different web3 topics including DAOs, governance, and decentralized data. We also have a podcast that you don't want to miss.

Stay connected to receive the latest updates, valuable content, and thought-provoking discussions.

Visit our website to access additional information, explore past episodes, and discover more content about the world of blockchain and web3.

Collect this post to permanently own it.
Crypto Sapiens logo
Subscribe to Crypto Sapiens and never miss a post.
  • Loading comments...