Privacy is the bedrock on which Worldcoin is built, and those of us who contribute to it are committed to raising the bar far beyond today's best practices and ensuring that privacy is accessible to everyone. Getting privacy right, however, requires deliberate effort and additional work ‐ and the results must be demonstrable if they're to be trusted.
This post is the first in a series that explains in advanced technical detail how privacy is preserved in the different parts of the Worldcoin ecosystem.
Most of the Worldcoin protocol's critical systems are designed in such a way that privacy cannot be compromised, even from Worldcoin and its contributors. This is achievable using cryptographically provable mechanisms such as Zero-Knowledge Proofs (ZKPs). Worldcoin uses ZKPs to make it mathematically impossible to link usage of World ID across applications. Privacy protections such as these go beyond regulatory requirements.
Additionally, privacy and data ownership go hand in hand. Within the Worldcoin ecosystem, the user is always in control of any personal data that is actually captured. For instance, as shown in the screenshots below, a user can very easily request deletion of all their personal data with just a few taps in the World App.
Anyone can use the World App and their World ID fully pseudonymously. Users don't have to provide personal information to register. No emails, no phone numbers, no social profiles, no names, everything is optional.
ZKPs are used to preserve the user's privacy and avoid cross-application tracking. Whenever a user makes use of their World ID, ZKPs are used to prove they are a unique human. This means that no third-party will ever know a user's World ID or wallet public key, and in particular cannot track users across applications. It also guarantees that using World ID is not tied to any biometrical data or iris codes. When you want to prove you are a unique human, you should be able to do so without revealing any personal information about yourself.
Now for the technical details. Below is an overview of the Worldcoin ecosystem, showing how the different parts interact to provide people with a self-sovereign identity and proof-of-personhood.
World App | The Orb | World ID |
---|---|---|
Self-sovereign identity and crypto wallet. | Used to verify whether or not someone is human and unique. | Privacy-preserving digital identity protocol. |
Generates and stores the user's World ID private key. Generates and stores the user's private key(s) for their wallet(s). (The identity and crypto wallet functionalities are independent). | Once it verifies someone is human and unique, it submits the user's World ID identity commitment (which is derived from the random World ID private key, analogous to how a public key is generated) on-chain. | The Proof-of-Personhood component of the protocol is a public list of verified identities (i.e. a list of public keys) on-chain. |
The system has two main components for which privacy is of the utmost importance. The iris image capturing and processing which determines someone is human and unique, and using a World ID (particularly proving you are a unique human to a third-party application). The importance of privacy for the latter comes from the fact that a user only has one World ID which cannot be changed. It is therefore imperative that a user cannot be tracked across applications.
Given biometrics are involved, privacy must be held to the highest standard. In a nutshell: images are processed in-memory locally on the Orb and then deleted. The output is only an iris code, which is a way to numerically represent the texture of an iris. You can read more in the iris code section below.
A user's journey of enrolling for a verified World ID is as follows:
Users have the option to opt-in to back up their images. This option exists because the algorithm that computes the iris code is still evolving to make sure it can support signing up everyone. This means using the images for training to improve the security and inclusivity of the network and to automatically update the user's iris code. Users who do not opt-in, can simply go back to an Orb to maintain their World ID verified. Updates are expected to be infrequent. In the near future, people will be able to backup this data self-custodially, and possibly, upgrade their iris code locally. More details below.
If a user opts-in to image custody, images are stored on an encrypted hard drive in the Orb before being uploaded. When a user does not opt-in, images are only processed in memory, and they never go through the hard drive. Furthermore, images for users who opted-in have a second layer of encryption via a public key of the server to make them irretrievable in the unlikely event of a compromised Orb. Uploads also happen over TLS. Once images are safely transmitted, they are encrypted at rest with AES-256.
Users can always change their mind and delete their stored images. The process is simple and processed quickly (see above for app screenshots). Further, the team is working on leveraging synthetic data to minimize the need for real images. This would further reduce the number of users that would even be needed to opt-in for training purposes.
While opt-in exists, different avenues to increase privacy are being researched. One such project entails giving users their signed images, transmitted end-to-end encrypted to their phone for self-custody. Images would be kept safely by the user in his or her device. Under this system, when a new algorithm is released, the user could transmit the images themselves for temporary processing in a secure server and update their iris code and World ID.
An even more privacy-preserving approach is also being researched: performing these upgrades fully self-custodially. Users would still receive their images end-to-end encrypted and signed by the Orb. When a new algorithm is released, the parameters of the new model would be shared with the user's device. The user's device would run the model and generate a ZKP to confirm the inputs were valid, the model was run correctly and certifying the new iris code. The new iris code would be submitted with the ZKP and the user's World ID would be updated. While this system seems very promising, technical challenges on zkML (Zero-Knowledge Machine Learning) and running complex models on a wide array of mobile devices have to be addressed.
To summarize:
The iris code is a numerical representation of the texture of a person's iris. It holds the property that it can be compared against different images of the same iris to determine whether the images came from the same iris. The iris code was invented by Daugman, J. (paper) and has been around for more than 20 years.
The iris code cannot be a simple hash of the texture of the iris. This is because two pictures of the same iris will not be exactly the same. Myriad factors change (lighting, occlusion, angle, etc.) in image capturing and a tiny change would lead to a different hash. With the iris code, those factors only lead to slightly modified Hamming distance between two codes which permits fuzzy comparison of irises. If the distance is below a certain threshold, the images are assumed to be from the same iris.
The iris code is computed by applying a set of 2D Gabor filters at various points of the iris texture, which leads to complex-valued filter responses. Only the phase information of the filter responses is taken into account (which means there is permanent information loss) and subsequently quantized in two bits. In other words: For each Gabor wavelet and each point of interest in the iris texture two bits are computed. Concatenating all these bits makes up the iris code.
An example iris code is shown above. In red, a second array can be seen that represents the mask applied to the image, these are pixels of the image that don't represent part of the iris texture, like eyelids, which are of course ignored when computing the Hamming distance between irises.
To date, there is no known way to reverse engineer an image that exactly matches the appearance of the input image. It is technically possible to generate an image from an iris code that generates the same iris code (if the same parameters for the Gabor wavelets are used, which are different for every system), but the image will look different from the actual image, mainly because of the information loss when generating the iris code.
The system already has very strong privacy assurances, but the plan is to go even further. The following is our roadmap and projects that are currently in development for enhanced privacy.
World ID is very powerful beyond the Worldcoin ecosystem. A verified World ID lets someone prove they are a unique human being without revealing personal information. This is already an important primitive today, and will become foundational to the internet in the age of AI. It can be used to prove someone is only voting once in an election, or prove someone is creating only one account in a social media platform. The primitive is so powerful and secure because it is rooted in biometric verification. Biometrics are the most accurate way to prove someone is an alive and unique human being (read more on the Understanding the Orb post). Due to the nature of biometrics, privacy is of paramount importance.
The main reason why the World ID Protocol is strongly privacy-preserving is due to the use of ZKPs. Whenever someone uses their World ID to prove they are a unique human, ZKPs let the user cryptographically prove they have a verified identity without revealing which one.
In a nutshell: A person's biometrics are not linked in any way when World ID is used. The ZKPs make it impossible to know which identity is doing a verification. In fact, iris images “terminate” at enrollment. They are only used to gate access to the list of verified identities. In the case of updates to the iris code algorithm (see Private Image Capturing and Processing section), an iris image may need to be processed again, but this is the same scenario of gating the access to the list of verified identities; it is as if it was a new list.
This is the process an application follows so that a user can prove they are a unique human without revealing personal information.
To integrate World ID, an application simply needs to add the JS SDK to their frontend, which will establish the connection to the World App (i.e. generate the relevant QR code or deeplink) to receive the ZKP, and use one of the different mechanisms to verify the proof (either on-chain or through the Developer Portal API).
The World ID Protocol is open source and the different components of the Worldcoin system are also being progressively open sourced. If you find a security issue or vulnerability you can help by reporting it at security@worldcoin.org, and a bug bounty program is launching soon.
Paolo D'Amico, Sandro Herbig, Philipp Sippl, Tiago Sada, Steven Smith, Chris Brendel, and the Worldcoin Team.