This post explains how privacy will work after field testing is complete. Currently, we expect field testing to continue through 2022. We will update this section should anything change. To find out how privacy works during field testing, click here.
It has become standard procedure for many tech companies today to collect as much personal data as possible. This is largely because they rely on advertising revenue to generate profit for their investors, and that ad revenue hinges on using customer data to more effectively target customers with ads. While many products and services on the internet are "free", the collection and monetization of personal customer data is rarely transparent.
By contrast, we have designed Worldcoin in a way that both requires as little personal data as possible and preserves the privacy and anonymity of its users. Specifically, we determine whether you are real and unique without requiring you to provide personal information like your name, email address, physical address or phone number. To make all of this possible, we use technological and cryptographic techniques that many people are not yet familiar with.
In the spirit of transparency, we want to explain, in layman's terms, how these techniques work and how we use them to protect user privacy. Some of the things we explain in this post are simplified to make them easier to understand; for a more technical description of how Worldcoin works, read How the Launch Works.
It is important to remember that what we describe here pertains only to individuals claiming their free share of Worldcoin at an Orb. Individuals who want to participate in the Worldcoin network without visiting an Orb will always be able to do so, albeit without claiming their free share of the currency.
A user claims their free share of Worldcoin by visiting an Orb. The Orb captures an image of both of the user’s eyes. This image is immediately converted via an irreversible function to a unique identifier[1] and then permanently deleted. The image never leaves the Orb. Every image of this user’s eyes produces the same, unique identifier, but no image of another set of eyes produces that identifier. It is not possible to recreate the original image of a user’s eyes from their unique identifier, thereby adding the first layer of privacy to the process.
Image Capture & Conversion To A Unique Identifier:
The image of Alice’s eyes is converted via an irreversible function to a unique identifier and then permanently deleted.
What is an irreversible function? Simply put, an irreversible function is a mathematical process which can’t be reversed. For example, imagine you have a selection of different colored paints (these paints can be any of the infinite number of colors that exist). You decide to mix these paints. Once you have done so, you have a new color and it is impossible to determine what the original colored paints were. Here, your original selection of colored paints represents the image of the eye, the mixing process is the irreversible function and the color you ended up with is the unique identifier.
The unique identifier is now checked to ensure that the user has not claimed their free share before. If they have, the claim will be rejected; if they haven’t, a certificate is created. This certificate cannot be differentiated from any other; every user is given an identical certificate.
The Verification Process:
Alice’s unique identifier is checked to make sure she hasn’t claimed her free share before. She hasn’t, so a certificate is created, here shown as a ticket.
What is a certificate? Think of it like this: you pay to go to an amusement park. Upon payment, everyone (including you) is given an identical ticket to enter. You are only ever given one ticket and it cannot be forged. This ticket is a certificate: it verifies that you paid to enter the amusement park, but if you lose it, whoever finds it knows nothing about your identity, just that it belonged to someone who entered the park.
This anonymous certificate lets the user create a wallet that contains their share of Worldcoin. This certificate can then never again be used to create a wallet. Since every certificate is identical, there is no link between the user’s wallet and their unique identifier. Finding out a user’s unique identifier then gives you no information about their wallet and vice versa. This decoupling adds a second layer of privacy to the process.
Summary
All of the above steps happen automatically once the image of the user’s eyes has been captured. Below we pull together analogies from above to visually describe the entire sign-up flow.