[MINUTES] CCG Weekly 2025-05-06 from meetings@w3c-ccg.org on 2025-05-06 (public-credentials@w3.org from May 2025)

From: <meetings@w3c-ccg.org>
Date: Tue, 6 May 2025 15:32:46 -0700
To: public-credentials@w3.org
Message-ID: <CA+ChqYfB8qYQR1NyW8qpqma=K732psJRb-a5aoQNxEu3SXxAiA@mail.gmail.com>

統 Notes

May 6, 2025
CCG Weekly - Summary

*Guest Speaker:* Adrian Ludwig, Chief Architect and CISO, Tools for Humanity

*Topic:* The World Project: Orb, World ID, Worldcoin, and World Chain

*Summary:* Adrian Ludwig presented Tools for Humanity's World Project,
aiming to create a secure, user-controlled digital identity infrastructure.
Key components discussed included:

*Orb:* A biometric iris scanning device verifying humanness, with
open-source hardware and software designed for robustness and security.
Data is encrypted and transferred to the user's device; the Orb retains no
data. Uniqueness is determined using iris codes processed to maximize
distance between individuals, leveraging AMPC for secure comparison.
-

*World ID:* An identity protocol using zero-knowledge proofs to enhance
privacy. Users control keys and data; the system is decentralized and
supports linking to other credentials (e.g., passports). Challenges
regarding credential extensibility and real-time authentication were
discussed.
-

*Worldcoin:* A token initially for bootstrapping the network,
transitioning to a fee system for network sustainability. The goal is to
create a virtuous cycle for credential issuers and relying parties, with
monetization details (fee structures) expected by June.
-

*World Chain:* A blockchain focused on scalability and bot resistance.
It aims to overcome limitations of existing blockchains regarding scale and
bot attacks, prioritizing human transactions.

*Discussion Points:* The Q&A session addressed concerns about fake irises,
civil attacks, offline verification, and fraud prevention. The robustness
of the fraud model, incorporating industry-standard test suites and red
teaming, was also discussed. Future collaborations and the expansion of
technology capabilities were highlighted.

*Next Steps:* Adrian Ludwig will provide detailed specifications on
Worldcoin monetization and functionality by June.

Text: https://meet.w3c-ccg.org/archives/w3c-ccg-ccg-weekly-2025-05-06.md

Video: https://meet.w3c-ccg.org/archives/w3c-ccg-ccg-weekly-2025-05-06.mp4
統 Notes

May 6, 2025
CCG Weekly

Invited mahmoud@mavennet.com W3C CCG Meetings <meetings@w3c-ccg.org>
wip.abramson@gmail.com Harrison Tang <harrison@spokeo.com>

Attachments CCG Weekly
<https://www.google.com/calendar/event?eid=M3RxZDRoYzUyM3I4anBmbmNhMWZpb2o2ZWJfMjAyNTA1MDZUMTYwMDAwWiBtZWV0aW5nc0B3M2MtY2NnLm9yZw>

Meeting records Transcript <?tab=t.kb8glahs2wkp> Recording
<https://drive.google.com/file/d/1Fl6uGZ1avUOjva6YRrTKra9o_Cfl1HYa/view?usp=drive_web>
Summary

The W3C CGCG meeting hosted Adrian Ludwig, Chief Architect and CISO of
Tools for Humanity, who presented the World Project, encompassing Orb,
World ID, Worldcoin, and World Chain, a system designed to create a secure,
user-controlled digital identity infrastructure. Key discussion points
included the Orb's biometric iris scanning technology, World ID's
zero-knowledge proof architecture, and the future plans for Worldcoin's
monetization strategy and World Chain's scalability; Harrison Tang will
follow up with Adrian Ludwig on monetization details, with specifications
expected by June.
Details

*Meeting Start and Introductions:* The W3C CGCG meeting began with
technical difficulties resolving audio issues for Adrian Ludwig (00:00:00
<#00:00:00>). Harrison Tang welcomed attendees and reviewed the meeting
format, code of ethics, intellectual property guidelines, and recording
procedures (00:05:26 <#00:05:26>). They also announced upcoming speakers
for future meetings (00:06:51 <#00:06:51>).
-

*Guest Speaker Introduction:* Harrison Tang introduced Adrian Ludwig,
Chief Architect and CISO from Tools for Humanity, to discuss their work on
Orb, Worldcoin, and other initiatives (00:08:33 <#00:08:33>). Adrian
expressed appreciation for the invitation and noted their team's
familiarity with Zoom, rather than other meeting platforms (00:09:43
<#00:09:43>).
-

*Adrian Ludwig's Background and Tools for Humanity's Mission:* Adrian
shared their background in security, mentioning previous roles at Adobe,
Macromedia, Google, and Atlassian (00:10:35 <#00:10:35>). They explained
that Tools for Humanity was founded with a concern about the implications
of AI and aims to create a public, open digital identity infrastructure (
00:11:48 <#00:11:48>). This infrastructure is intended to be a
global-scale system where users control their data (00:12:52 <#00:12:52>
).
-

*Proof of Humanity:* Adrian described "proof of humanity" as a
foundational technology with two key properties: ensuring interaction with
a human and verifying their uniqueness. They highlighted the unsolved
nature of this problem at scale and the limitations of existing approaches (
00:13:48 <#00:13:48>).
-

*World Project Overview:* Adrian presented an overview of the World
Project, including the Orb, World ID, Worldcoin, and World Chain. They
emphasized the Orb's role in verifying humanness and World ID's function in
connecting to services and enhancing other identity systems (00:15:59
<#00:15:59>). Worldcoin's role in bootstrapping and sustaining the
network, and World Chain's focus on scalability and bot resistance, were
briefly discussed (00:16:53 <#00:16:53>).
-

*World App and Applications:* The World App, a combined crypto wallet
and credential management application, was presented as the most popular
application built on the World Project (00:18:58 <#00:18:58>). Adrian
also mentioned collaborations with organizations like Match Group and
Razer, along with conversations with various countries exploring
integration with national identity systems (00:20:03 <#00:20:03>).
-

*Orb Functionality and Technology:* Adrian explained the Orb's
functionality, emphasizing its use of biometrics, specifically iris
scanning, to determine uniqueness (00:23:03 <#00:23:03>). They
highlighted the custom hardware and software designed for robustness and
security against various attacks (00:26:00 <#00:26:00>). The open-source
nature of both hardware and software was also mentioned (00:28:56
<#00:28:56>).
-

*Orb Process and Credential Generation:* The process of using the Orb
involves image capture, analysis, encryption, and transfer of data to the
user's device (00:30:02 <#00:30:02>). The Orb itself retains no data.
Uniqueness is determined using the iris code, a processed image designed to
maximize distance between individuals (00:30:58 <#00:30:58>). The system
uses AMPC for secure comparison of iris codes without revealing individual
identities (00:35:52 <#00:35:52>).
-

*World ID and Zero-Knowledge Proofs:* Adrian described World ID as an
identity protocol enabling users to maintain privacy through zero-knowledge
proofs (00:39:10 <#00:39:10>). They emphasized the user's control over
the key and data, and the decentralized nature of the system (00:40:15
<#00:40:15>). World ID also supports linking to other credentials, such
as passports (00:41:22 <#00:41:22>).
-

*Credential Extensibility and Future Plans:* Challenges related to
credential extensibility, specifically ingesting and presenting various
credentials within an application, were discussed (00:43:25 <#00:43:25>).
They also mentioned the possibility of real-time authentication using face
matching against user-controlled credentials (00:44:27 <#00:44:27>).
-

*Worldcoin and World Chain:* Adrian discussed Worldcoin's transition
from a bootstrapping mechanism to a fee system for network sustainability (
00:45:28 <#00:45:28>). They explained the goal of creating a virtuous
cycle for credential issuers and relying parties (00:47:29 <#00:47:29>).
Regarding World Chain, they mentioned its focus on scalability and
resistance to bot attacks (00:48:33 <#00:48:33>).
-

*Q\&A Session:* The meeting concluded with a question and answer session
addressing concerns about fake irises and civil attacks (00:51:30
<#00:51:30>), offline verification strategies (00:53:47 <#00:53:47>), ID
verification methods (00:57:47 <#00:57:47>), and additional fraud
prevention measures. They confirmed the existence of documentation
regarding civil attack prevention (00:59:57 <#00:59:57>).
-

*Fraud Model Testing and Open Source Considerations:* Nivas inquired
about the robustness of the fraud model, prompting Adrian Ludwig to explain
the incorporation of industry-standard test suites, such as those from
NIST, and red teaming efforts. They also noted an ongoing internal debate
regarding the potential benefits and drawbacks of open-sourcing the fraud
models (01:00:58 <#01:00:58>).
-

*Future Collaboration and Monetization:* Harrison Tang expressed
appreciation for Adrian Ludwig's presentation and work, and Adrian Ludwig
indicated interest in future collaborations and extending the technology's
capabilities. Harrison Tang mentioned they would likely follow up once more
details are available on monetization and the related coin mechanics.
Adrian Ludwig aimed to finalize the specifications for monetization,
including fee structures, by June (01:00:58 <#01:00:58>).

Suggested next steps

- [ ] Adrian Ludwig will provide details on monetization and how the
coin works by June.

*You should review Gemini's notes to make sure they're accurate. Get tips
and learn how Gemini takes notes
<https://support.google.com/meet/answer/14754931>*

*Please provide feedback about using Gemini to take notes in a short
survey.
<https://google.qualtrics.com/jfe/form/SV_9vK3UZEaIQKKE7A?confid=5NXtzy9xTcBAhzZqhLeeDxIUOA8MCwMyBwiKAiAAGAEI>*
当 Transcript

May 6, 2025
CCG Weekly - Transcript 00:00:00 {#00:00:00}

*Mahmoud Alkhraishi:* Hello.
*Harrison Tang:* Okay, my move. Hey, Adrian. Okay, Adrian, can you hear us?
Is our video working?
*Mahmoud Alkhraishi:* I can hear you and see you, Harrison.
*Harrison Tang:* Sounds good. Hey, Adrian. Uh, I don't think we can hear
you. Adrian, we can see you now. No, we cannot hear you for some reason.
*Adrian Ludwig:* Ah, my mic is off due to the size of the call and if you
join as a presenter, you don't even have the mic button. So, is it working
better now?
*Harrison Tang:* Oh, perfect. Yeah, I we can hear you and see you. Great.
This is great.
*Adrian Ludwig:* Cool.
*Harrison Tang:* All right, so uh we'll start in about 30 seconds. Uh this
uh call is already uh being recorded uh and transcribed. So uh give us
about 20 seconds. We'll start right away.
*Adrian Ludwig:* Let me see if I can produce something resembling a slide
presentation. Let's see here. Present now. Entire screen.

00:04:11

*Adrian Ludwig:* Oh my gosh. Parallax for the max. Uh, does this look sort
of presenty-ish?
*Harrison Tang:* Yes, looks great. We can see your entire Yep. This is
great.
*Adrian Ludwig:* Wait. Okay.
*Harrison Tang:* Thanks a lot. All right. So, our meeting format, we'll
just quickly go through the administrative stuff about uh 3 to five minutes
and we'll go into your presentation and then uh end with a Q\&A.
*Adrian Ludwig:* That sounds great.
*Harrison Tang:* Great. Thanks. All right. So, uh let's start. Uh welcome,
uh welcome everyone, uh to this week's uh W3C CGCG meeting. Uh so this week
very excited to have uh Adrian uh chief architect and CISO uh from uh tools
for humanity here to talk about uh what they're working on uh in regards to
orb work orcoin and other initiatives. So before we begin I just want to uh
quickly remind everyone uh uh you know the code of ethics and professional
conduct of W3C. I just want to make sure we have a constructive uh
respectful conversations here.

00:05:26 {#00:05:26}

*Harrison Tang:* Right. A quick note about the intellectual property. Uh
anyone can participate in these calls. Har however all substensive
contributions to any CCG items must be member of the CCG with full IPR
agreements signed. So if you have any questions in regards to getting a W3C
account or the W3C community contributor license agreement, uh please feel
free to reach out to any of the coaches. Uh these meetings are
automatically recorded and transcribed and we'll send out uh the meeting
recordings and transcriptions uh in the next hour or two automatically. And
again big thanks to uh Manu uh for his uh contributions there. Right. Just
want to take a quick moment for the introductions and reintroductions. So,
if you're new to the community or you haven't been active and want to
re-engage, uh please feel free to just uh unmute and uh introduce yourself
a little bit. All right. Uh, want to take a moment for announcements and
reminders. Any announcements and or reminders. So, a quick preview of
what's coming.

00:06:51 {#00:06:51}

*Harrison Tang:* So, uh, next week we'll have, uh, Denun, uh, to talk about
the Taiwanese government's digital wallet. And then the week after that,
we'll have Phil Archer, uh, to talk about VC's verifiable credentials at
GS1. And then the week after that, we'll have Brent uh, to talk about
what's next at the verifiable working group. Any other um announcements or
reminders? Any updates on the work items? Let me check the queue. So, we'll
have the next uh work item review on July 15th. And uh every week uh we
have uh work item promotions and incubation uh call at 8:00 to 9:00 uh
every Wednesday. Uh we'll put those events in the W3C calendar. And let me
share the
*Mahmoud Alkhraishi:* He's
*Harrison Tang:* link.
*Mahmoud Alkhraishi:* already on the condor.
*Harrison Tang:* Oh, okay. It's already on the calendar. Thank you. So, if
you click on the link uh in the calendar, you'll see all these events uh
not just the uh the CCG main call, but also the incubation promotions, data
integrity, and the VCEDU task force uh weekly calls.

00:08:33 {#00:08:33}

*Harrison Tang:* All right. Uh last calls for introductions, uh
announcements, reminders, or work item stuff. All right, I think everyone
uh can't wait uh to the main agenda. So this week uh very excited uh to
have Adrian. This has uh been long time coming. I've been coordinating with
uh uh Adrian's team uh to get him uh to talk about and present well they're
working on that tools uh for humanity and as uh a lot of us know um you
know tools uh for humanity has been working on orb the world coins and the
world wallet right um and those kind of uh interesting initiatives uh that
one of the co-founders Sen Alman uh so uh so very I think a lot of people
in this communities are quite interested uh to learn more about their uh
latest initiatives and work items. So Adrian, I look forward to yours and
thanks thanks again for uh spending your time uh to come here and
*Adrian Ludwig:* Yeah.
*Harrison Tang:* present.
*Adrian Ludwig:* No, I I appreciate the the invitation. Uh I have not
played with meat very much.

00:09:43 {#00:09:43}

*Adrian Ludwig:* We're a Zoom shop. Uh, so we'll see if I can figure out
how to have slides present and it would be nice to have some situational
awareness and be able to see if there's questions and things like that. Uh,
so let me let me see if I can do that. I think maybe if I share just the
window that'll work, but I
*Harrison Tang:* Yeah.
*Adrian Ludwig:* don't know.
*Harrison Tang:* And then I will also mo moderate the queue. So don't worry
about it.
*Adrian Ludwig:* Okay, cool. Yeah, if you just jump in and ask any
questions. Um, does that look reasonable? That does look reasonable.
Excellent. Cool. Um, so as Harrison mentioned, he reached out a couple
months ago, uh, or a couple I think it has been a couple months. Goodness.
Uh, and asked if uh, we could come from tools for humanity to talk about
what we've been doing on the world project. Uh, and so excited to be here
and and share a little bit of that.

00:10:35 {#00:10:35}

*Adrian Ludwig:* To give some context on myself, uh, my background is
mostly security, not credentials per se. Obviously, identity, credentials
sort of overlap. Um, but my background is is really uh in the security
space. Um, I I ran security for Adobe and Macromedia for a little while.
Uh, it's kind of weird. I'm now in the same building that I started my
career uh almost 25 years ago uh here in San Francisco. We just changed our
offices in Tools for Humanity and we're now in that same space that Macro
Media was in in the early the late 90s, early 2000s. Uh I spent about seven
years working on security for Android uh both the operating system but then
also how do we protect Google Play against malware. Uh and then I spent
about five years at Atlassian uh working on trying to build security for
cloud products there. Um what was striking to me throughout my career is
that there are a lot of foundational problems that had not been addressed
in the infrastructure that we had. And so as I was looking around a few
years ago to try to find something different, I was approached by this
organization, Tools for Humanity, which had a very exciting name and and a
very big mission.

00:11:48 {#00:11:48}

*Adrian Ludwig:* Uh and I found it really intriguing. Uh and so I want to
share a little bit about what we're doing. Um and then hopefully I think I
think there's actually really interesting opportunities for collaboration
with this community. Uh and and some changes that we want to make to make
sure that that's uh able to be fruitful in the future. So uh Harrison
mentioned company was founded by Sam Alman and Alex Blania. Uh the origin
story basically comes down to we're worried about AI in the future and the
implications that it'll have in terms of changes on the internet and how do
we make sure that that future is one that can be as successful as possible
for humanity um not just for the AI and the bots. And so out of that came
this company Tools for Humanity. Uh and eventually uh what they settled on
is that one of the first projects that was appropriate to be built was an
anonymous open digital identity infrastructure. Uh and all of those words
are really important um and they have implications and we'll talk through
them.

00:12:52 {#00:12:52}

*Adrian Ludwig:* I think the one that um is perhaps most important is that
our intention is that this is a public good. Uh our intention is that the
stuff that we're building all becomes available as an open platform that it
ends up being owned and controlled by the community uh in much the same way
that the web has. Um it didn't start that way meaning the web but also
meaning world. Uh but we're trying to have it move in that direction. Um
and that's consistent with the intentions of the team originally and that's
consistent with the direction that we're going now. Uh and so I just want
to make sure that that's really well understood. So I think it lines up
nicely with the W3C CCG as well in terms of a lot of what we're working on.
Um it's going to be global scale. Uh this idea that the users have control
of all their data is a foundational tenant. Um and then ultimately that it
needs to be owned by everybody. So those are the things that drew me in. I
thought this was a pretty exciting mission.

00:13:48 {#00:13:48}

*Adrian Ludwig:* Um so let's start off first with what is this thing called
uh proof of humanity. Uh it has basically two properties. Um the first is
that you need to know that you are dealing with a human uh and that they're
alive. So you're actually interacting with them in some meaningful way. And
the second is that they're unique. Uh and we think that is a foundational
thing that's required to have online communities actually be fraud
resistant and resistant to disinformation. Uh and ironically while lots of
identity problems, lots of credential problems, lots of security problems
have been solved, this proof of humanity problem is basically an unsolved
technical problem at scale. Um and the reason that it's unsolved is the
approaches that we've taken so far have really gnarly uh compromises
between protection, practicality, scalability. Most of the approaches so
far um either can't achieve humanness, uniqueness, aliveness or they
require a ton of information to be exposed about the user to a lot of
different services and so they just don't work uh at a global scale.

00:14:57

*Adrian Ludwig:* This is intended to to represent sort of how we think
about it. We think of proof of humanity as a piece of foundational
technology. Um by itself it is sufficient for things like preventing civil
attacks on large networks. Uh combined with things like authentication and
digital identity, it becomes a really really powerful enable of those
technologies to be even better than they are right now. Um what's curious
to me looking at the way the system has been designed is that most of our
internet right now has the idea of identity and authentication but it
doesn't have this underlying proof of human. Uh, and that's why in things
like a Facebook or an X or any of our large scale social networks, we've
been overrun by bots. That's why gaming doesn't work, etc. So, there's
there's lots of implications for that. And so, that's the thing. Um, we had
an event just last week uh here in San Francisco uh where Alex and Sam
talked about sort of the origin of what we're building and the trajectory.
They described this simple plan.

00:15:59 {#00:15:59}

*Adrian Ludwig:* It starts with the idea of building the technology to have
proof of humanness. Then it begins to think about how do we distribute the
network uh and ownership of that network. Uh our goal is to have a system
that can scale globally. So it has to work for billion plus users. Uh and
then we think that that will enable AI to be usable by everybody at global
scale. And it also has you know this has a very AI lens. I think it has um
the ability to enhance basically any online service. So uh it's very
relevant in some other markets as well. The pieces of technology, one is
the orb. Uh the orb is uh basically a fancy camera uh that allows you to
determine that someone is human. It does that in in a fairly sophisticated
way. We'll spend a few minutes on that in a moment. The second thing that
you want to be able to do is actually use that proof of human. Uh and there
are two parts to using it.

00:16:53 {#00:16:53}

*Adrian Ludwig:* one is connecting directly to services and the other is
allowing it to be uh joined uh with other identity and authentication
systems to make those more robust. Uh and so world ID is designed to do
both of those things uh and do so in a way that um preserves user privacy u
maximally by using zero knowledge proofs and we'll talk through some of the
details of that. There are two other critical elements to the
infrastructure. Um one is worldcoin. Worldcoin is a token. Uh the role of
that token initially was to bootstrap the network. So to encourage users to
join. Uh at this point we are in the process of transitioning to the next
phase of the token's life. Uh the next phase of the token's life is that
it's the operating mechanism to maintain sustainability for the network.
I'm not going to spend a lot of time on either worldcoin or world chain. uh
not because we're trying to hide anything but basically because I think for
this group understanding how the credential system is most valuable but
what you can think about for worldcoin is there's got to be a lot of orbs
out in the world there's got to be a lot of credentials that are out in the
world how is it that those credentials can have sustainable business models
how is it that the protocol can be sustainable because

00:18:05

*Adrian Ludwig:* there's a lot of expense associated with it and on the
internet what we ended up doing was having advertising support the internet
protocol u we don't really like that model we would like to have the model
be one where large organizations that are benefiting from the protocol have
to pay directly into it and so Worldcoin makes that possible for this
protocol. Um it's a mechanism for making sure that it's sustainable into
the future. Uh world chain is the underlying blockchain. Uh there's two
problems with existing blockchains. Uh one is that they don't scale very
well. Uh and then the second is that they have been overrun by bots. Uh and
so World Chain is intended to solve both of those problems. Again, I'm not
going to spend a ton of time on it. I'll sort of signpost uh those two
things, but we'll just kind of go from there. So, we'll focus really on the
orb and world ID for today. I should also mention um obviously I'm talking
too fast and I'm covering a lot of things.

00:18:58 {#00:18:58}

*Adrian Ludwig:* If you do have questions, I'm very comfortable with
questions being interjected and and going to them. So, u happy to do that.
And I'm also happy I'll make sure that we have 10 or 15 minutes at the end
to talk through questions. So protocols are only as useful as the
applications that get built on top of them. Um there is an application that
is most popular of all the applications so far which is the world app. This
is an application built by tools for humanity. It combines uh a crypto
wallet uh and a management of credentials connected to world ID to be able
to use them in other environments. So that's the first application that was
launched uh and it's the one that's out there right now. It's sort of a
general purpose application. Initially the team thought there would always
be a wallet. Uh we're now beginning to migrate towards a belief that
actually connecting to the protocol might be something that's embedded
directly into applications. So maybe this idea of a wallet is not really
the right metaphor for how proof of humanity is going to be incorporated.

00:20:03 {#00:20:03}

*Adrian Ludwig:* We're not totally sure. Uh but there's some thoughts that
maybe it's going to be a slightly different model than the one that is a
more classic wallet type model. Um in terms of applications, in addition to
that sort of base level wallet application, we're starting to see some
large organizations believe that proof of humanity and world ID are useful
for them. One of them uh that we announced last week is Match Group. Uh
they make a bunch of the most popular dating applications. Tinder is the
one that uh is the most popular in the world right now. Uh and they have a
an issue with fake accounts and bots uh and are exploring world ID as a
solution for some of the challenges that they have. Razer is one of the
world's largest gaming corporations. Uh they build something called Razer
ID that's incor that's embedded in an SDK that ends up in a lot of the more
popular online games. they're pretty excited about the possibility of
reducing uh bots in the context of those applications through use of world
ID.

00:21:03

*Adrian Ludwig:* Um so there's some big sort of companies that are looking
at us as infrastructure for their services. Um we're also having
conversations with a lot of different countries. Uh these are the flags of
Malaysia and Singapore which are two of the countries where we're furthest
along in thinking about how their national identity system could
potentially use World ID as a way to extend uh access to services globally
to their citizens. And there's some interesting things there. So point
being, uh we're fairly far along in conversations that are tactical in
nature about how some of these folks could potentially use it. The logos on
the bottom are what we call mini apps. Uh inside of the world app, there's
the ability for a a developer to build uh a HTML, so a web- based app uh
that can use proof of humanness uh to protect its services. And so there's
a lot of small developers that are building applications directly inside of
World App. Um and all of these I think are use cases that we think longer
term are going to be particularly interesting.

00:22:06

*Adrian Ludwig:* So um just wanted to give a sense there about 150 or so
different developers that are that are building at this point uh using uh
world ID and world app. Uh in terms of the network uh we have about 12
million people actual people unique humans who have gone to an orb
somewhere in the world. There are over a thousand different locations
around the world right now that are hosting orbs and make it possible for
someone to go get verified as human. Uh in the United States, just last
week, uh we announced uh scaling up operations here. There are six
different locations around the United States right now. I'm in San
Francisco. There's one in Union Square and there's a couple other smaller
ones in the city. Uh Los Angeles, Austin, Nashville. uh we expect that the
number in the United States by the end of this year is going to be on the
order of several thousand. So that was announced last week. So very rapidly
growing the number of locations where people can go to an orb.

00:23:03 {#00:23:03}

*Adrian Ludwig:* Um the number of users of the world app and therefore the
protocol is about 25 26 million at this point. Um I like to highlight that
I don't know whether those users are people or not. We think most of them
probably are. Um but as with any uh internet service, we just don't know.
Um so uh we definitely know though that that 12 million plus are people
that have gone to an ORB and been verified. Uh we are in a wide range of
different countries. So we have physical operations in about 25 different
countries with orbs. Uh and then we also have uh about 160 different
countries where there are people that are using the app. So just to give a
sense for the scale and how things have been progressing. Okay. So what is
the orb? How does it work? Uh why does it exist? So, we talked about proof
of humanness. You want to prove that someone is unique, that they are
human, that they're alive, uh, and that that's a useful primitive for a
bunch of different types of services.

00:24:01

*Adrian Ludwig:* Um, the team initially did lots of investigation into how
that could be done. Can you do it with social graph? Can you do it with
attestations? Can you do it with government identity? Uh, and all of those
basically end up with a problem. Uh it could be that they're not inclusive.
Um most people don't have government IDs around the world. Uh it could be
that they're not scalable. Uh a lot of them are that they're not not AI
safe. Um things like the social graph work really well. Uh but they don't
give you the ability to determine uniqueness because social graphs just
don't work that way. Um and so they don't solve sort of the core problem.
Um the result of it was a belief that biometrics uh is basically the only
way. Um so the team somewhat reluctantly uh began exploring how that could
work. Uh they ended up with the realization that there wasn't an existing
mechanism that had enough fidelity to be able to determine uniqueness at
global scale.

00:25:05

*Adrian Ludwig:* Uh and so what do I mean by that? Um there's lots of ways
that you can determine uniqueness. Like you can use fingerprints. Uh you
can my my favorite example is actually I can use birth date not birth date
with your year although that would work too um but just like what date of
the year were you born in um there are 365 of them you're unique as long as
you have a population of something on the order of less than 20 people
because you start to have collisions above 20 people. Uh so birth date
doesn't work particularly well at global scale. Doesn't even work that well
at like classroom scale if you've ever seen that problem. um fingerprints
tend to work on the scale of like one in a million, one in a few million.
Uh you start to have collisions and complexity above that. Um and every one
of the mechanisms that we looked at sort of had that same problem except
for iris. And so that's what the the team settled on.

00:26:00 {#00:26:00}

*Adrian Ludwig:* Um palm print also doesn't have that problem. They're
different issues there. Um and and then DNA um although DNA does have some
very specific collisions around identical twins. Um so at any rate we
determined in the early analysis that biometrics was probably the only way
that this could be done at global scale uh and uh that custom hardware was
going to be necessary. So that's where the orb starts being built. Uh how
does the orb actually work? Uh it looks at a bunch of things. So it is a
camera. Uh it takes images in both visible light and then in other uh
bandwidth. So infrared in particular analyzes that to determine that what's
in front of it is a person uh shape of the face elements uh within that
face. Uh does it have heat that is similar to uh is there movement at a
micro scale uh that implies blood movement? Uh there are bunch of different
analyses that are happening. So there's uh people like to now say there's
AI models uh that are running on that device to do that analysis.

00:27:03

*Adrian Ludwig:* uh which is true by the way for all cameras. So I think
it's kind of a a funny thing that we focus so much on it like when you pick
up your uh your Nikon camera and it does autofocus in order to find that
you're taking a picture of a bird and zoom the autofocus it's using AI to
do that too. Um so in many ways it's looking for a different set of things
than other cameras but it's behaving just like any other camera does in
terms of determining that. um and then in particular focusing on the iris
of the eye which is the front of the eye and then analyzing that. Now this
is not intended to be a general purpose consumer camera. It's very focused
on solving a specific problem which is uniqueness and doing that in a
robust way that is resistant against lots of different potential attacks.
So it could be attacks by the person who's standing in front of the camera.
It could be an attack by the person who's operating the camera.

00:27:56

*Adrian Ludwig:* It could be an attack by the government which is hosting
uh the country within which the camera is operating. And so yes, a lot of
work is done on the optical system and the AI to analyze. But also there's
a ton of work that's done on security to protect against all of those types
of threats. Um which is actually why tools for humanity was interested in
talking to me because I had helped work on some of the these types of
threats when dealing with Android. uh and how do we deal with building a
device that is resistant even against potential attacks by a government. So
uh most of our investment uh is in solving those things. Uh it's in making
sure that the camera takes a set of images, analyzes those images, the
analysis of those images is robust. Those images are then given to the user
and they're deleted. Uh and so a we're trying to do everything we can to
the highest degree of security and privacy on that device and b we want to
make sure that uh anybody in the world is able to do two things.

00:28:56 {#00:28:56}

*Adrian Ludwig:* One analyze the system. So we've made it open source both
for hardware and for software and two uh we want them to be able to build
their own. Uh it is not the case right now that there are a lot of other
people building orbs right there's no business model yet. there's no
large-scale uh network that they could incorporate themselves into. But we
believe that in the long term there will be those things. Uh and therefore
we want this technology to be open so that any manufacturer could
potentially build an orb. Uh and initially that might be an orb as we now
have it which is this standalone device. Longer term we think it might also
be something that could get incorporated into other devices. Uh we
announced uh last week something called Orb Mini uh which is about the size
of a cell phone. Uh we believe miniaturization of those components is
possible. Uh and then it could be incorporated into other devices in the
future. So that's sort of the long-term trajectory, but we're setting the
stage for that right now by open sourcing everything and making um sort of
a baseline for that progress in the future.

00:30:02 {#00:30:02}

*Adrian Ludwig:* When you walk up to an orb, what's it actually do? The
goal of the orb is to produce a credential that can do two things. It can
prove that you're a human uh and then it can be used to determine that you
are a unique human. So the first thing that it does is it takes those
images, analyzes them and then it gives that data once it's confident that
you're human to the user. Doesn't keep it, doesn't need it, doesn't store
it. Uh so specifically the user device creates an encryption key when it
walks up to the orb. The orb takes pictures, analyzes them, encrypts them
with the user's key, and then hands them to the user. There's no data
that's retained on the orb. At that point, the user now holds what I think
of as a verifiable credential. It's a thing that an orb gave them that has
been cryptographically signed that they could use to say, "I've been to an
orb and I am a human." It's not enough to prove that they're unique.

00:30:58 {#00:30:58}

*Adrian Ludwig:* It's just enough to prove that they're human. But they
have it and it's theirs and it's self-custody. So how do we do uniqueness?
Now this turns out to be um one of the more interesting challenges. Uh I
already mentioned that you need to have something that has enough entropy
using my crypto background uh to be able to determine that there's a
difference between one user and another to determine uniqueness. If you use
something like your birth date, uh what day of the year you were born in,
you have enough entropy to prove that you're sort of unique within maybe 10
to 12 people. Once you get up to 25, you start having collisions. So the
iris has enough data in it to be able to determine uniqueness. But there's
a second concern uh which is how do you protect that data? And so we'll
talk through some of that. So to the first point uh you use the iris code
uh which is an image of the iris that has then been decomposed broken into
pieces uh where the way the code is generated is designed to have maximum
distance between people.

00:32:06

*Adrian Ludwig:* So specifically uh there's a series of filters and
mathematical transforms that are done that are designed to have every Iris
code be as separate from other iris codes as is possible when I have them
be uniform. Um interestingly the iris in general does not reveal any data
about a person. Uh identical twins have irises that are as separate from
one another as they are from any other person. We are not aware of any
specific characteristics of the Iris code that are related to age, gender,
race, or anything else. U in that sense, it's very similar to the day of
the year that you're born in. Right? People who are born on January 20th
are no more similar to one another than people that are born on December
14th, assuming that you don't trust astrology. So that's what we're
striving for something where everybody is uniformly distributed uh and are
able to be differentiated from one another. Now the second concern is in
order to determine uniqueness you need to be able to compare one against
many. And so I want to take a moment and talk about authentication versus
uniqueness.

00:33:26

*Adrian Ludwig:* Um, most systems that we're familiar with from a biometric
standpoint look like the one that's at the bottom where it's authentication
where a user enrolls in the system and after they've enrolled the goal is
to confirm whether they match their previous enrollment. And that's an
important property. I'll talk a little bit how we expose that property in
the context of a world ID. But there's a second property uh that's
important that is not accomplished by just a comparison of enrollment to a
subsequent interaction which is you can't tell whether multiple people have
the same enrollment which is actually one way of saying the same person has
enrolled multiple times and the system believes that they are different
people. And so one of the core properties in order to prevent civil
attacks, in order to prevent a bad actor creating lots of accounts on a
particular service, is to be able to tell whether it's the same actor. And
we need that and have always needed that in the context of humans. And we
think we're going to need that even more in the context of AI where it
becomes uh basically free to create an infinite number of accounts and to
overwhelm those services.

00:34:35

*Adrian Ludwig:* We're already starting to see that, but we think it's
going to get even worse. And so in order to do uniqueness, you need to be
able to compare against all of the other members that have previously
signed up and say, does it exist within the set or not exist within the
set? And of course, the risk associated with that is that you now have a
set of all the previous signups. And so while the Iris code is not believed
to have any meaningful information other than that this is a unique person
because that's the way the code was generated. we still want to make sure
that we provide the maximum level of protection. How do we do that? So
that's the question is how do we determine uniqueness and then provide
protection. So think about your birth day for a moment. If your birth date
is February 21st, which is what mine is. I don't mind telling people that
because it's not particularly sensitive. That means that my day of the year
is something like I think 51. I can add a number to that 10 or I can
subtract a number from that 10 and I end up with like 61 and 41. And if I
told one of you that my number was 61, I told another one of you that my
number was 41 and didn't tell you the central number, you wouldn't know
what my actual date was.

00:35:52 {#00:35:52}

*Adrian Ludwig:* It gets even more exciting if I add say 100 um or 200 so
that it wraps around, right? And so that model is basically how we have
implemented protection for uh iris codes. This idea of taking a value
mathematically transforming that value and then collectively performing an
operation uh is what we've tried to do. So we want to have a system that
can answer only one question. Is this person unique? We don't need to know
their actual iris code. We're never going to use that. We just want to know
has the person enrolled previously? And so that's what AMPC is designed to
do. Uh we have open sourced it. Uh it has this really interesting almost
accidental property that it's quantum resistant. Uh which is nice uh
because it's just generating a random number and then just exoring it. So
there's not actually a crypto system that can be quantum uh exploited. uh
and uh once they have been encrypted uh they are then handed to multiple
different parties.

00:36:57

*Adrian Ludwig:* we use three and then we have a fourth that provides the
ability to have redundancy and backup. Uh each of those parties holds an
encrypted instance of an iris code uh encrypted with a different key uh in
such a way that together those three parties are able to perform a
comparison and together they're able to answer the question of has this
person enrolled in the system. No one of the parties is able to answer any
question about who is enrolled. Uh no one of them is able to answer this
party is enrolled or not enrolled. Uh nor are they able to reconstruct any
of the previous enrollments. Uh and importantly uh we don't want world uh
or tools for humanity have access to any of the information. So we're not
any one of the parties. So currently the systems being operated by Berkeley
University of Zurich uh and FAU which is a university in Germany. uh and
then backup and recovery uh is enabled by having a fourth party nethermind
uh which is a company that works in the blockchain space.

00:38:00

*Adrian Ludwig:* So the core here is uh the system is fully anonymized. The
only thing that can be answered um is if a person were to go to an orb and
produce a iris code and then submit that iris code the system can answer
has this person done that before or not. Uh and that's the totality of what
can be done. Um there are both technical and legal controls uh that prevent
uh the parties from colluding. So uh that's the the mechanism for making
sure that it can be secured into the future. So our goal is to provide a
personal custody credential uh that you are a human uh and then have an
enrollment of that credential uh that allows uh you to interact with a
service and demonstrate to that service that you are a unique live human.
Uh and so the personal custody credential is held on your phone. Uh and
then there is a proof of enrollment that is put onto the blockchain so
you're able to demonstrate that that credential was used. uh and enrolled
uh through the blockchain so that in the future you're able to interact
with other systems.

00:39:10 {#00:39:10}

*Adrian Ludwig:* So that's our goal uh and that's what the orb gives us uh
as well as the AMPC backend and the enrollment process for that. So at that
point the user has these two things uh how do they then sort of use it to
interact with the rest of the world? That's where world ID comes into play.
Uh it's a fairly straightforward identity protocol. Um turns out there's
some complexity uh which is always interesting. Um the goal of it is to
allow an individual to maintain their privacy and they interact with
services whether that be a social network or whether it be a game or
whatever um through zero knowledge proofs. So those services should learn
nothing about you uh as a byproduct of interacting unless it's a thing that
you've specifically chosen to reveal to that particular party. Um if it's
being used just with proof of humanity, just with the orb signal, there's
literally nothing else that they could learn. Uh if you incorporate another
credential, they may be able to validate some other things. I'll talk
through that.

00:40:15 {#00:40:15}

*Adrian Ludwig:* That could be your age, that could be what nationality you
have. Um but it's up to the user to decide whether they want to do that. So
it's totally in their custody and control. How do the zero knowledge proofs
work? Um the important thing uh is that the key that's used to produce the
proofs is controlled by the user. Um and the information that's required to
generate the proofs is either on the blockchain where it is public or it is
held by the user where it's in their self-custody. Neither of those things
is held by World ID's infrastructure. So, world ID allows the proofs to be
generated uh by creating something that's self-custody by the user or
that's on the blockchain and then the user in the future can interact with
whatever services they want and those interactions are independent of the
world ID infrastructure. So um unlike traditional authentication systems
where the authentication system provider ends up with a record of all of
the services that are being used by that user uh there's actually no record
that's being generated on the back end.

00:41:22 {#00:41:22}

*Adrian Ludwig:* There's just no interaction with world ID backend uh
during the authentication process with any given site or location. And so
it ends up being fully decentralized. And the interactions that you're
having with any given site uh are also isolated from uh other sites. So
when you're interacting with uh you know your social media site versus your
game, they're completely separate from one another. World ID also has the
second attribute uh which is the ability to link to other credentials. So
credentials were first introduced back in October of this year. The first
credential that was introduced was an NFCbased passport. So within World
App, a user can enroll their NFC based passport. It produces what's called
a personal custody package. It's held on the user's device, which is just
like how the ORB works except that now rather than generating the camera
images on the Orb and then transferring them to the user, with the
Passport, you're reading it from your passport directly onto your device.
They never leave the device. There's a unique code that is generated just
like the iris code.

00:42:30

*Adrian Ludwig:* The goal is to tell that a document is unique so that one
passport can only be used with one person. Uh and that uniqueness can be an
important attribute as well. And we used AMC to manage uniqueness in the
same way that AMPC was used for the orb iris code. Uh so that it is private
uh even though uniqueness is being confirmed. So it's anonymous. There's no
ability to link from it. The credentials uh format is at this point
proprietary, although there's no reason that it needs to be proprietary in
the future. Uh in fact, for me, it's a little bit of a pet peeve that it's
proprietary. Uh I think we want to get to a point where it uses verifiable
credentials just like everything else should be using. Uh and so that's one
of the examples of something where you know we need to be talking to CCG
and making sure that uh the the way that these credentials are being
represented can be used uh in an industry standard format in in the future.

00:43:25 {#00:43:25}

*Adrian Ludwig:* Um the other thing is right now uh adding a new credential
is dependent upon the application. So it's dependent upon the world app
being able to do it. We're in the process of getting to a point where new
credentials could be added in a permissionless way. um they can certainly
be added on the blockchain, they can be added uh you know in that format.
Uh but what's difficult is how to represent them in the context of an app.
So we're working through how to make that and and I'm talking to people
that know more about this than I do. Um but the challenge of course is how
do you ingest those? How do you make them exposed? How do you allow the
users to make smart decisions about where they're going to use them? So
those are some of the things that we're trying to think about is how to
have that work. um and we'll be looking to you to to help get some of the
guidance on that. There's a second interesting attribute that comes out of
having these credentials be self-custodial um and having zero knowledge
proof and people who work on zero knowledge proof which is that you can
generate proofs of other attributes.

00:44:27 {#00:44:27}

*Adrian Ludwig:* So specifically one of the ones that's most exciting is
doing real-time authentication against the user. So uh the orb signal uh
the orb credential has an image of the person's face. Your passport has an
image of the person's face. Your phone has of course a camera. Uh and so we
can do client side attestation that the person who is represented in a
credential is the same one that's interacting with the camera. Um this is
of course complicated. Uh you need to have confidence that the camera is
giving you a reliable image. you need to have a confidence that the
comparison was done in a reliable way. So there's a variety of things there
that require you technical work. Uh but we have it working. Uh and we think
this is is a real opportunity to be able to do uh you know face
authentication against a user controlled credential in a meaningful way uh
at scale. Um so that's up and working uh and it can be connected to other
attributes as well.

00:45:28 {#00:45:28}

*Adrian Ludwig:* So you could for example uh produce a proof that someone
is of a certain age uh and know that from their passport they're a certain
age and that they are the person that's still using that device but you
don't have to reveal any other information about them. So what does world
ID give you? Uh we think it gives the ability to have uniqueness which is
actually an attribute that is very rare uh in other systems. Uh it can be
connected uh to other existing identity systems. So uh to be able to prove
things like age, nationality, passport and more and do that in a private
way. Uh and then we're in the process of uh identifying how we can make it
more extensible so that other types of credentials can be incorporated as
well. Uh our goal is to have this be as open a system as possible. I
mentioned in passing uh worldcoin is a key part of the system. Uh I'll
spend 30 seconds on this. uh we started with worldcoin as a bootstrapping
mechanism.

00:46:28

*Adrian Ludwig:* So how do users join the system? How do you get the system
up and running? One approach was that people were excited to receive a
token. And so the token was made available to users. It is still the case
and will continue to be the case. In fact, the world foundation exists to
distribute that token to as many people as possible. And so uh about 75% of
the tokens that were minted are being distributed directly to users. uh we
can do that because we know that they are human. Uh they've gone to an orb
and so we know that that uh those tokens are being distributed uniformly
across the global population and it's not uh subject to some of the the
types of attacks that exist for these types of airdrops on other systems.
And then the second is uh enabling of fees. Uh we just announced this last
week and we're working through all the details. Uh there is a blog post
that describes them. The critical thing to recognize here is that we
believe one of the challenges that credential systems have uh is one of
externalities.

00:47:29 {#00:47:29}

*Adrian Ludwig:* The user of those credential systems uh often build an
atomic solution just for their problem. Uh and what we want to have is the
ability for a credential system to be usable by lots of different parties
in a uniform way. Um that encourages credential systems to be more
sophisticated, more valuable, more usable. And so what worldcoin does uh
through world ID fees is makes it possible for a credential issuer to
produce a credential that can be used by any relying party and have a value
transfer without the need to enter into a direct commercial relationship by
using world uh by using blockchain technologies. So that's sort of the core
idea is the credential issuer ecosystem can have value from issuing those
credentials and do so in a sustainable way. Most of the value is expected
to flow to those credential issuers and then a small portion of it will go
to the protocol that enforces the rules that are necessary uh for the
system to be sustainable and to work into the future. So uh we've described
that at a high level.

00:48:33 {#00:48:33}

*Adrian Ludwig:* Uh our expectation is that this summer, so we're aiming
for June or July, um this will be mapped out u at a binary level. So every
detail about how those fees could work um will be there. Uh and then the
credential issuer gets to decide what they want to charge based on the
market rate. Uh relying parties could decide which of the credentials they
want to use in the context of those proofs. uh and we think that this can
create a virtual cycle uh that has not existed previously in uh in this
space. Uh and then I also mentioned world chain. Uh we're really trying to
solve two problems with world chain. The first is just scale. Uh we're
already basically the largest blockchain in terms of how you measure by
number of humans with 13 million discrete humans uh that are verifiably
actually human. Um it's a lot larger than any of the existing blockchains.
Uh and if anybody here has come from the payment space, you know, you go
talk to a Visa or Mastercard or anybody in the payment space and they're
talking about thousands of transactions per second.

00:49:34

*Adrian Ludwig:* Uh if you talk to the blockchain space, they're like
orders of magnitude, many like three orders of magnitude slower than that.
Uh and so a lot of our work is how can we build a network that can be a
financial network but also an identity network at the scale that is
required by humans and existing blockchain technologies simply just don't
work at that level. So we're doing a lot of work on scalability. Um and
then the second thing is uh at this point most blockchains uh to be blunt
have been overrun by bots in the same way that our social networks have
been overrun by bots. Uh and so trying to use them for human speed
transactions uh just doesn't work. Uh and so we're trying to incorporate
technologies to give preference to humans. uh and one of those as an
example is what's called priority block space for humans. So if you have a
world ID, the number of transactions you can do in a preference for your
transactions goes to those parties that hold a world ID and are able to
demonstrate they're human in that context.

00:50:32

*Adrian Ludwig:* So things like um your ability to do transactions become
more efficient if you're a human than if you're a bot. There's just
preference given to those. Um so those are some of the things that we're
doing. I I promised I wouldn't spend too long on that. That could be a
whole another hour or two talking through the world coin and world chain
things. But uh hopefully that was enough focus on just credentials uh how
we use the orb to generate those credentials, how we're thinking about the
long-term integration of credentials using world ID. Uh and gave you a
little bit of an overview of what it is that we're working on. Um
personally, I want to make sure that we are increasingly open about
everything that we're doing. Um my work really is security, privacy and
decentralization. Uh by which I mean how do we make it as open as possible
and then how do we actually diffuse this in the way that a protocol really
needs to be diffused uh so that parties can rely on it and trust it.

00:51:30 {#00:51:30}

*Adrian Ludwig:* Uh with that I will click stop sharing uh which I think
makes the slides go away and I can just answer questions or whatever is
most useful.
*Harrison Tang:* Thank you. Thank you, Adrian. And NeAs, you're on the
queue.
*Nivas:* Thanks Harrison. I have uh two questions. Um one could be a simple
one. Uh what about fake eye lenses and stuff and civil attacks using that?
Uh that's one question. And the other one is uh how does the world coin
distribution of currency happen from the date of enrollment or is it
retroactive?
*Adrian Ludwig:* uh so so the first one uh the orb has dozens of discrete
models that it's doing to detect fraud uh as an example for contact lenses
uh it does analyze what those lenses are doing. So you can use polarizing
to detect like whether you have a film. Polarized light reacts to very thin
films in a in a specific way. Uh and then you can detect uh whether a
contact lens is actually manipulating the image or whether the image is
passing through has not been manipulated.

00:52:46

*Adrian Ludwig:* Uh and so there are AI models to do that. So uh color
lenses tend to be something that's detected and we basically say that's
fraud. you can't. Fraud is a little bit harsh of an assessment, but we
basically say that's a a manipulated iris and so it cannot be used for
determining uniqueness. Um, if there's one that actually tries to change
the image, same thing. U, but a normal person wearing contact lenses that
don't manipulate the image will go through just fine. Um, but there are
wide range of different types of specific attacks that we've had to look
for and identify uh and and are used in that way. We also think over time
uh enrollment is not going to be a one-time action. Uh so identifying uh
you know a reason why someone will go back and reauthenticate or reenroll
uh is going to be part of the system as well. Um and then uh one-time
tricks like that are not going to be as reliable. In terms of the uh the
granting mechanism, uh the World Foundation controls uh decisions about how
grants are given.

00:53:47 {#00:53:47}

*Adrian Ludwig:* Uh my understanding is grants are uniform around the world
at this point. Uh and that uh at any given time you can sign up and you can
request your grant uh and at that point there's an amount that's reserved
uh and then it's distributed on a periodic basis. I think it's monthly at
this point. So right now I think it's about 40 or 50 worldcoin are provided
uh more of them towards the beginning and then you get an ongoing stream on
a perpetual uh on a perpetual basis from that point. So for several months
at least so that's the basic structure. Um
*Nivas:* Yeah, thank you.
*Harrison Tang:* Dimmitri.
*Dmitri Zagidulin:* What's is there an offline strategy for uh like post
enrollment relying party verification?
*Adrian Ludwig:* Yeah. Um so offline uh yes uh it actually works right now.
Um so the way that the zero knowledge proofs are generated uh requires that
you have a Merkel tree that is an enumeration of virus codes and it uses a
semaphore proof. Uh but there's no reason that that needs to be uh sort of
current.

00:55:04

*Adrian Ludwig:* So you can cache it and then you can generate your proof.
Uh and then the the user that's on the receiving end, the verifier, the
relying party, uh has to make a determination whether we want to trust that
proof based on how old the Merkel tree was at the time that the
*Dmitri Zagidulin:* I see. I see. So, the offline verifier needs to have a
copy of the Iris codes of basically everyone, right?
*Adrian Ludwig:* No. Um, just I'll be really blunt. No. Uh, so the Merkel
tree is a list of uh hashes of cryptographic keys. The Merkel tree that
goes on the blockchain doesn't include the iris codes. Iris codes are only
used at the moment of enrollment. And then at the moment of enrollment, the
user's private key is used to generate a public key that's then used to
generate a hash. And then the hash of that public key is what goes onto the
blockchain. And then the Merkel tree uh of those keys on the blockchain is
used to use what's called semaphore.

00:56:01

*Adrian Ludwig:* So that you can prove that you're a member of the set that
has verified, but you don't have to demonstrate which member you are. Uh
and so as the number of enrolled users gets larger, the privacy promise to
users actually gets bigger. Uh but there's no point where anybody uh in the
world actually has the raw iris codes uh because they're given to the user,
the user breaks them into pieces, they're given to NPC, AMPC does the
enrollment and then subsequently it's just comparisons against those uh
hashed.
*Dmitri Zagidulin:* I see. So it's it's just the keys. Understood. Uh
*Adrian Ludwig:* Yeah.
*Dmitri Zagidulin:* does
*Adrian Ludwig:* Yeah.
*Dmitri Zagidulin:* that mean the offline verifier node has to have a copy
of the blockchain
*Adrian Ludwig:* Uh
*Dmitri Zagidulin:* like the latest?
*Adrian Ludwig:* yes. Yes.
*Dmitri Zagidulin:* Okay, got it.
*Adrian Ludwig:* They have to have one that's recent enough that they're
comfortable with it.
*Dmitri Zagidulin:* Got
*Harrison Tang:* Any other questions? By the way, I have I I have a Adrian,
I have a question.

00:56:58

*Adrian Ludwig:* Although
*Harrison Tang:* Um
*Adrian Ludwig:* actually just
*Harrison Tang:* Oh,
*Adrian Ludwig:* to
*Harrison Tang:* sorry.
*Adrian Ludwig:* respond to Demetri's question. So that's specifically if
what you want to do is prove uniqueness. If you don't want to prove
uniqueness uh then you don't need to have a copy of the blockchain. You do
need to have a copy of something. Um so for example if what you want to
prove is that this is a person who uh has gone to an orb so they are human
and that they have uh are above age 18 and you don't really care about
whether they're unique or not then those two credentials are both signed uh
and can be kept by the user and we can produce a zero knowledge proof on
the user's device and so you could do an offline proof of age 18 and real
human. Um, so there are some types of proofs that don't require um the full
blockchain,
*Dmitri Zagidulin:* Got
*Adrian Ludwig:* but
*Dmitri Zagidulin:* it.
*Adrian Ludwig:* the uniqueness ones um tie into
*Dmitri Zagidulin:* Understood.

00:57:47 {#00:57:47}

*Adrian Ludwig:* a blockchain. Yeah.
*Dmitri Zagidulin:* Understood. Thanks.
*Harrison Tang:* So Adrian, so earlier I saw that the app can actually hold
like uh ids.
*Adrian Ludwig:* Yep.
*Harrison Tang:* So now the orb uh can ensure uniqueness and then uh
basically proof of humanity. But then the how do you actually ensure that
the ID is actually issued to the right person? Can you kind of explain that
a little
*Adrian Ludwig:* Yeah. So, uh that is face matching. Uh so, in the same way
that uh we check to make sure that the user uh that is doing a proof
against their orb enrollment is the same person by doing a match against
the image that's contained inside the orb credential. we do a match up
against the user uh inside their uh document as well. So that's one
element. The other element is uh we we check to make sure that the
documents are unique. Uh and of course they have to be signed by an issuing
party. So right now we support I don't know the exact number about 30
different countries.

00:58:54

*Adrian Ludwig:* Uh and so we check uh in the app is this signed by a
specific country. We also check is this a real document. So NFC gives you
the ability to do a document present test. It varies from country to
country how that's exactly implemented. And then the third thing that we do
is we check does the person who's got the camera on their phone match the
image uh that is on the passport.
*Harrison Tang:* Got it. Thank you. Any last questions? We have about two
minutes.
*Adrian Ludwig:* I should mention just to be clear about it like that's
what TFH is doing for the passport credential. If there is another
credential that someone wants to do, I'll say California's driver's
license. Uh California could decide to implement a similar set of checks
and then issue their credential on our on world ID world ID. not yet fully
implemented, but that's our intention is that anybody who wants to issue a
credential should be able to do that. And they would define what their
mechanism is for deciding whether enrollment is appropriate.

00:59:57 {#00:59:57}

*Harrison Tang:* Got it. Thank you. All right, NEAS, last question.
*Nivas:* Yeah, sorry. Uh, Adrien, uh, based on what you had answered, I
just did some quick query search and looks like there were many more uh,
fraud methods that is popping up that can uh, kind of, you know, uh, take
over the method that we're talking about. My question is, is there some
sort of documentation about how civil attacks are prevented in the world?
Uh, if there's existing documentation, a detailed one that we could go
through that would be nice. Uh, so we I just want to make sure it's
foolproof.
*Adrian Ludwig:* So, I'm not sure I understand the question. So, this
basically comes down to how does the orb check to see whether a person is a
real human? Is that what you're asking?
*Nivas:* Yeah. Yeah. I mean, we uh I did a quick query and it says fake
eyes, prosthetic models, textured contact lenses, video replay attacks,
synthetic biometrics, GAN based attacks. So, there is many things that I'm
not uh familiar with all I of this.

01:00:58 {#01:00:58}

*Nivas:* just wanted to make sure we've covered all of this here and it's
really profound solution and not has flaws in it.
*Adrian Ludwig:* Yeah. And there are actually some industry standard test
suites um that we're incorporating into how we're doing our fraud models.
So like NIST produces a set of biometric attacks that you would be worried
about. We do red team against those. Um it's an interesting question of
whether uh for fraud models we want to make them totally open source or
not. Uh it's an active debate within the company about whether that's
better or worse, but certainly test suites are something that we can
provide.
*Nivas:* Okay, thank you. Looking
*Adrian Ludwig:* You
*Nivas:* forward
*Adrian Ludwig:* bet.
*Harrison Tang:* All right, thank you. Thanks everyone and thanks Adrian
again uh for jumping on and uh actually uh gave this great presentation and
share you guys work. This is great stuff.
*Adrian Ludwig:* I hope it's helpful. Uh, and hopefully we can, you know,
collaborate on things in the future. Uh, this is just the beginning for us
trying to make sure the technology works and then try to make it as
extensible as possible. So,
*Harrison Tang:* All right,
*Adrian Ludwig:* um, feel free to reach out.
*Harrison Tang:* cool. I probably will reach out after you guys have the uh
more details on the on how the monetization and the
*Adrian Ludwig:* Yeah. Yeah, that
*Harrison Tang:* the coin
*Adrian Ludwig:* should
*Harrison Tang:* work.
*Adrian Ludwig:* be
*Harrison Tang:* Yeah,
*Adrian Ludwig:* I'm trying to have that be by June. full specification
about how that works and then how fees can be set, etc. So
*Harrison Tang:* sounds good.
*Adrian Ludwig:* Cool,
*Harrison Tang:* Cool.
*Adrian Ludwig:* thank
*Harrison Tang:* Thanks a lot. All
*Adrian Ludwig:* you.
*Harrison Tang:* right, this concludes this week's CCG meeting. Thanks a
lot. Thanks for for attending.

Transcription ended after 01:02:35

*This editable transcript was computer generated and might contain errors.
People can also change the text after it was created.*

Received on Tuesday, 6 May 2025 22:32:58 UTC