Image: Bing Image Creator

Interesting news yesterday as Worldcoin, the cryptocurrency company co-founded by Sam Altman of OpenAI fame, officially launched their services. They include a new cryptocurrency (the eponymous Worldcoin), an identity service, and an app that allows users to buy and sell cryptocurrencies.

Followers of the crypto space might have thought founders called Sam promising to re-invent finance’s moment had been and gone, but apparently not. Here we get the usual grandiose claims, but with the added sprinkling of AI:

_{Worldcoin could drastically increase economic opportunity, scale a reliable solution for distinguishing humans from AI online while preserving privacy, enable global democratic processes}

Let’s take a look at the two key things they claim they’re doing.

Digital Identity:

Worldcoin claim to have created a unique ‘Proof Of Personhood’ (PoP) approach, centred on their custom-designed “Orb”. The Orb is a shiny silver device that captures pictures of your face, your temperature and your irises in order to prove that you are a unique, living human and then uses this fact to verify you onto their network as worthy of receiving your free grants of Worldcoin.

Worldcoin make a big deal of privacy in the user-facing messaging, saying reassuringly that ‘images of you and your iris pattern are permanently deleted as soon as you sign up’ and that ‘the images are not connected to your Worldcoin tokens, transactions or World ID’.

However, if you dig into the documentation a little more you can see that all is not quite as it appears. If, like me, your mind instantly thought ‘but wait, how can they prove the next person is unique if they don’t keep a copy of the irises?’ Well, it turns out, that’s exactly what they do. They create what they call an ‘Iris Code’ – a series of ‘numbers’ that represent your irises.

This is just a sleight-of-hand to say that what they’ve actually done is turn their images into data. Those data represent the most meaningful and verifiable bits of the image: i.e. they represent your unique iris information. In the same way that a dental record can identify you without having actual images of your teeth for comparative purposes, so too can the Iris code. That information is stored against your account and your identify, which makes their claims to be ‘privacy preserving’ spurious at best, and outright misleading at worst.

Even with strong encryption this still poses a significant data-loss threat to personally identifiable, immutable information about Worldcoin’s users. This ranges from the near term – the classic threats of bad design, or bad actors getting hold of the data, to medium term, with nation states already harvesting data now to decrypt with future quantum computers later, to worries that Altman himself has expressed around the future of AI.

If, as OpenAI claim, we could have human level AI within the next decade, there’s every reason to believe that these data may not be secure forever. At the time of writing Worldcoin are offering around £40 worth of their token to those who have their Irises scanned. For me, it’s certainly not a risk worth taking. I’d be particularly interested in seeing the findings of the security audits that they bury in the further information section of their whitepaper that they have acknowledged but not fixed…

Increasing Economic Opportunity?

Let’s imagine for a moment that people get over the ‘ick factor’ of sharing they eyeballs with the Orb. What then? The basic premise of the ‘currency’ seems to be to give ‘grants’ to all users on an ongoing basis, simply for being human. This seems difficult to square with their product lead’s statements to the Financial Times that “All our products are for-profit. There will eventually be a bunch of different wallets and experiences which will make money.”

And yes, when you dig into the whitepaper you can see that 25% of all of the ‘coins’ they ever plan to release have been reserved for the creators of the network and their investors. Nice to know the utopian AI future will still have an upper-class of benevolent coin creators I guess.