- Topic
63k Popularity
36k Popularity
20k Popularity
33k Popularity
18k Popularity
7k Popularity
144k Popularity
70k Popularity
1793k Popularity
- Pin
- 🎉 Gate US Stock Token Trading is Now Live! Spot, Futures, and Alpha Zone – All Open!
📝 Share your trading experience or screenshots on Gate Square to unlock $1,000 rewards!
🎁 5 top Square creators * $100 Futures Voucher
🎉 Share your post on X – Top 10 posts by views * extra $50
How to Participate:
1️⃣ Follow @Gate_Square
2️⃣ Make an original post (at least 20 words) with #Gate US Stock Trading Share#
3️⃣ If you share on Twitter, submit post link here: https://www.gate.com/questionnaire/6854
Note: You may submit the form multiple times. More posts, higher chances to win!
📅 July 3, 7:00
- 🎉 Congratulations to the following users for winning in the #Gate CBO Kevin Lee# - 6/26 event!
KaRaDeNiZ, Sakura_3434, Anza01, asiftahsin, GateUser-d0654db3, milaluxury, Ryakpanda, 静.和, milaluxury, 币大亨1
💰 Each winner will receive $5 Points!
🎁 Rewards will be distributed within 14 working days. Please make sure to complete identity verification to be eligible.
📌 Event details: https://www.gate.com/post/status/11782130
🙏 Thank you all for your enthusiastic participation — more exciting events are on the way!
- 🔥Post & Earn Passive Income! Gate Square’s "Content Mining" Channel is Now Open!🔥
Every post has a chance to earn up to 10% rebate from user trading fees.
Text, images, or videos—earn while you share!
Sign up now 👇Turn your social influence into real cash!
https://www.gate.com/announcements/article/45695
- #Gate Ranks Top 4 Exchange#
Gate has reached the Top 4 global crypto derivatives exchanges on CoinMarketCap, with a 24-hour trading volume exceeding $15 billion. Enjoy some of the lowest fees in the industry—maker fees as low as 0.015%. Gate is committed to providing users with a more efficient and cost-effective trading experience, making it your top choice for crypto trading!
Start trading now:
👉 Spot Trading: https://www.gate.com/trade
👉 Alpha Trading: https://www.gate.com/alpha
👉 Futures Trading: https://www.gate.com/futures
💬 What derivatives or other products have you recently traded
Vitalik: Does adopting ZK technology for digital identity eliminate risks?
Author: Vitalik Buterin
Compiled by: Saoirse, Foresight News
Today, the use of zk-SNARKs in digital identity systems to protect privacy has become mainstream to some extent. Various zk-passport projects (literally translated as ZK-passport projects, referring to digital identity projects based on zk-SNARKs technology) are developing user-friendly software packages, allowing users to prove that they hold valid identification without revealing any details about their identity. World ID (formerly known as Worldcoin), which verifies using biometric technology and ensures privacy through zk-SNARKs, recently surpassed 10 million users. A digital identity government project in Taiwan has adopted zk-SNARKs, and the EU is increasingly focusing on zk-SNARKs in its work on digital identity.
On the surface, the digital identity based on zk-SNARKs technology is widely adopted and seems to be a significant victory for d/acc* (Note: a concept proposed by Vitalik in 2023, advocating for the advancement of decentralized technology through technical tools such as encryption and blockchain, while defending against potential risks and balancing technological innovation with security, privacy, and human autonomy.)* It can protect our social media, voting systems, and various internet services from witch attacks and bot manipulation without sacrificing privacy. But is it really that simple? Does identification based on zk-SNARKs still pose risks? This article will clarify the following points:
How does the identification wrapped in zk-SNARKs work?
Imagine that you obtained a World ID by scanning your eyeball, or by using your phone's NFC reader to scan your passport, gaining identity based on zk-SNARKs passport. For the argument of this article, the core attributes of these two methods are consistent (with only a few marginal differences, such as in cases of multiple nationalities).
On your phone, there is a secret value s. In the global on-chain registry, there is a public hash value H(s). When logging into the app, you will generate a user ID specific to that app, which is H(s, app_name), and verify it through zk-SNARKs: this ID originates from the same secret value s as a certain public hash value in the registry. Therefore, each public hash value can only generate one ID for each app, but it will never reveal which specific ID corresponds to which public hash value.
In fact, the design may be a bit more complex. In World ID, the application-specific ID is actually a hash value that includes the application ID and the session ID, allowing different operations within the same application to be mutually disassociated. The design of a passport based on zk-SNARKs can also be constructed in a similar way.
Before discussing the disadvantages of this type of identification, it is essential to recognize the advantages it brings. Outside the niche area of zk-SNARKs identification (ZKID), to prove oneself to services that require identification verification, you have to disclose your complete legal identity. This severely violates the "principle of least privilege" in computer security: a process should only obtain the minimum privileges and information necessary to complete its task. They need to prove that you are not a robot, that you are over 18 years old, or that you come from a specific country, but what they get is a pointer to your complete identity.
The best improvement plan currently achievable is to use indirect tokens such as phone numbers and credit card numbers: at this time, the entity that knows your phone/credit card number associated with in-app activities is separate from the entity that knows your phone/credit card number associated with legal identification (companies or banks). However, this separation is extremely fragile: phone numbers, like other types of information, can be leaked at any time.
With the help of zk-SNARKs wrapping technology (ZK-wrapping, a technical means that uses zero-knowledge proofs to protect user identity privacy, allowing users to prove their identity without disclosing sensitive information), the aforementioned issues are largely alleviated. However, the next point to discuss is a less mentioned one: there are still some problems that not only remain unresolved but may become more severe due to the strict limitation of "one person, one identification" in such schemes.
zk-SNARKs itself cannot achieve anonymity
Assuming a zk-SNARKs identification (ZK-identity) platform operates exactly as expected, strictly replicating all the logic mentioned above, and has even found a way to protect non-technical users' private information in the long term without relying on centralized entities. However, at the same time, we can make a realistic assumption: applications will not actively cooperate with privacy protection; they will adhere to the principle of "pragmatism," and the design solutions they adopt, while claiming to "maximize user convenience," seem to always lean towards their own political and commercial interests.
In such scenarios, social media applications do not adopt complex designs like frequently rotating session keys, but instead assign each user a unique application-specific ID. Furthermore, since the identification system follows the "one person, one identity" rule, users can only have one account (which contrasts with the current "weak ID" scenario, such as Google accounts, where an ordinary person can easily register about five). In the real world, achieving anonymity often requires multiple accounts: one for "regular identity" and others for various anonymous identities (see "finsta and rinsta"). Therefore, in this model, the anonymity that users can actually achieve is likely to be lower than the current level. Thus, even a "one person, one identity" system wrapped in zk-SNARKs may gradually lead us towards a world where all activities must be tied to a single public identity. In an era where risks are increasingly heightened (such as drone surveillance, etc.), depriving people of the choice to protect themselves through anonymity will have serious negative consequences.
zk-SNARKs cannot protect you from coercion.
Even if you do not disclose your secret value s, no one can see the public associations between your accounts. But what if someone forces you to disclose it? The government may compel you to reveal your secret value in order to view all your activities. This is not just talk: the U.S. government has begun requiring visa applicants to disclose their social media accounts. Furthermore, employers can easily set the disclosure of complete public information as a condition of employment. In fact, certain applications at a technical level may also require users to disclose their identification on other applications in order to register (using app login defaults to this action).
Similarly, in these cases, the value of the zk-SNARKs attribute is completely lost, but the drawbacks of the "one person one account" new attribute still exist.
We may be able to reduce coercion risks through design optimization: for example, by using a multi-party computation mechanism to generate a unique ID for each application, allowing users to participate alongside service providers. This way, without the involvement of the application operator, users cannot prove their unique ID within that application. This increases the difficulty of forcing others to disclose their complete identification, but it does not eliminate this possibility entirely, and such solutions also have other drawbacks, such as requiring application developers to be active entities in real-time, rather than being passive on-chain smart contracts (which do not require continuous intervention).
zk-SNARKs cannot solve non-privacy-related risks by themselves.
All forms of identification have edge cases:
These edge cases pose the greatest threat in systems attempting to maintain the "one person, one identification" attribute, and they have no relation to privacy. Therefore, zk-SNARKs are powerless in this regard.
Relying on "wealth proofs" to prevent Sybil attacks is not sufficient to solve the problem, so we need some form of identification system.
In pure cypherpunk communities, a common alternative is to completely rely on "proof of wealth" to guard against Sybil attacks, rather than building any form of identification system. By requiring each account to incur a certain cost, it can prevent individuals from easily creating a large number of accounts. This practice has precedents on the internet; for example, the Somethingawful forum requires a one-time fee of $10 to register an account, which is non-refundable if the account is banned. However, this is not truly a cryptoeconomic model in practice, as the biggest barrier to creating new accounts is not paying the $10 again, but obtaining a new credit card.
In theory, it is even possible to make payments conditional: when registering an account, you only need to stake a certain amount of funds, and you will only lose this amount in the rare case that the account is banned. Theoretically, this can significantly increase the cost of attacks.
This approach has shown remarkable results in many scenarios, but it completely fails in certain types of situations. I will focus on two categories of scenarios, tentatively referred to as "UBI-like scenarios" and "governance-like scenarios."
In scenarios similar to Universal Basic Income (UBI-like), the demand for identification.
The so-called "quasi-universal basic income scenario" refers to a situation where a certain amount of assets or services is distributed to a very broad (ideally, the entire) user group without considering their payment capability. Worldcoin systematically practices this: anyone with a World ID can regularly receive a small amount of WLD tokens. Many token airdrops also achieve similar goals in a more informal way, attempting to get at least some tokens into the hands of as many users as possible.
Personally, I don't think the value of such tokens can reach a level sufficient to sustain a living. In an AI-driven economy with wealth scales reaching current thousands of times, these tokens might have the value to sustain a living; however, even then, government-led projects backed by natural resource wealth will still hold a more important position economically. Nevertheless, I believe that these "mini-UBIs" can effectively solve the problem of providing people with a sufficient amount of cryptocurrency to complete some basic on-chain transactions and online purchases. Specific examples might include:
If cryptocurrencies are widely adopted globally, this issue will no longer exist. However, in the current situation where cryptocurrencies are not yet popular, this may be the only way for people to access non-financial applications on the blockchain and related online goods and services, otherwise they may be completely unable to access these resources.
In addition, there is another way to achieve a similar effect, namely "universal basic services": providing every individual with identification the ability to send a limited number of free transactions within specific applications. This approach may align better with incentive mechanisms and be more capital efficient, as each application benefiting from this adoption can do so without having to pay for non-users; however, this also comes with certain trade-offs, namely reduced universality (users can only ensure access to applications participating in the program). Nonetheless, a set of identification solutions is still required here to prevent the system from suffering from spam attacks, while avoiding exclusivity, which stems from requiring users to pay through some payment method that may not be accessible to everyone.
The last important category worth emphasizing is the "universal basic security deposit". One of the functions of identification is to provide a subject that can be used for accountability without requiring users to pledge funds equivalent to the scale of incentives. This also helps achieve a goal: reducing the reliance on personal capital for participation thresholds (even completely eliminating the need for any capital).
The demand for identification in governance-like scenarios
Imagine a voting system (such as likes and retweets on social media): if User A's resources are 10 times that of User B, then A's voting power will also be 10 times that of B. However, from an economic perspective, each unit of voting power brings A 10 times the benefit it brings B (because A has a larger scale, and any decision will have a more significant impact on its economic aspects). Therefore, overall, the benefits of A's vote to itself are 100 times the benefits of B's vote to itself. This is why we find that A will invest much more effort into participating in voting, researching how to vote to maximize its own goals, and may even strategically manipulate the algorithm. This is also the fundamental reason why "whales" can have excessive influence in token voting mechanisms.
![]###https://img-cdn.gateio.im/webp-social/moments-be73e449f58d5c4bbec29d68a2d9413b.webp(
The more universal and deeper reason lies in the fact that governance systems should not assign equal weight to "one person controlling $100,000" and "1,000 people jointly holding $100,000." The latter represents 1,000 independent individuals, thus containing richer valuable information, rather than the high redundancy of small volume information. Signals from 1,000 people are also often more "moderate," as the opinions of different individuals tend to offset each other.
![])https://img-cdn.gateio.im/webp-social/moments-bf3d1a50105d2293731706efd76985f6.webp(
This applies both to formal voting systems and to "informal voting systems", such as people's ability to participate in cultural evolution through public expression.
This indicates that governance-like systems will not truly be satisfied with the practice of treating "funds of equal scale equally, regardless of their source." The system actually needs to understand the internal coordination level of these funds.
It should be noted that if you agree with my descriptive framework for the two types of scenarios (the universal basic income scenario and the governance scenario), then from a technical perspective, the need for a clear rule like "one person, one vote" no longer exists.
In these two scenarios, identification is still very useful, but the strict requirement of "one person, one identification" no longer exists.
The theoretically ideal state is: the cost of obtaining N identifications is N²
From the above argument, we can see that there are two pressures from opposite ends limiting the expected difficulty of obtaining multiple identifications in the identity system:
First of all, there should not be a clear and visible hard limit on the "number of identities that can be easily obtained." If a person can only have one identity, anonymity is out of the question, and they may be coerced into revealing their identification. In fact, even a fixed number greater than 1 poses risks: if everyone knows that each person has 5 identities, then you may be coerced into revealing all 5.
Another reason to support this point is that anonymity itself is very fragile, thus requiring a sufficiently large security buffer. With modern AI tools, cross-platform association of user behavior has become effortless; by using publicly available information such as word habits, posting times, posting intervals, and discussion topics, it only takes 33 bits of information to accurately pinpoint a person. People may be able to defend themselves using AI tools (for example, when I anonymously posted content, I first wrote it in French and then translated it into English using a locally run large language model), but even so, one mistake should not completely end one's anonymity.
Secondly, identification cannot be completely tied to finances (i.e., the cost of obtaining N identifications is N), as this would allow large entities to easily gain excessive influence (which would lead to small entities completely losing their voice). The new mechanism of Twitter Blue reflects this: the monthly certification fee of 8 dollars is too low to effectively restrict abuse, and users have basically come to ignore this certification mark.
Moreover, we might also not want a subject with N times the resources to be able to recklessly engage in N times the misconduct.
In summary, we hope to acquire multiple identifications as easily as possible under the following constraints: (1) to limit the power of large entities in governance-like applications; (2) to restrict abuse in universal basic income-like applications.
If we directly refer to the mathematical model of governance applications mentioned earlier, we will arrive at a clear answer: if having N identifications brings an influence of N², then the cost of obtaining N identifications should be N². Coincidentally, this answer is also applicable to applications similar to universal basic income.
![])https://img-cdn.gateio.im/webp-social/moments-9712d78726c208d41476aca5439dea57.webp(
Old readers of this blog may notice that this is completely consistent with the chart in an earlier blog post about "quadratic funding"; this is not a coincidence.
Pluralistic identity system can achieve this ideal state.
The so-called "multi-identity system" refers to an identity mechanism that does not have a single dominant issuing authority, whether that authority is an individual, organization, or platform. This system can be realized in two ways:
![])https://img-cdn.gateio.im/webp-social/moments-8ae320cdbf0bf8ed3402f2fca93f5312.webp(
The latest snapshot of the Circles identification graph. Circles is currently one of the largest identity projects based on social graphs.
The explicit multiple identities naturally possess anonymity: you can have an anonymous identity (or even multiple ones), and each identity can build a reputation in the community through its own actions. An ideal explicit multiple identity system may not even require the concept of "discrete identities"; instead, you might have a fuzzy set composed of verifiable past behaviors, and be able to prove different parts of it in a refined manner based on the needs of each action.
zk-SNARKs will make anonymity easier to achieve: you can use your main identification to initiate an anonymous identity, gaining recognition for the new anonymous identity by privately providing the first signal (for example, by using zk-SNARKs to prove that you hold a certain number of tokens, allowing you to post content on anon.world; or by using zk-SNARKs to prove that your Twitter followers have certain characteristics). There may be more effective ways to use zk-SNARKs.
The "cost curve" of latent multiple identifications is steeper than a quadratic curve, but still possesses most of the required characteristics. Most individuals have some forms of identity listed in this article, rather than all of them. You can obtain another form of identity with some effort, but the more forms of identity you possess, the lower the cost-benefit ratio for obtaining the next one becomes. Therefore, it provides necessary deterrence against governance attacks and other abusive behaviors, while ensuring that coercers cannot demand (and cannot reasonably expect) you to disclose a fixed set of identities.
Any form of multi-identity system (whether implicit or explicit) inherently has stronger fault tolerance: a person with a hand or eye disability may still hold a passport, and stateless individuals may still prove their identification through certain non-governmental channels.
It is important to note that if the market share of a certain form of identification approaches 100% and becomes the only login option, the aforementioned characteristics will become invalid. In my opinion, this is the greatest risk that identification systems that overly pursue "universality" may face: once their market share approaches 100%, it will push the world from a diversified identification system to a "one person, one identification" model, which, as discussed in this article, has many disadvantages.
In my opinion, the ideal outcome of the current "one person, one identification" project is to integrate with the identity system based on social graphs. The biggest challenge faced by identity projects based on social graphs is the difficulty of scaling to a massive number of users. The "one person, one identification" system can be used to provide initial support for the social graph, creating millions of "seed users". By that time, the number of users will be sufficient to safely develop a globally distributed social graph from this foundation.