We are building Sybil-resistance using private crypto biometrics for the past 4 years. We believe we can explore synergies and see if we could integrate in any way on or off chain.
We recently deployed cross chain biomapper, a dapp that binds any wallet addresses to an private unique individual (non KYC, no personally identifiable data collected) Soon, with Axelar integration we can go to EVM and non EVM chains. Do you think we can have a chat?
Not sure how much you know about CKB, it’s a generalized UTXO based chain with a RISC-V VM which can support any cryptography. There is an identity solution deployed https://d.id which you might be interested in. I can drop some links, let me know what interests you!
Your project seems interesting but quite novel, it will be good to understand more. If you’ll entertain a few questions I think it will help to steer us.
Is the ownership of HMND absoloutely necessary to utilze the product? This could be a significant adoption impediment.
Would Axelar support be needed on CKB to utilize your project?
What are the details around users having to periodically repeat the attestation process? Has it seemed burdensome to them?
I couldn’t find any information about the Confidential Virtual Machine (CVM), anything you can share?
Appreciate your fast response, would be happy to answer your questions.
Firstly I had a look at D.id and would love to connect with their team if that would be something you could help me with. Altough we are very different, they are an Identity solution based on ‘‘a fee’’, not having any kind of Sybil-resistance, from what I understand anyone can mint as many ID’s as he wants as long as he pays the $ value of the DID. Cool, but not Sybil-resistant, altough we could help them provide private biometrics as alternative for having 1 human 1 ID use case.
Now coming back to your questions:
Not after Axelar/Squid integration which is in the works (1month eta) users will be able to pay the fee in any token really.
Yes and No, depending if we go for an onchain solution then yes, but we also have off chain solutions like Discord/Telegram integrations (these are absolutely free of costs, no payments needed for anything and no devs efforts to integrate)
We reset our CVM’s every 6 months to be compliant with all regulations and also to make tech updates as per biometric provider updates, these are critical to maintain high accuracy, safety and integrity of service.
Here is about our CVM’s, but if you need the data flow/protection in Humanode services like Biomapper/Botbasher I can certainly guide you to those also. https://cvm.humanode.io/
Let me know if the above answered your questions and if you think we can connect further
Hey @fares, nice to meet you!! Could you provide the documentation to explain in the specific how your protocol implements the transformation of a face into an ID?
For users to get verified, two components are required: an anonymized 3D face template and liveness data. The Confidential Computing servers compare the newly arrived encrypted and anonymized 3D face templates against those already registered in the system in such a way that before sending the already encrypted data to memory for processing, it is encrypted again for protection from physical attacks.
As for the liveness data, it is timestamped and immediately deleted after verifying that the user is an actual live human being, not a facemask, photograph, or a deep fake.
Data storage: Once the data is authenticated, the encrypted and anonymized 3D face template is saved on the Confidential virtual machine (VM), and a random string is generated, which is hashed to create a Biotoken that will be mapped to the EMV address inside a smart contract.
If you are so kind to entertain my curiosity, let me ask a couple more questions:
Anonymized 3D face template does not sounds the best for privacy, right? Remids me of when companies told me that my data is collected in a anonymized way, but then motivated researchers can deanonymize easily enough this data. Have you considered just storing the hash of these Anonymized 3D face templates?
From friends that work as Security Researchers, my trust of hardware-based private conclaves is pretty low to be honest. What’s the status on Homomorphic Encryption?
Given 2, at the moment Humanode is server based, so for now at least it cannot be truly decentralized and open-source, right? What happens to Humanode-based applications when Humanode was to cease to exists? (For example due to Legalpersecution due to unsanctioned collection of biometric data or not enough traction to to justify Humanode development/maintenace …)
Because biometrics are probabilistic not deterministic, there could be multiple hashes generated for the same face in different occasions. also because the biometric updates there can be different hashes generated. If you hash biometrics you cannot update/change the core mechanics of the model.
Ideally before we cease to exist, validators would be able to launch biometrics servers themselves from multiple biometric providers(in the future), but for now, we could just lock the validator set and the applications will continue to run on the validators we have at the moment.
Let me know if there’s anything else
Fares,
Humanode