This article provides insufficient context for those unfamiliar with the subject. Please help improve the article by providing more context for the reader. (March 2022) (Learn how and when to remove this template message)

Proof of personhood (PoP) is a means of resisting malicious attacks on peer to peer networks, particularly, attacks that utilize multiple fake identities, otherwise known as a Sybil attack. Decentralized online platforms are particularly vulnerable to such attacks by their very nature, as notionally democratic and responsive to large voting blocks. PoP is a resistance method for permissionless consensus, in which each unique human participant obtains one equal unit of voting power and associated rewards. In contrast with proof of work, proof of stake, and other approaches that confer voting power and rewards in a blockchain or cryptocurrency proportionately to a participant's investment in some activity or resource, proof of personhood aims to guarantee each unique human participant an equal amount of voting power and rewards, independent of economic investment.


The problem of Sybil attacks using many virtual identities has been recognized for decades as a fundamental challenge for distributed systems that expect each human user to have only one account or identity.[1] CAPTCHAs attempt to rate-limit automated Sybil attacks by using automated Turing tests to distinguish humans from machines creating accounts or requesting services. Even when successful in this goal, however, CAPTCHAs allow one human to obtain multiple accounts or shares of a resource simply by solving multiple CAPTCHAs in succession, and thus do not satisfy the one-per-person goal in proof of personhood.[citation needed]

Distributed systems could require users to authenticate using strong identities verified by a government or trusted third party, using an identity verification service or self-sovereign identity system for example, but strong identification requirements conflict with the privacy, anonymity, and low barrier to entry goals widely valued in permissionless blockchains and cryptocurrencies. One early approach proposed to create anonymous but one-per-person credentials for use in distributed systems is pseudonym parties, in which participants gather periodically at in-person events and leverage the fact that humans can physically be in only one place at a time.[2]

In 2014, Vitalik Buterin proposed the problem of creating a "unique identity system" for cryptocurrencies, which would give each human user one and only one anti-Sybil participation token.[3] The first published work using the term proof of personhood was in 2017, proposing an approach based on pseudonym parties.[4]


A variety of approaches to implementing proof of personhood have been proposed, some in experimental deployment.[5]

In-person events

The approach originally proposed by Borge et al. was to use in-person pseudonym parties as a basis to create anonymous one-per-person tokens periodically without requiring any form of identity verification.[2][4] The encointer project adapts this approach by asking participants to meet in small groups simultaneously at randomly-chosen places, to verify each other's physical presence.[6]

One drawback of this approach is the inconvenience to participants of going to designated physical locations at specific times, especially for participants with conflicting responsibilities at those times. Another issue is the challenge of organizing federated pseudonym parties in multiple locations simultaneously while allowing each group to verify that all other groups are organized honestly without inflating the number of digital credentials they issue.[citation needed]

Social networks

Another approach, related to the PGP Web of Trust, relies on users forming a social network to verify and attest to each other's identities.[7] UniqueID incorporates biometric verification into the social network approach.[8]

One criticism of the social network approach is that there is no straightforward way for a participant to verify that a social connection has not created other Sybil identities connected to and verified by other, disjoint sets of social contacts. A related challenge is that Sybil detection based on graph analysis make certain assumptions about the behavior of a Sybil attacker, and it is not clear that real-world social networks satisfy these assumptions.[9] Finally, graph-based Sybil detection algorithms tend to be able to detect only large, densely-clustered groups of Sybil nodes in a social network, leaving small-scale attacks difficult or impossible to distinguish by graph structure alone from legitimate users' connectivity structures.[citation needed]

Strong identities

Another approach requires participants to have verified identities, but to hide or anonymize those identities in subsequent use. One criticism of this approach is the privacy and surveillance risks inherent in such databases, especially biometric databases, and the level of trust users must place in the verification service for both Sybil protection and privacy of their identity information. Other critics highlight that facial recognition systems fail on a global scale due to insufficient facial entropy.[citation needed]

Decentralized cryptographic protocols have been proposed to create Sybil-resistant pseudonyms from strong identities without trusting a single verifier party. For example, cryptographic protocols have been proposed based on federated social media identities,[10] or government-issued identities.[11]

Even with decentralized privacy protections, a criticism of this approach is the inconvenience and cost to users of verifying strong identities, and the risk of potential exclusion of users who do not readily have or cannot afford the requisite identity documents, are reluctant to participate due to privacy and surveillance concerns, or are wrongly excluded by errors in biometric tests.[12]


To resolve the security concerns over using biometrics for proof of human existence, only encrypting the biometrics data through cryptographic models isn't enough. For this purpose, a new technique is proposed to use homomorphic encryption along with zero-knowledge proof to encrypt biometrics data in a way that original biometrics data never leaves the device of the user. Instead, the decentralized network is provided only with the relevant information to verify if a person is a real human being through liveness detection and is registered on a network.[citation needed]

Online Turing tests

Another proposed class of approach extends the CAPTCHA principle of using Turing tests to the unique human verification problem. The Idena network, for example, assigns participants to verify each other using flip tests.[13] Criticisms of this approach include the inconvenience to users of solving Turing tests, and whether artificial intelligence and deepfake technologies will soon be able to solve such tests automatically or convince real participants that a synthetic user is human during a verification interaction.[citation needed]

Use cases

One proposed use for proof of personhood is to ensure that voting power in permissionless consensus algorithms is widely distributed,[4] and to avoid the re-centralization that has been observed in proof of work mining pools,[14] and predicted in proof of stake systems.[15]

Another proposed use is to facilitate democratic governance in decentralized online systems, including blockchains and cryptocurrencies, that wish to enforce a "one person, one vote" rule.[16]

See also


  1. ^ Douceur, John R (2002). "The Sybil Attack". Peer-to-Peer Systems. Lecture Notes in Computer Science. Vol. 2429. pp. 251–60. doi:10.1007/3-540-45748-8_24. ISBN 978-3-540-44179-3.
  2. ^ a b Ford, Bryan; Strauss, Jacob (1 April 2008). An Offline Foundation for Online Accountable Pseudonyms. 1st Workshop on Social Network Systems - SocialNets '08. pp. 31–6. doi:10.1145/1435497.1435503. ISBN 978-1-60558-124-8.
  3. ^ Buterin, Vitalik (25 Aug 2014). "Problems". GitHub.
  4. ^ a b c Maria Borge, Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Bryan Ford (29 April 2017). Proof-of-Personhood: Redemocratizing Permissionless Cryptocurrencies. IEEE Security & Privacy on the Blockchain (IEEE S&B). doi:10.1109/EuroSPW.2017.46.((cite conference)): CS1 maint: uses authors parameter (link)
  5. ^ Divya Siddarth, Sergey Ivliev, Santiago Siri, Paula Berman (13 Oct 2020). "Who Watches the Watchmen? A Review of Subjective Approaches for Sybil-resistance in Proof of Personhood Protocols". arXiv:2008.05300 [cs.CR].((cite arxiv)): CS1 maint: uses authors parameter (link)
  6. ^ Brenzikofer, Alain (14 January 2020). "encointer - An Ecological, Egalitarian and Private Cryptocurrency and Self-Sovereign Identity System" (PDF). GitHub.
  7. ^ Gal Shahaf, Ehud Shapiro, Nimrod Talmon (October 2020). Genuine Personal Identifiers and Mutual Sureties for Sybil-Resilient Community Growth. International Conference on Social Informatics. doi:10.1007/978-3-030-60975-7_24.((cite conference)): CS1 maint: uses authors parameter (link)
  8. ^ Mohammad-Javad Hajialikhani, Mohammad-Mahdi Jahanara (20 June 2018). "UniqueID: Decentralized Proof-of-Unique-Human". arXiv:1806.07583 [cs.CR].((cite arxiv)): CS1 maint: uses authors parameter (link)
  9. ^ Bimal Viswanath, Ansley Post, Krishna Phani Gummadi, and Alan E Mislove (August 2010). "An analysis of social network-based Sybil defenses". ACM SIGCOMM Computer Communication Review. 40 (4): 363–374. doi:10.1145/1851275.1851226.((cite journal)): CS1 maint: uses authors parameter (link)
  10. ^ John Maheswaran, Daniel Jackowitz, Ennan Zhai, David Isaac Wolinsky, and Bryan Ford (9 March 2016). Building Privacy-Preserving Cryptographic Credentials from Federated Online Identities (PDF). 6th ACM Conference on Data and Application Security and Privacy (CODASPY).((cite conference)): CS1 maint: uses authors parameter (link)
  11. ^ Deepak Maram, Harjasleen Malvai, Fan Zhang, Nerla Jean-Louis, Alexander Frolov, Tyler Kell, Tyrone Lobban, Christine Moy, Ari Juels, Andrew Miller (28 Sep 2020). "CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability" (PDF).((cite web)): CS1 maint: uses authors parameter (link)
  12. ^ Dixon, Pam (14 June 2017). "A Failure to "Do No Harm" -- India's Aadhaar biometric ID program and its inability to protect privacy in relation to measures in Europe and the U.S." Health and Technology. 7 (4): 539–567. doi:10.1007/s12553-017-0202-6. PMC 5741784. PMID 29308348. S2CID 8874699.
  13. ^ Idena. "How Idena works". Retrieved 29 August 2021.
  14. ^ Vorick, David (13 May 2018). "The State of Cryptocurrency Mining".
  15. ^ Giulia Fanti, Leonid Kogan, Sewoong Oh, Kathleen Ruan, Pramod Viswanath, and Gerui Wang (18 February 2019). Compounding of Wealth in Proof-of-Stake Cryptocurrencies (PDF). Financial Cryptography 2019.((cite conference)): CS1 maint: uses authors parameter (link)
  16. ^ Ford, Bryan (December 2020). "Technologizing Democracy or Democratizing Technology? A Layered-Architecture Perspective on Potentials and Challenges". In Lucy Bernholz; Hélène Landemore; Rob Reich (eds.). Digital Technology and Democratic Theory. University of Chicago Press. ISBN 9780226748573.