Bitcoin Forum
November 24, 2017, 04:25:26 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Proof of Person?  (Read 930 times)
ulhaq
Sr. Member
****
Offline Offline

Activity: 265


View Profile
March 01, 2017, 04:18:59 AM
 #1

Proof of stake and proof of work are based on decentralization, a hallmark of cryptocurrency, but both of these have the undesirable consequence of leading to possible centralization. With proof of work we see the development of large mining pools, eventually a possibility that a cooperation will result in 51%. Proof of stake seems to have an advantage of being greener, but it results in the rich getting richer and eventually, even if in hundreds of years, one party would attain 51%. Even in advance of that date, the currency could become unstable in anticipation of it. In current currency today, we see that 1% of Americans own >40% of the wealth. A consensus mechanism is necessary, but what cryptocurrency seems to want, with PoS and PoW being proxies, is 51% voting rights with proof of person. This would seem to solve several difficulties with cryptocurrency and create a very strong base. This does not have to be connected in any way to distribution, although it could. Proof of person/identity has been discussed at length in other threads:

https://www.reddit.com/r/CryptoUBI/comments/2v2gi6/proof_of_identityproof_of_person_the_elephant_in/
https://www.maidsafe.org/t/proof-of-unique-human/167

If this could be done (which is technically difficult), wouldn't it solve problems of centralization while maintaining anonymity and other features, as well as being superior to PoS and PoW? What would be drawbacks of such a system?
1511497526
Hero Member
*
Offline Offline

Posts: 1511497526

View Profile Personal Message (Offline)

Ignore
1511497526
Reply with quote  #2

1511497526
Report to moderator
1511497526
Hero Member
*
Offline Offline

Posts: 1511497526

View Profile Personal Message (Offline)

Ignore
1511497526
Reply with quote  #2

1511497526
Report to moderator
Join ICO Now A blockchain platform for effective freelancing
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511497526
Hero Member
*
Offline Offline

Posts: 1511497526

View Profile Personal Message (Offline)

Ignore
1511497526
Reply with quote  #2

1511497526
Report to moderator
irukandji
Sr. Member
****
Offline Offline

Activity: 378



View Profile
March 01, 2017, 04:30:39 AM
 #2

I'm not sure if i really understand this, but here is another interesting use of a blockchain involving one account per person.

https://voteflux.org/

lerryne
Newbie
*
Offline Offline

Activity: 12


View Profile
March 01, 2017, 07:09:31 AM
 #3

Interesting idea, but i don't think it will work.
buwaytress
Sr. Member
****
Offline Offline

Activity: 448


I bit, therefore I am


View Profile
March 01, 2017, 08:46:26 AM
 #4

Interesting concept, especially given that in real world social science, the individual is much more difficult to predict once singled out of the group. It could be technically more complex to implement but that to me seems more of a one-time hurdle. At the moment, simple steps like unique email/phone verification can be bypassed easily.

What about borrowing once more from the real world? Biometrics. I would rather give out my unique fingerprint for verification than a passport or ID card, for example.

mummybtc
Sr. Member
****
Offline Offline

Activity: 462



View Profile
March 01, 2017, 09:01:23 AM
 #5

Proof of person? um Interesting

           ▄▄▄▄▄▄▄▄▄▄▄▄
       ▄▄█▀▀ ▄▄▄▄▄▄▄▄▄ ▀▀█▄▄
     ▄█▀ ▄▄█████████████▄▄ ▀█▄

    █▀ ▄███████▀   ▀███████▄ ▀█
   █ ▄████████▀     ▀████████▄ █
  █ ▄████████▀       ▀████████▄ █

 █ ▄████████▀    █    ▀████████▄ █
▄▀▄█████        ▄█▄        █████▄▀▄
█ ██████▀▀▀     ███     ▀▀▀██████ █

█ ██████▄▄     ▄███▄     ▄▄██████ █
█ ███████▀     ▀▀▀▀▀     ▀███████ █
▀▄▀█████▀                 ▀█████▀▄▀

 █ ▀███▀      ▄▄▄▄▄▄▄      ▀███▀ █
  █ ▀██      █████████      ██▀ █
   █ ▀██▄  ▄███████████▄  ▄██▀ █

    █▄ ▀███████████████████▀ ▄█
     ▀█▄ ▀▀█████████████▀▀ ▄█▀

       ▀▀█▄▄ ▀▀▀▀▀▀▀▀▀ ▄▄█▀▀
           ▀▀▀▀▀▀▀▀▀▀▀▀▀
AppCoins










[.
WHITEPAPER
][.
CROWDSALE
]
iamnotback
Sr. Member
****
Offline Offline

Activity: 336



View Profile
March 01, 2017, 09:16:30 AM
 #6

One of the big problems is that bots will trick users into doing the identification on behalf of the attacker bot:

https://safenetforum.org/t/proof-of-unique-human/167/231

I already wrote about the possibility of proving objectively that a video is a unique human and the EER rates (false positives vs. negatives) are too high to do it automated:

HumanIQ has a technically flawed design?

Please check my analysis. Did I misunderstand something in their design or in my quick research below?

Re: ☑ [ANN] ☰  [ ICO 06|04|2017 ] ☰ Humaniq — Discover the unbanked

Regarding the upthread post wherein I alleged that Ethereum can't scale (and tangentially I also alleged smart contracts on a Turing-complete blockchain are another DAO attack waiting to happen), I was asked to provide some more details.

(Additionally I have recently explained that the 10s (coming to 100s?) of ICOs being launched every year now because of this Ethereum smart contract nonsense which enables rapid prototyping of 1000s of hair-brained ideas that will probably never achieve any serious adoption, because again Ethereum can't scale and another smart contract attack means all smart contracts become untrustable, means we likely have a coming ICO graveyard where our ecosystem has died. Thanks to greedy developers who want to cash out after making a fancy presentation and thus don't develop first and launch without an ICO and really don't have much incentive to develop anything at all after they raise $millions to party with, especially young guys who have a lot of energy for conferences, dinners, parties, fancy hotels, etc.. What happened to my generation of startups where we developed them from our bedroom while living at our parents' hose.

The low marginal cost of preparing the snazzy website, whitepaper and perhaps even a barely functional smart contract demo is minimal, perhaps < $5000 or even less. Yet these ICOs can easily raise 100s or 1000s of BTC. So the supply of ICOs rises to meet the demand from gullible speculators who all "want to buy earlier than each other" so they all end up buying ICOs, thus none of them buy earlier than each other and the ICO developers walk away with the Bitcoins and the speculators will be left penniless in the coming ICO oversupply graveyard because all the demand will have been transferred to ICO developers who don't buy in the aftermarket.)



NEW PROBLEM!

There is also an inconsistency in the HumanIQ design as expressed on pages 6 and 19-22 in the white paper and the wallet features section of the website.

Firstly, you claim that users will only need to use their face and voice and do not need to deal with passwords. But then you tie the user to one device and also to signing keys stored on their mobile device. So if that mobile device is lost, stolen, or accessed even momentarily by a hacker (even if they just extract the keys and device ID perhaps even remotely and don't perform the attack over the user's mobile device), then the attacker only needs to fool the face and video identification system in order to steal the user's funds. They could for example exchange them for Bitcoin and be gone.

Face and video identification systems are theoretically reasonably easy to fool with synthetic methods, and I expect that to be true even against automated challenge-response:

https://engineering.cmu.edu/media/feature/2016/12_01_facial_recognition_eyeglasses.html
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.461.7360&rep=rep1&type=pdf#page=6 (see Figure 9)

Secondly, if user loses his device he has lost his keys. So the only way those keys could be recovered (again meeting your requirement that users don't have to ever mess with keys or store them in a paper wallet) is if some centralized service is storing the keys and can perform a recovery process that identifies the user. But again the attacker can game this recovery process, perhaps unless it is administered by a real human interrogator. And the centralized service becomes a huge attack surface for a hacker to steal all the users' keys (Bitcoin exchange failures show it is a serious risk). And of course as you admit on page 20 of your whitepaper, then it means the biometric identification is not decentralized on the blockchain, but a centralized service. Centralized blockchain concepts will never scale out. The world won't trust a system that depends on one centralized service. Sorry.

HumanIQ is ostensibly obviously lacking the skills of a qualified, experienced CTO on its team. Afaics, the HumanIQ design is irreparably/insolubly flawed and has apparently not been properly vetted by an appropriately skilled technical person.

Note it is possible to utilize face and voice biometrics stored on a blockchain to prove that the users are all unique within the false positive tolerance of multimodal biometric identification, e.g. perhaps to within a few percent false positive rate for synthetic attacks (at current state-of-the-art) and even better if supplemented with real human interrogation (which would be retroactively objectively verifiable from the blockchain data in the future as the state-of-the-art advances). But for automated logins and identification of users ongoing usage of the system, the false positive rate is currently too high because it would be the theft rate. I suppose you were looking at service providers such as the following and just assumed the EER rates were acceptable without reading the research:

https://www.onefacein.com/faq.html
http://www.voicetrust.com/solutions/voice-login/
https://playground.bioid.com/BioIDWebService/LiveDetection
https://www.keylemon.com/oasis
https://www.quora.com/What-are-the-best-face-detection-APIs/answer/Ben-Virdee-Chapman

So I also do not understand why the white paper implies we can't store a (hash of a) video on a blockchain. Surely we can.

Please do point out any misunderstanding or mistake I have made in my analysis.



Note that although via deep learning of deep neural nets the state-of-the-art research on face recognition accuracy has reached as high as 99% (and do look at how close to indistinguishable the errors were even to a human observer such as yourself) and state-of-the-art research on voice identification has reached as high as ~1% EER (i.e. roughly 1% false positive with a 1% false negative if compared to a 2.33% EER on page 5), these performance figures do not include data sets where the attacker is trying to game the system. So refer to the links I provided above on synthetic attacks to get a better idea of the risk of theft with multimodal biometric face and voice identification. The state-of-the-art is advancing rapidly because a 2014 paper only cited a 7% EER, but the datasets and training criteria are not probably not comparable.

1% or even 0.1% rates of theft would still be unacceptable.
BitcoinNational
Legendary
*
Offline Offline

Activity: 1274



View Profile
March 01, 2017, 01:14:16 PM
 #7

PoP is this Platform.

.SPECTRE.                ▄▄███▄▄
            ▄▄███▀▀▀▀▀███▄▄
▄▄      ▄▄███▀▀ ▄▄███▄▄ ▀▀███▄▄      ▄▄
████▄▄  ▀▀▀ ▄▄███████████▄▄ ▀▀▀  ▄▄████
  ▀▀████▄    ▀▀█████████▀▀    ▄████▀▀
 ██▄▄ ▀██ █▄▄    ▀▀▀▀▀    ▄▄█ ██▀ ▄▄██
 ▀▀███ ██ █████▄       ▄█████ ██ ███▀▀
      ██ ███████▄   ▄███████ ██
       ██ ████████   ████████ ██
       ██▄▄ ▀▀████   ████▀▀ ▄▄██
        ▀▀███▄▄ ▀▀   ▀▀ ▄▄███▀▀
            ▀▀███▄▄▄▄▄███▀▀
                ▀▀███▀▀
             │
     │      ███
     │      ███
    │     ███
███  │     ███
███ ███ ███ ███
███ ███ ███ ███
███ ███ ███ ███
███ ███ ███ ███
███ ███     │
███ ███     │
    │
 
▬▬     WHITEPAPER    ▬▬
FACEBOOK     TELEGRAM
TWITTER     SLACK     MEDIUM
.
PRE-SALE.
PUBLIC SALE.
ulhaq
Sr. Member
****
Offline Offline

Activity: 265


View Profile
March 01, 2017, 09:31:54 PM
 #8

My question was not whether it is technically feasible. If proof of person (but not identity - in other words, maintaining anonymity) was achievable, then would it be superior to PoW and PoS in that a 51% majority (to make any changes to the currency) based on individuals is superior to basing it on mining power or holdings? Not only does it permanently obviate centrality, but quality of decisions related to the currency should be higher over the long-term compared to other methods. Would it solve other problems in cryptocurrency? Would there be any major drawbacks?

There is also proof of importance (PoI), but this has drawbacks of gaming the system by individuals making transactions with themselves, or will benefit banks/exchanges who at baseline have high volume of exchange. If weighting based on individual's importance in the economy or interacting with other users, it also incentivizes behavior that is not necessarily economically ideal, nor from a currency standpoint, which should be neutral.
iamnotback
Sr. Member
****
Offline Offline

Activity: 336



View Profile
March 01, 2017, 09:34:33 PM
 #9

Not only does it permanently obviate centrality

Incorrect. People can lease themselves to a whale.
BitcoinNational
Legendary
*
Offline Offline

Activity: 1274



View Profile
March 02, 2017, 11:17:00 PM
 #10

wow! big idea here.
I would suggest TALK ... https://bitcointalk.org ... is a source root.

.SPECTRE.                ▄▄███▄▄
            ▄▄███▀▀▀▀▀███▄▄
▄▄      ▄▄███▀▀ ▄▄███▄▄ ▀▀███▄▄      ▄▄
████▄▄  ▀▀▀ ▄▄███████████▄▄ ▀▀▀  ▄▄████
  ▀▀████▄    ▀▀█████████▀▀    ▄████▀▀
 ██▄▄ ▀██ █▄▄    ▀▀▀▀▀    ▄▄█ ██▀ ▄▄██
 ▀▀███ ██ █████▄       ▄█████ ██ ███▀▀
      ██ ███████▄   ▄███████ ██
       ██ ████████   ████████ ██
       ██▄▄ ▀▀████   ████▀▀ ▄▄██
        ▀▀███▄▄ ▀▀   ▀▀ ▄▄███▀▀
            ▀▀███▄▄▄▄▄███▀▀
                ▀▀███▀▀
             │
     │      ███
     │      ███
    │     ███
███  │     ███
███ ███ ███ ███
███ ███ ███ ███
███ ███ ███ ███
███ ███ ███ ███
███ ███     │
███ ███     │
    │
 
▬▬     WHITEPAPER    ▬▬
FACEBOOK     TELEGRAM
TWITTER     SLACK     MEDIUM
.
PRE-SALE.
PUBLIC SALE.
wajik-tempe
Sr. Member
****
Offline Offline

Activity: 294


"Proof-of-Asset Protocol"


View Profile
March 03, 2017, 01:23:56 AM
 #11

are you serious Proof of Person  Huh Huh

|
 
 
50
|
 




                       ▄
           ▄▄▄▄▄▄███████
▄▄▄▄█████  █████████████
█████████  █████████████
█████████  █████████████
█████████  █████████████
█████████  █████████████
█████████  █████████████

█████████  █████████████
█████████  █████████████
█████████  █████████████
█████████  █████████████
█████████  █████████████
▀▀▀▀█████  █████████████
           ▀▀▀▀▀▀███████
                       ▀
|
 
 
$1,5 M
|



        ▄▄▄█████████▄▄▄
      ▄█████▀▀███▀▀█████▄
    ▄███▀     ███     ▀███▄
   ████       ███       ████
  ███▀                   ▀███
 ███▀                     ▀███
▄██▀       █████████       ▀██▄
███                         ███
███        █████████        ███
███                         ███
▀██▄       █████████       ▄██▀
 ███▄                     ▄███
  ███▄                   ▄███
   ████       ███       ████
    ▀███▄     ███     ▄███▀
      ▀█████▄▄███▄▄█████▀
        ▀▀▀█████████▀▀▀
|
 
|
 
<>
<>
<>
<>
 
GITHUB
TWITTER
YOUTUBE
FACEBOOK
BitcoinNational
Legendary
*
Offline Offline

Activity: 1274



View Profile
March 03, 2017, 10:42:56 AM
 #12

digital money is eventually headed in that direction,
especially if you want democratic platforms.

.SPECTRE.                ▄▄███▄▄
            ▄▄███▀▀▀▀▀███▄▄
▄▄      ▄▄███▀▀ ▄▄███▄▄ ▀▀███▄▄      ▄▄
████▄▄  ▀▀▀ ▄▄███████████▄▄ ▀▀▀  ▄▄████
  ▀▀████▄    ▀▀█████████▀▀    ▄████▀▀
 ██▄▄ ▀██ █▄▄    ▀▀▀▀▀    ▄▄█ ██▀ ▄▄██
 ▀▀███ ██ █████▄       ▄█████ ██ ███▀▀
      ██ ███████▄   ▄███████ ██
       ██ ████████   ████████ ██
       ██▄▄ ▀▀████   ████▀▀ ▄▄██
        ▀▀███▄▄ ▀▀   ▀▀ ▄▄███▀▀
            ▀▀███▄▄▄▄▄███▀▀
                ▀▀███▀▀
             │
     │      ███
     │      ███
    │     ███
███  │     ███
███ ███ ███ ███
███ ███ ███ ███
███ ███ ███ ███
███ ███ ███ ███
███ ███     │
███ ███     │
    │
 
▬▬     WHITEPAPER    ▬▬
FACEBOOK     TELEGRAM
TWITTER     SLACK     MEDIUM
.
PRE-SALE.
PUBLIC SALE.
Ayers
Legendary
*
Offline Offline

Activity: 1204


★Bitvest.io★ Play Plinko or Invest!


View Profile
March 03, 2017, 10:59:22 AM
 #13

not a good idea and i don't like it as it destroy the anonimity of crypto, if you need to reveal your identity to carry the money on your private key(if i understood this correctly) it would fade away the pseudo anonimity fo bitcoin, or the 100% anonimity of monero, zcash, if applyed there, a really bad idea



.
.BITVEST DICE.
HAS BEEN RELEASED!


▄████████████████████▄
██████████████████████
██████████▀▀██████████
█████████░░░░█████████
██████████▄▄██████████
███████▀▀████▀▀███████
██████░░░░██░░░░██████
███████▄▄████▄▄███████
████▀▀████▀▀████▀▀████
███░░░░██░░░░██░░░░███
████▄▄████▄▄████▄▄████
██████████████████████

▀████████████████████▀
▄████████████████████▄
██████████████████████
█████▀▀█▀▀▀▀▀▀██▀▀████
█████░░░░░░░░░░░░░████
█████░░░░░░░░░░░░▄████
█████░░▄███▄░░░░██████
█████▄▄███▀░░░░▄██████
█████████░░░░░░███████
████████░░░░░░░███████
███████░░░░░░░░███████
███████▄▄▄▄▄▄▄▄███████

██████████████████████
▀████████████████████▀
▄████████████████████▄
███████████████▀▀▀▀▀▀▀
███████████▀▀▄▄█░░░░░█
█████████▀░░█████░░░░█
███████▀░░░░░████▀░░░▀
██████░░░░░░░░▀▄▄█████
█████░▄░░░░░▄██████▀▀█
████░████▄░███████░░░░
███░█████░█████████░░█
███░░░▀█░██████████░░█
███░░░░░░████▀▀██▀░░░░
███░░░░░░███░░░░░░░░░░

██░▄▄▄▄░████▄▄██▄░░░░
████████████▀▀▀▀▀▀▀██
█████████████░█▀▀▀█░███
██████████▀▀░█▀░░░▀█░▀▀
███████▀░▄▄█░█░░░░░█░█▄
████▀░▄▄████░▀█░░░█▀░██
███░▄████▀▀░▄░▀█░█▀░▄░▀
█▀░███▀▀▀░░███░▀█▀░███░
▀░███▀░░░░░████▄░▄████░
░███▀░░░░░░░█████████░░
░███░░░░░░░░░███████░░░
███▀░██░░░░░░▀░▄▄▄░▀░░░
███░██████▄▄░▄█████▄░▄▄

██░████████░███████░█
▄████████████████████▄
████████▀▀░░░▀▀███████
███▀▀░░░░░▄▄▄░░░░▀▀▀██
██░▀▀▄▄░░░▀▀▀░░░▄▄▀▀██
██░▄▄░░▀▀▄▄░▄▄▀▀░░░░██
██░▀▀░░░░░░█░░░░░██░██
██░░░▄▄░░░░█░██░░░░░██
██░░░▀▀░░░░█░░░░░░░░██
██░░░░░▄▄░░█░░░░░██░██
██▄░░░░▀▀░░█░██░░░░░██
█████▄▄░░░░█░░░░▄▄████
█████████▄▄█▄▄████████

▀████████████████████▀




Rainbot
Daily Quests
Faucet
BitcoinNational
Legendary
*
Offline Offline

Activity: 1274



View Profile
March 03, 2017, 01:20:37 PM
 #14

2 words
credit worthiness

ANON will be part of the system, but lending requires know facts, yet remaining anon and borrowing maybe possible given public worthiness facts.

Silkroad feature  credit worthiness/ratings and it was anon in principle.

.SPECTRE.                ▄▄███▄▄
            ▄▄███▀▀▀▀▀███▄▄
▄▄      ▄▄███▀▀ ▄▄███▄▄ ▀▀███▄▄      ▄▄
████▄▄  ▀▀▀ ▄▄███████████▄▄ ▀▀▀  ▄▄████
  ▀▀████▄    ▀▀█████████▀▀    ▄████▀▀
 ██▄▄ ▀██ █▄▄    ▀▀▀▀▀    ▄▄█ ██▀ ▄▄██
 ▀▀███ ██ █████▄       ▄█████ ██ ███▀▀
      ██ ███████▄   ▄███████ ██
       ██ ████████   ████████ ██
       ██▄▄ ▀▀████   ████▀▀ ▄▄██
        ▀▀███▄▄ ▀▀   ▀▀ ▄▄███▀▀
            ▀▀███▄▄▄▄▄███▀▀
                ▀▀███▀▀
             │
     │      ███
     │      ███
    │     ███
███  │     ███
███ ███ ███ ███
███ ███ ███ ███
███ ███ ███ ███
███ ███ ███ ███
███ ███     │
███ ███     │
    │
 
▬▬     WHITEPAPER    ▬▬
FACEBOOK     TELEGRAM
TWITTER     SLACK     MEDIUM
.
PRE-SALE.
PUBLIC SALE.
ulhaq
Sr. Member
****
Offline Offline

Activity: 265


View Profile
March 04, 2017, 10:54:33 PM
 #15

not a good idea and i don't like it as it destroy the anonimity of crypto, if you need to reveal your identity to carry the money on your private key(if i understood this correctly) it would fade away the pseudo anonimity fo bitcoin, or the 100% anonimity of monero, zcash, if applyed there, a really bad idea

You are not understanding this correctly, I am talking about 100% anonymity, with proof of identity, meaning that there would be a way to verify that each person is a human and distinct from all other humans (and from computers). This does not mean that each person has to be limited to one address.
ulhaq
Sr. Member
****
Offline Offline

Activity: 265


View Profile
March 04, 2017, 11:00:05 PM
 #16

Not only does it permanently obviate centrality

Incorrect. People can lease themselves to a whale.

This is a great point. But I imagine that since decisions would still be made by 51%, to obtain this volume of persons to lease themselves would be impossible if there were even a small uptake of such a currency. And if it would be possible, persons would know that they are being paid and would assess the value vs. the cost, so the outcome should still be superior to alternatives.
ulhaq
Sr. Member
****
Offline Offline

Activity: 265


View Profile
March 04, 2017, 11:05:14 PM
 #17

wow! big idea here.
I would suggest TALK ... https://bitcointalk.org ... is a source root.

I am not sure what you are suggesting, the link is to the same forum where the thread was posted?
ulhaq
Sr. Member
****
Offline Offline

Activity: 265


View Profile
March 04, 2017, 11:38:14 PM
 #18

One of the big problems is that bots will trick users into doing the identification on behalf of the attacker bot:

https://safenetforum.org/t/proof-of-unique-human/167/231

I already wrote about the possibility of proving objectively that a video is a unique human and the EER rates (false positives vs. negatives) are too high to do it automated:

HumanIQ has a technically flawed design?

Please check my analysis. Did I misunderstand something in their design or in my quick research below?

Re: ☑ [ANN] ☰  [ ICO 06|04|2017 ] ☰ Humaniq — Discover the unbanked

Regarding the upthread post wherein I alleged that Ethereum can't scale (and tangentially I also alleged smart contracts on a Turing-complete blockchain are another DAO attack waiting to happen), I was asked to provide some more details.

(Additionally I have recently explained that the 10s (coming to 100s?) of ICOs being launched every year now because of this Ethereum smart contract nonsense which enables rapid prototyping of 1000s of hair-brained ideas that will probably never achieve any serious adoption, because again Ethereum can't scale and another smart contract attack means all smart contracts become untrustable, means we likely have a coming ICO graveyard where our ecosystem has died. Thanks to greedy developers who want to cash out after making a fancy presentation and thus don't develop first and launch without an ICO and really don't have much incentive to develop anything at all after they raise $millions to party with, especially young guys who have a lot of energy for conferences, dinners, parties, fancy hotels, etc.. What happened to my generation of startups where we developed them from our bedroom while living at our parents' hose.

The low marginal cost of preparing the snazzy website, whitepaper and perhaps even a barely functional smart contract demo is minimal, perhaps < $5000 or even less. Yet these ICOs can easily raise 100s or 1000s of BTC. So the supply of ICOs rises to meet the demand from gullible speculators who all "want to buy earlier than each other" so they all end up buying ICOs, thus none of them buy earlier than each other and the ICO developers walk away with the Bitcoins and the speculators will be left penniless in the coming ICO oversupply graveyard because all the demand will have been transferred to ICO developers who don't buy in the aftermarket.)



NEW PROBLEM!

There is also an inconsistency in the HumanIQ design as expressed on pages 6 and 19-22 in the white paper and the wallet features section of the website.

Firstly, you claim that users will only need to use their face and voice and do not need to deal with passwords. But then you tie the user to one device and also to signing keys stored on their mobile device. So if that mobile device is lost, stolen, or accessed even momentarily by a hacker (even if they just extract the keys and device ID perhaps even remotely and don't perform the attack over the user's mobile device), then the attacker only needs to fool the face and video identification system in order to steal the user's funds. They could for example exchange them for Bitcoin and be gone.

Face and video identification systems are theoretically reasonably easy to fool with synthetic methods, and I expect that to be true even against automated challenge-response:

https://engineering.cmu.edu/media/feature/2016/12_01_facial_recognition_eyeglasses.html
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.461.7360&rep=rep1&type=pdf#page=6 (see Figure 9)

Secondly, if user loses his device he has lost his keys. So the only way those keys could be recovered (again meeting your requirement that users don't have to ever mess with keys or store them in a paper wallet) is if some centralized service is storing the keys and can perform a recovery process that identifies the user. But again the attacker can game this recovery process, perhaps unless it is administered by a real human interrogator. And the centralized service becomes a huge attack surface for a hacker to steal all the users' keys (Bitcoin exchange failures show it is a serious risk). And of course as you admit on page 20 of your whitepaper, then it means the biometric identification is not decentralized on the blockchain, but a centralized service. Centralized blockchain concepts will never scale out. The world won't trust a system that depends on one centralized service. Sorry.

HumanIQ is ostensibly obviously lacking the skills of a qualified, experienced CTO on its team. Afaics, the HumanIQ design is irreparably/insolubly flawed and has apparently not been properly vetted by an appropriately skilled technical person.

Note it is possible to utilize face and voice biometrics stored on a blockchain to prove that the users are all unique within the false positive tolerance of multimodal biometric identification, e.g. perhaps to within a few percent false positive rate for synthetic attacks (at current state-of-the-art) and even better if supplemented with real human interrogation (which would be retroactively objectively verifiable from the blockchain data in the future as the state-of-the-art advances). But for automated logins and identification of users ongoing usage of the system, the false positive rate is currently too high because it would be the theft rate. I suppose you were looking at service providers such as the following and just assumed the EER rates were acceptable without reading the research:

https://www.onefacein.com/faq.html
http://www.voicetrust.com/solutions/voice-login/
https://playground.bioid.com/BioIDWebService/LiveDetection
https://www.keylemon.com/oasis
https://www.quora.com/What-are-the-best-face-detection-APIs/answer/Ben-Virdee-Chapman

So I also do not understand why the white paper implies we can't store a (hash of a) video on a blockchain. Surely we can.

Please do point out any misunderstanding or mistake I have made in my analysis.



Note that although via deep learning of deep neural nets the state-of-the-art research on face recognition accuracy has reached as high as 99% (and do look at how close to indistinguishable the errors were even to a human observer such as yourself) and state-of-the-art research on voice identification has reached as high as ~1% EER (i.e. roughly 1% false positive with a 1% false negative if compared to a 2.33% EER on page 5), these performance figures do not include data sets where the attacker is trying to game the system. So refer to the links I provided above on synthetic attacks to get a better idea of the risk of theft with multimodal biometric face and voice identification. The state-of-the-art is advancing rapidly because a 2014 paper only cited a 7% EER, but the datasets and training criteria are not probably not comparable.

1% or even 0.1% rates of theft would still be unacceptable.

Regarding attacker bots tricking individuals, this is hardly a refutation of such a system, similar to saying that e-mail is not viable due to phishing attacks, or even that bitcoin is not viable due to software that mimics the bitcoin software. One could say that even ethereum, litecoin, and monero have these problems, because when one goes to any of those websites, it could be a malicious copycat website.

Regarding the HumanIQ project, those are specific criticisms of that system. A proof of person does not have to be always tied to a device, or the hacker getting access to funds by impersonating the individual. Eg, imagine that after the one-time proof of identity occurs, a set of private keys are created. If someone impersonated that individual in the future (eg, with your malicious capcha example, which is also less likely if the proof of identity is a one-time affair), they would not gain access to the private keys. You mention the false positive rate with using voice ID. But if voice ID was combined with another method, the 1% or 0.1% rates of theft fall astronomically.
Ryan Dugan
Hero Member
*****
Offline Offline

Activity: 560


View Profile
March 05, 2017, 01:18:24 AM
 #19

not a good idea and i don't like it as it destroy the anonimity of crypto, if you need to reveal your identity to carry the money on your private key(if i understood this correctly) it would fade away the pseudo anonimity fo bitcoin, or the 100% anonimity of monero, zcash, if applyed there, a really bad idea

You are not understanding this correctly, I am talking about 100% anonymity, with proof of identity, meaning that there would be a way to verify that each person is a human and distinct from all other humans (and from computers). This does not mean that each person has to be limited to one address.

Sounds interesting. How will you verify who is a person and who is not and then where do you move from there ?
I'm all for anything that is not pos or pow because new things are interesting and innovative.
iamnotback
Sr. Member
****
Offline Offline

Activity: 336



View Profile
March 05, 2017, 08:31:35 PM
 #20

not a good idea and i don't like it as it destroy the anonimity of crypto, if you need to reveal your identity to carry the money on your private key(if i understood this correctly) it would fade away the pseudo anonimity fo bitcoin, or the 100% anonimity of monero, zcash, if applyed there, a really bad idea

You are not understanding this correctly, I am talking about 100% anonymity, with proof of identity, meaning that there would be a way to verify that each person is a human and distinct from all other humans (and from computers). This does not mean that each person has to be limited to one address.

It is correct that PoP isn't necessarily incompatible with anonymity. We can in theory cryptographically prove that each transaction has only unique PoP signatories in its blockchain history without unmasking the traceable details of the history.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!