Simon Schillebeeckx

if the worldcoin technology works as described, scanning your iris does not link your iris to your ”world id” nor your financial transactions no pictures of your eyeball scans are stored anywhere (allegedly) a zkp is used to prove that you belong to the set of unlinked irisCodes (hash of your iris scan). assuming the anonymity set is large, you should be fine these irisCodes do prevent you prevent you from signing up again, so we can assume that if someone hunted you down and force-scanned you with an orb, they could find out that you’ve been scanned before and that you likely have a world id. but they wouldn’t know which. and that’s actually about the extent of your taint there’s a lot of rah rah about the fact that a *hash of your iris scan* is submitted from the orb to worldcoin *servers* (vs apple faceid which is allegedly all local). but no one is articulating which privacy vector this violates other than ”it allows worldcoin to identify previous signups from new” there is however potentially an issue with the world id itself. worldcoin says that they don’t collect any data about you (no name, email) to allow you to make use of the world id but then there is the issue of worldcoin linkability. imagine a bitcoin wallet that doesn’t refresh addresses ever. if you use this address a bunch of times for different things, you’ll very quickly reveal yourself, even though you never wrote your name or email on that address. you make one in-store purchase with a cctv camera and bam, all your history is linked together worldcoin has given some thought to this and allows you to generate some number of sub-accounts that cannot be linked to eachother or the world id. it’s on the app you’re using to decide how many different sub-accs you’re allowed to use with a single mother id (they can’t allow you to use infinite sub-accounts if they want to prevent botting). one important thing is that you can atleast generate a new sub-account/nym per service there are other actions, like voting, where worldcoin supports locally generated zkps to prove that you’re a unique user, but doesn’t expose the world id or any subaccount worldcoin says they have a ongoing research projects to further improve worldcoin id privacy to allow e.g. selective disclosures using zk this is why when you talk to a worldcoin person, your criticism usually falls flat. they believe they have solutions to the privacy issues you’re raising. they believe you haven’t actually bothered to think any further than ”eye scanner orb bad!”, and let’s be frank, you really haven’t, and it’s unlikely you’d even be able to think further than that even if you tried but you are entitled to your gutfeeling. your gutfeeling could be totally correct. in order to trust worldcoin and orbs, you would need to understand zkps and trusted execution environments to even understand that what they’re claiming is possible. this is not an easy thing to understand and even if you understand that it is possible, you still need to trust that it is being implemented and implemented correctly as far as i know, no one external is going around doing remote attestation on these orbs using open source software. that’s a design goal worldcoin has but not something they’ve delivered or had as a requirement on themselves to deliver before they started scanning 8 pairs of eyeballs per second in the global south and how would it even work in practice? if we normalize a vc tech bro scanning your eyeballs and another tech bro sitting next to him saying ”it’s all good, i verified the TEE” we’re still vulnerable as a people since no one really understands these things now, go on, go and have better discussions around worldcoin