- Topic
61k Popularity
35k Popularity
20k Popularity
33k Popularity
18k Popularity
7k Popularity
128k Popularity
70k Popularity
1793k Popularity
- Pin
- 🎉 Gate US Stock Token Trading is Now Live! Spot, Futures, and Alpha Zone – All Open!
📝 Share your trading experience or screenshots on Gate Square to unlock $1,000 rewards!
🎁 5 top Square creators * $100 Futures Voucher
🎉 Share your post on X – Top 10 posts by views * extra $50
How to Participate:
1️⃣ Follow @Gate_Square
2️⃣ Make an original post (at least 20 words) with #Gate US Stock Trading Share#
3️⃣ If you share on Twitter, submit post link here: https://www.gate.com/questionnaire/6854
Note: You may submit the form multiple times. More posts, higher chances to win!
📅 July 3, 7:00
- 🎉 Congratulations to the following users for winning in the #Gate CBO Kevin Lee# - 6/26 event!
KaRaDeNiZ, Sakura_3434, Anza01, asiftahsin, GateUser-d0654db3, milaluxury, Ryakpanda, 静.和, milaluxury, 币大亨1
💰 Each winner will receive $5 Points!
🎁 Rewards will be distributed within 14 working days. Please make sure to complete identity verification to be eligible.
📌 Event details: https://www.gate.com/post/status/11782130
🙏 Thank you all for your enthusiastic participation — more exciting events are on the way!
- 🔥Post & Earn Passive Income! Gate Square’s "Content Mining" Channel is Now Open!🔥
Every post has a chance to earn up to 10% rebate from user trading fees.
Text, images, or videos—earn while you share!
Sign up now 👇Turn your social influence into real cash!
https://www.gate.com/announcements/article/45695
- #Gate Ranks Top 4 Exchange#
Gate has reached the Top 4 global crypto derivatives exchanges on CoinMarketCap, with a 24-hour trading volume exceeding $15 billion. Enjoy some of the lowest fees in the industry—maker fees as low as 0.015%. Gate is committed to providing users with a more efficient and cost-effective trading experience, making it your top choice for crypto trading!
Start trading now:
👉 Spot Trading: https://www.gate.com/trade
👉 Alpha Trading: https://www.gate.com/alpha
👉 Futures Trading: https://www.gate.com/futures
💬 What derivatives or other products have you recently traded
Vitalik: The Multiple Dilemmas of Digital Identity + ZK Technology
Author: Vitalik Buterin
Compiled by: Saoirse, Foresight News
Nowadays, the use of zero-knowledge proofs to protect privacy in digital identity systems has become somewhat mainstream. Various zero-knowledge proof passport projects (literally ZK-passport projects, referring to digital identity projects based on zero-knowledge proof technology) are developing user-friendly software packages, allowing users to prove they hold valid identification without revealing any details of their identity. World ID (formerly Worldcoin), which uses biometric technology for verification and protects privacy through zero-knowledge proofs, has recently surpassed 10 million users. A digital identity government project in Taiwan has utilized zero-knowledge proofs, and the European Union is increasingly emphasizing zero-knowledge proofs in its work on digital identity.
On the surface, digital identity based on zero-knowledge proof technology is widely adopted and seems to be a significant victory for d/acc (Note: a concept proposed by Vitalik in 2023, advocating for the development of decentralized technology through technical tools such as encryption and blockchain, aiming to accelerate technological progress while defending against potential risks, and balancing innovation with safety, privacy, and human autonomy.) It can protect our social media, voting systems, and various internet services from witch attacks and bot manipulation without sacrificing privacy. But is it really that simple? Does identity based on zero-knowledge proof still carry risks? This article will clarify the following points:
How does identity wrapped in zero-knowledge proofs work?
Imagine that you obtained a World ID by scanning your eyeball, or by using your phone's NFC reader to scan your passport, obtaining an identity based on a zero-knowledge proof passport. For the purposes of this article's argument, the core attributes of these two methods are consistent (with only a few marginal differences, such as in the case of multiple nationalities).
On your phone, there is a secret value s. In the global on-chain registry, there is a public hash value H###s(. When you log into the app, you will generate a user ID specific to that app, which is H)s, app_name(, and verify through zero-knowledge proof: this ID originates from the same secret value s as a certain public hash value in the registry. Therefore, each public hash value can generate only one ID for each app, but it will never disclose which public hash value corresponds to a specific app's exclusive ID.
![Vitalik: The Multiple Dilemmas of Digital Identity + ZK Technology])https://img-cdn.gateio.im/webp-social/moments-1fa15b87f0dad953ff390e1ff4499f3d.webp(
In fact, the design may be a bit more complex. In World ID, the application-specific ID is actually a hash value that includes the application ID and the session ID, so different operations within the same application can also be decoupled from each other. The design of the zero-knowledge proof passport can also be constructed in a similar manner.
Before discussing the drawbacks of this type of identity, it is essential to recognize the advantages it brings. Outside the niche field of zero-knowledge proof identity (ZKID), in order to prove your identity to services that require verification, you have to disclose your complete legal identity. This severely violates the principle of "least privilege" in computer security: a process should only obtain the minimum permissions and information necessary to complete its task. They need to prove that you are not a robot, that you are over 18 years old, or that you come from a specific country, but what they receive is a pointer to your complete identity.
The best improvement solution currently achievable is to use indirect tokens such as phone numbers and credit card numbers: at this point, the entity that knows your phone/credit card number associated with in-app activities and the entity that knows your phone/credit card number associated with legal identity (a company or a bank) are mutually separated. However, this separation is extremely fragile: just like other types of information, phone numbers can be leaked at any time.
The issue can largely be addressed by leveraging zero-knowledge proof wrapping technology (ZK-wrapping, a technical means that uses zero-knowledge proofs to protect user identity privacy, allowing users to prove their identity without disclosing sensitive information). However, the next point to discuss is one that is less frequently mentioned: there are still some problems that not only remain unsolved but may even become more severe due to the strict limitation of "one person, one identity" in such schemes.
) Zero-knowledge proofs themselves cannot achieve anonymity.
Assuming a zero-knowledge proof identity (ZK-identity) platform operates exactly as expected, strictly reproducing all the above logic, and has even found a way to protect the private information of non-technical users in the long term without relying on centralized entities. However, at the same time, we can make a realistic assumption: applications will not actively cooperate with privacy protection; they will adhere to the principle of "pragmatism," and the design solutions they adopt, while claiming to "maximize user convenience," seem to always lean towards their own political and commercial interests.
In such scenarios, social media applications do not adopt complex designs like frequently rotating session keys, but instead assign a unique application-specific ID to each user. Additionally, since the identity system follows the "one person, one identity" rule, users can only have one account (which contrasts with the current "weak ID" scenario, such as Google accounts, where an average person can easily register about five). In the real world, achieving anonymity typically requires multiple accounts: one for "regular identity" and others for various anonymous identities (see "finsta and rinsta"). Therefore, under this model, the anonymity that users can actually attain is likely to be lower than the current level. This way, even a "one person, one identity" system wrapped in zero-knowledge proofs may gradually lead us towards a world where all activities must rely on a single public identity. In an era of increasing risks (such as drone surveillance), depriving individuals of their choice to protect themselves through anonymity can have serious negative consequences.
Zero-knowledge proofs themselves cannot protect you from coercion.
Even if you do not disclose your secret value s, no one can see the public connections between your accounts. But what if someone forces you to disclose it? The government may require you to reveal your secret value in order to view all your activities. This is not just talk: the US government has begun requiring visa applicants to disclose their social media accounts. Moreover, employers can easily make the disclosure of full public information a condition of employment. In fact, individual applications may also technically require users to reveal their identity on other applications before allowing registration (using app login defaults to this action).
![Vitalik: The Multiple Dilemmas of Digital Identity + ZK Technology]###https://img-cdn.gateio.im/webp-social/moments-18e125ae671fbd46a8f4b809256f301e.webp(
Similarly, in these cases, the value of the zero-knowledge proof attribute is completely lost, but the drawbacks of the new attribute "one person, one account" still exist.
We may be able to reduce coercion risks through design optimization: for example, by using a multi-party computation mechanism to generate a unique ID for each application, allowing users and service providers to participate together. In this way, if the application operator is not involved, users will not be able to prove their unique ID in that application. This will make it more difficult to coerce others into disclosing their full identity, but it cannot completely eliminate this possibility, and such solutions also have other drawbacks, such as requiring application developers to be active entities in real-time, rather than passive on-chain smart contracts (which do not require continuous intervention).
) Zero-knowledge proofs themselves cannot solve non-privacy-related risks.
All forms of identity have edge cases:
These edge cases pose the greatest danger in systems that attempt to maintain the "one person, one identity" attribute, and they have no relation to privacy. Therefore, zero-knowledge proofs are powerless against this.
Relying on "proof of wealth" to prevent witch attacks is not enough to solve the problem, so we need some form of identity system.
In the pure crypto-punk community, a common alternative is to completely rely on "proof of wealth" to guard against witch hunts, rather than building any form of identity system. By imposing a certain cost for each account, it can prevent someone from easily creating a large number of accounts. This practice has precedents on the internet; for example, the Somethingawful forum requires a one-time fee of $10 to register an account, which is non-refundable if the account is banned. However, this is not truly a crypto-economic model in practice, because the biggest barrier to creating a new account is not the need to pay the $10 again, but rather obtaining a new credit card.
In theory, it is even possible to make payments conditional: when registering an account, you only need to stake a certain amount of funds, and you will only lose this amount in the rare case that the account is banned. Theoretically, this can significantly increase the cost of attacks.
This solution is effective in many scenarios, but it completely fails in certain types of situations. I will focus on two categories of scenarios, tentatively referred to as "UBI-like scenarios" and "governance-like scenarios."
The Demand for Identity in UBI-like Scenarios
The so-called "quasi-universal basic income scenario" refers to a situation where a certain amount of assets or services is distributed to a very broad (ideally the entire) user base, without considering their ability to pay. Worldcoin systematically practices this: anyone with a World ID can regularly receive a small amount of WLD tokens. Many token airdrops also achieve similar goals in a more informal way, attempting to ensure that at least some of the tokens reach as many users as possible.
Personally, I do not believe that the value of such tokens can reach a level sufficient to sustain a livelihood. In an AI-driven economy with wealth scales reaching thousands of times the current level, these tokens may have the value to sustain a livelihood; however, even so, government-led projects backed by natural resource wealth will still hold a more important position economically. Nevertheless, I think that the issue that these "mini-UBIs" can effectively address is: allowing people to obtain a sufficient amount of cryptocurrency to complete some basic on-chain transactions and online purchases. Specific possibilities may include:
If cryptocurrencies are widely adopted globally, this issue would no longer exist. However, in the current situation where cryptocurrencies are not yet mainstream, this may be the only way for people to access on-chain non-financial applications and related online goods and services, otherwise they may be completely out of reach of these resources.
In addition, there is another way to achieve a similar effect, namely "universal basic services": providing every person with an identity the ability to send a limited number of free transactions within a specific application. This approach may align better with incentive mechanisms and has higher capital efficiency, as each application that benefits from this adoption can do so without having to pay for non-users; however, this also comes with certain trade-offs, namely that universality will be reduced (users can only ensure access to applications participating in the program). Nevertheless, a set of identity solutions is still needed here to prevent the system from suffering from spam attacks while avoiding exclusivity, which arises from requiring users to pay through certain payment methods that may not be accessible to everyone.
The last important category worth emphasizing is "universal basic security deposit." One of the functions of identity is to provide a subject for accountability without requiring users to stake funds equivalent to the scale of incentives. This also helps to achieve a goal: reducing the dependence on individual capital for participation thresholds (or even requiring no capital at all).
The Demand for Identity in Governance-like Scenarios
Imagine a voting system (for example, likes and shares on a social media platform): if user A's resources are 10 times those of user B, then A's voting power will also be 10 times that of B. However, from an economic perspective, each unit of voting power brings A a benefit that is 10 times greater than what it brings to B (because A's scale is larger, any decision will have a more significant impact on its economic aspect). Therefore, overall, the benefit of A's vote to itself is 100 times the benefit of B's vote to itself. This is why we find that A will invest much more effort in participating in voting, researching how to vote to maximize its own goals, and may even strategically manipulate the algorithms. This is also the fundamental reason why "whales" can exert excessive influence in token voting mechanisms.
![Vitalik: The Multiple Dilemmas of Digital Identity + ZK Technology]###https://img-cdn.gateio.im/webp-social/moments-5c5e98a8645b7a2cc02bf3f26d7bf4d7.webp(
The more universal and deeper reason is that governance systems should not assign equal weight to "one person controlling 100,000 dollars" and "1,000 people jointly holding 100,000 dollars." The latter represents 1,000 independent individuals, and therefore contains richer valuable information, rather than the high repetition of small volume information. Signals from 1,000 people are also often more "moderate," as differing opinions from individuals tend to cancel each other out.
![Vitalik: The Multiple Dilemmas of Digital Identity + ZK Technology])https://img-cdn.gateio.im/webp-social/moments-4ee3f0f2fb93f4937527d660b75452b7.webp(
This applies to both formal voting systems and "informal voting systems," such as people's ability to participate in cultural evolution through public expression.
This indicates that governance-like systems will not be truly satisfied with the approach of "regardless of the source of funds, equal-sized bundles of funds are treated the same." The system actually needs to understand the internal coordination level of these bundles of funds.
It is important to note that if you agree with my descriptive framework for the two types of scenarios mentioned above (the universal basic income scenario and the governance scenario), then from a technical perspective, the need for a clear rule like "one person, one vote" no longer exists.
In these two scenarios, identity is still very useful, but the requirement to adhere to strict rules like 'one person, one identity' no longer exists.
The theoretical ideal state is: the cost of obtaining N identities is N².
From the above arguments, we can see that there are two pressures from opposite ends that limit the expected difficulty of obtaining multiple identities in the identity system:
First of all, there should not be a clear and visible hard limit set on the "number of identities that can be easily obtained." If a person can only have one identity, then anonymity is out of the question, and they may be coerced into revealing their identity. In fact, even a fixed number greater than 1 poses risks: if everyone knows that each person has 5 identities, then you could be coerced into revealing all 5.
Another reason to support this is that anonymity itself is very fragile, thus requiring a sufficiently large security buffer. With modern AI tools, it has become easy to associate user behaviors across platforms. By using publicly available information such as wording habits, posting times, posting intervals, and discussion topics, it is possible to accurately identify an individual with only 33 bits of information. While people may use AI tools for defense (for example, when I posted content anonymously, I first wrote it in French and then translated it into English using a locally running large language model), even so, one mistake could completely end their anonymity.
Secondly, identity cannot be completely tied to finance (i.e., the cost of obtaining N identities is N), as this would allow large entities to easily gain excessive influence (thereby causing smaller entities to completely lose their voice). The new mechanism of Twitter Blue reflects this: the monthly certification fee of $8 is too low to effectively curb abuse, and users have basically become indifferent to this certification mark.
In addition, we may not want entities with resource amounts N times greater to be able to act with impunity and engage in N times the misconduct.
Based on the above arguments, we hope to obtain multiple identities as easily as possible under the following constraints: (1) limit the power of large entities in governance-like applications; (2) limit abusive behavior in applications related to universal basic income.
If we directly refer to the mathematical model of governance applications mentioned earlier, we will arrive at a clear answer: if having N identities can bring an influence of N², then the cost of acquiring N identities should be N². Coincidentally, this answer is also applicable to applications related to universal basic income.
![Vitalik: The Multiple Dilemmas of Digital Identity + ZK Technology])https://img-cdn.gateio.im/webp-social/moments-d49b614727dad9332ccc83574bcd8d59.webp###
Old readers of this blog may notice that this is exactly consistent with the chart in an earlier blog post about "quadratic funding"; this is not a coincidence.
( A pluralistic identity system can achieve this ideal state.
The so-called "multi-identity system" refers to an identity mechanism that does not have a single dominant issuing authority, whether that authority is an individual, organization, or platform. This system can be realized in two ways:
![Vitalik: The Multiple Dilemmas of Digital Identity + ZK Technology])https://img-cdn.gateio.im/webp-social/moments-b394e40deff972eb129c2cfa202e3a5e.webp###
The latest snapshot of the Circles identity map. Circles is currently one of the largest identity projects based on social graphs.
Explicit multiple identities inherently possess anonymity: you can have an anonymous identity (or even multiple ones), each identity can establish its reputation in the community through its own actions. An ideal explicit multiple identity system may not even require the concept of "discrete identities"; instead, you may possess a fuzzy set composed of verifiable past behaviors, and be able to prove different parts of it in a refined manner based on the needs of each action.
Zero-knowledge proofs will make anonymity easier to achieve: you can use a main identity to launch an anonymous identity by privately providing the first signal to recognize the new anonymous identity (for example, by using zero-knowledge proofs to show that you possess a certain amount of tokens, thereby allowing you to publish content on anon.world; or by using zero-knowledge proofs to demonstrate that your Twitter followers have certain characteristics). There may be even more effective ways to use zero-knowledge proofs.
The "cost curve" of latent multiple identities is steeper than that of a quadratic curve, yet still possesses most of the required characteristics. Most people possess only some of the forms of identity listed in this article, rather than all. You can acquire another form of identity with some effort, but the more forms of identity you have, the lower the cost-benefit ratio of acquiring the next one becomes. Thus, it provides the necessary deterrent against governance attacks and other abuses, while ensuring that coercers cannot demand (and cannot reasonably expect) you to disclose a fixed set of identities.
Any form of a multi-identity system (whether implicit or explicit) inherently possesses greater fault tolerance: individuals with disabilities in their hands or eyes may still hold passports, and stateless persons may still prove their identity through certain non-governmental channels.
It is important to note that if the market share of a certain form of identity approaches 100% and becomes the only login option, the aforementioned characteristics will become ineffective. In my opinion, this is the greatest risk that identity systems overly pursuing "universality" may face: once their market share approaches 100%, it will push the world from a pluralistic identity system to a "one person, one identity" model, which, as this article describes, has many drawbacks.
In my opinion, the ideal outcome of the current "One Person One Identity" project is to integrate with the identity system based on social graphs. The biggest challenge faced by identity projects based on social graphs is the difficulty of scaling to a massive number of users. The "One Person One Identity" system can be used to provide initial support for social graphs, creating millions of "seed users". By then, the number of users will be sufficient to safely develop a globally distributed social graph from this foundation.
Special thanks to Balvi volunteers, Silviculture members, and World team members for participating in the discussion.