Inside Today's Meteor
- Disrupt: Proof of Humanity Doesn't Require a Credit Card
- Create: Behind the Viral Fake Pope Puffer Jacket
- Compress: Metaverse Fashion Week kicks off in Decentraland
We're going to try something new today. As we mentioned in Monday's newsletter we had been planning to write this week about How to Prove You're Human in an AI World, but due to a technical snafu our planned interview on the topic with Web3 luminary Evin McMullen fell through.
Don't worry, we have rescheduled Evin next month, stay tuned for details. But given the timeliness of the topic, we decided not to wait to weigh in.
We knew we were on to something. "Proof of Humanity" threads have been blowing up since the weekend, when Elon Musk announced a plan to raise the ante on paid verification. If you don't get a blue check, your posts are going to be even less visible than they are now starting next month.
It's the only way to defeat the AI bots, he says.
Is Elon right? To help us sort the arguments – and the options – we're bringing in a guest writer, Jon Stokes, who just wrote an excellent overview of the problem on his excellent Substack, Return.
I've known Jon for years, since Conde Nast in 2008 acquired Ars Technica, a highly regarded technology publication he co-founded. He's well informed, opinionated and a great writer. Below he lays out very clearly how Web3 and AI are entangled with the problem of digital identity. It's well worth a read.
Proof of Humanity Doesn't Require a Credit Card
by Jon Stokes
Elon Musk has been going viral with tweets suggesting that the future of social media is paid because otherwise, it’ll all just be bots.
Given that modern AI can solve any “prove you’re not a robot” tests, it’s now trivial to spin up 100k human-like bots for less than a penny per account.
— Elon Musk (@elonmusk) March 27, 2023
Paid verification increases bot cost by ~10,000% & makes it much easier to identify bots by phone & CC clustering.
Obvious…
Starting April 15th, only verified accounts will be eligible to be in For You recommendations.
— Elon Musk (@elonmusk) March 27, 2023
The is the only realistic way to address advanced AI bot swarms taking over. It is otherwise a hopeless losing battle.
Voting in polls will require verification for same reason.
Musk is right: the bots are coming, and we do have to do something. But we have two more options besides the one he offers. Here’s the expanded list of our choices for proving our humanity in the age of ubiquitous AI:
- Pay-to-play (i.e., the Musk option)
- Web3’s large selection of existing proof-of-human (PoH) offerings
- Government-issued digital ID
I’m guessing we’ll end up with some combination of the above, but insofar as #3 will be the most attractive option for many people, it’s yet another way in which AI is an inherently centralizing force. But as a decentralization maxi, the likelihood that we’ll end up where the government can digitally unperson me with a mouse click is concerning. If this worries you as well, then read on.
In this piece, I’ll give a very brief introduction to option #2 — web3 proof-of-human services — for the non-crypto-pilled. Yes, I know… I know… Nobody wants to read another piece about how “web3 fixes this.” But don’t close that tab!
Even if you hate crypto, it’s still worth acquainting yourself with just how much effort and money has gone into solving the precise problem Musk is worried about. Here are two relevant facts for the crypto-haters to consider before they bounce:
- Digital identity is a critical, well-established front in the “centralization vs. decentralization” war. So if you care about this fight, then this issue matters.
- Recent advances in AI have fundamentally changed the digital ID terrain so that Web 2.0 now has a problem that had previously been confined to web3, i.e., how to do proof-of-human in a network where human nodes can be credibly impersonated at scale and at low marginal cost.
Proof of humanity is an early, fundamental web3 problem
One of the core distinctions crypto has vs. the traditional web is ubiquitous pseudonymity. Crypto types are super into the whole pseudonymous online persona thing.
Now, you may not care about pseudonymity, or you think it’s only for money launderers, dope peddlers, bootleggers, and prank callers. I get it, boomer. But just bear with me for a moment, because I promise I’m not trying to pseud-pill you — I’m just trying to help you understand why proof-of-human is such a longstanding web3 concern.
The de facto standard for identity on the current web (web2) is the email address plus password combination. To sign up for a new service, you usually supply these two items, and then you get some confirmation link in your email that you have to click in order to prove you’re the rightful owner of that email address.
The standard for identity on web3, in contrast, is the crypto address. This is a public address on a public blockchain — often Ethereum — that you have a private key for and can therefore prove ownership of.
Web3 identities, then, have the following qualities:
- Trivial and cost-free for a single person to create and use in bulk
- Impossible to link to a single person, company, or other entity
- Used for accounts on internet services that are web3-based
- Used for moving valuable assets around
You might say that in web3, every phone is a burner phone — there is no other kind. This is because it’s really easy to create new crypto addresses and use them as identities. You can do this locally by just creating a new public/private key pair in the correct format, and if you want to send some asset to that address (coins, NFTs), you can do that by interacting with the blockchain.
Obviously, this is a pretty treacherous combination of qualities that’s quite easy to abuse, even without any sort of advanced AI. If logging in to a web3-based service only requires a locally generated key pair, then a single, not-very-sophisticated person could spin up millions of these public/private key pairs on a laptop and use them to SPAM thousands of web3 applications with fake interactions using a few simple scripts. For instance, you could use this to manipulate DAO votes or abuse token-gated applications.
The point: At the very beginning of web3’s existence, the frictionless ease of essentially disposable bulk identity creation has meant that web3 services have had the very proof-of-human problems that are only now truly catching up to web2 in the AI era.
The web3 solutions
If you Google “web3 proof of humanity” you’ll get a ton of results. Everyone has ideas about how to do this, and many of the ideas are very good and practical.
- ProofOfHumanity.id
- BrightID
- Duniter
- World ID
- Upala
- Kleros (sort of… it has ID as a component)
- Democracy Earth
- Humanity DAO
In addition, there are some web3 projects I’ve seen that have their own built-in solution for this that you use to access the service or community, and there are other web3 efforts where proof-of-human sort of happens as a side effect (POAP is a good example of the latter, and I think STEPN may be another in that proof-of-workout equals proof-of-humanity).
If anything, web3’s problem is that there are too many solutions for the PoH problem, and no one has settled on a standard. You’ll notice in the above list that there’s basically a marketplace for proof-of-human services that many web3 hustlers are hoping to dominate with their own solution.
Here’s a very brief list of some approaches:
- Scan your eyeball data into a creepy orb (i.e., WorldCoin).
- Multiple humans meet in person and give each other NFTs that essentially say, “I did an IRL thing with the person who controls this wallet.”
- Users upload videos of themselves answering questions or doing some required task.
- Users take cognitive tests that are still too hard for AIs.
- Users either vouch for or challenge each others’ humanity.
- The platform analyzes your social graph on some network and uses that as proof.
- The platform looks at your wallet for NFT credentials that it recognizes as normally only given out to real humans for doing a thing in the real world, e.g., an on-chain certificate granted by an institution or program, or an earned community participation token or status badge from an established web3 community.
None of these are scam-proof by themselves, so most PoH offerings will combine multiple approaches to give you some kind of score. But just to be clear on what this list is: these aren’t random ideas or shower thoughts that I or someone else thought might be kinda cool if only someone were to build it — no, there are (or in some cases, have been) actual shipping products build around these ideas and more, some of them with thousands of users. This stuff literally exists courtesy of the now-busted (but steadily reflating) crypto bubble and actual communities are testing it.
Again, the problem is the sheer variety of such PoH efforts and the lack of a clear standard or authority. If there were a kind of “LinkedIn” but for PoH (maybe LinkedIn itself could do this), where if you worked at a job with colleagues, you got an on-chain badge that says, “Jon Stokes definitely worked here doing this thing,” that would probably dominate. But there is no such Schelling point, yet.
We’ll probably go with option 3
I can already hear many of you asking, “Couldn’t we do all the ‘web3’ stuff you’re describing with a government-issued digital identity?” (I.e., option #3 on the list in the first section of this piece.)
The answer is, “Yes, obviously.” And there are a number of country-level efforts to do exactly this, some of which involve the blockchain and some of which do not.
As I said in the intro, the people who want the government to handle this for them will probably get their way, eventually. But it should be clear that it doesn’t have to be his way.
We have a multitude of options for proof-of-human that don’t involve paying centralized service providers, whether private-sector platforms like Twitter via subscription fees or governments via taxes. We should use them if we value our privacy and freedom.
And if we do decide on pay-to-play, there are privacy-preserving options like Bitcoin (either L1 or lightning network) that could be used by social media to filter for bots without wrecking pseudonymity.
Create
Behind the Viral Fake Pope Puffer Jacket: MidJourney and Shrooms
Buzzfeed talked to the creator, who declined to give his full name out of fear of being attacked. But he did drop some details about how the project came about.
While we're on the theme of what I would call AI clear fakes, here are some gems of our past presidents diplomatically meeting alien delegations.
And finally these gems from the faked moon landing, making this a fake fake photo.
Compress
Avatars Head to the Virtual Catwalk
Crypto winter couldn't put the deep freeze on Metaverse Fashion Week, which kicked off this week in Decentraland.
Mickey Exits the Metaverse
Team of about 50 is caught in wider cuts at Disney aiming to eliminate 7,000 jobs.
TicketMaster Tries NFTs
Avenged Sevenfold is not just what NFT collectors want to feel when (if?) the market rebounds, it's the name of a metal band that recently tested token-gated access to exclusive ticket offers for the events monster. Now it's being rolled out more widely.
Elon, Wozniak, Andrew Yang and a Thousand Others Call for Halt to AI Research
The group fears AI progress is moving too quickly and the results could be unpredictable and dangerous. Not surprisingly, no one from OpenAI, Google or Microsoft signed the list.
