Worldcoin, now simply known as World, is facing some serious backlash over its handling of user data The platform asks users to prove their humanity through iris and face scans in exchange for a digital ID and some free tokens.
Sounds futuristic, right? But multiple governments have blocked its activities for violating local privacy laws, leading to fines and lawsuits across the globe.
You can’t change your biometrics like your passwords
Cointelegraph just released an opinion piece by Ankur Rakhi Sinha, CEO of Airchains, about the controversies surrounding Worldcoin’s business operations, and it’s a good read!
Let’s take a look at the main takeaways from it! The core issue with Worldcoin is its systemic failure to protect user data.
While there are laws in place to safeguard personal information, they often only kick in after a breach has already occurred.
This situation highlights a quite important point, for blockchain technology to be adopted in real-world applications, privacy must be a top priority.
Worldcoin’s experience shows us that we can’t just wing it when it comes to security, because when we do that, sh*t happens.
In 2024, Worldcoin was attempting a major reinvention after attracting significant investments fueled by hype.
But this approach can’t be our only option moving forward. We need to develop scalable and purpose-built record-keeping systems that prevent privacy disasters like those seen with Worldcoin.
Call to arms
This is a wake-up call for the crypto community, keep dreaming big, but also adopt emerging encryption technologies that can help secure what we build, especially when it comes to sensitive biometric data. After all, we all deserve confidence in our privacy!
So what’s the real trouble with Worldcoin? It starts with its black box nodes. Built as a permissioned layer-2 blockchain on top of Ethereum, World Chain doesn’t allow just anyone to become a node or link on the network, only insiders can control it.
Decentralization, permissionless-ness, where art thou? This setup leaves the network vulnerable to attacks from hackers outside the club.
This lack of transparency is an insult to open-source communities, and as many mentioning, to the ethos of cryptocurrency itself.
The more open an application is, the easier it is to identify vulnerabilities. Storing biometric data in these opaque black boxes without proper safeguards is a recipe for disaster.
The walled garden effect
Public blockchains also run into issues when private companies create ineffective walled gardens.
The technology designed for secure data storage and management loses its transparency and trustworthiness when locked away from public scrutiny.
Biometric data should never be kept behind closed doors, this goes against the very principles of decentralization. So what to do?
Worldcoin uses ZKsync, which employs zero-knowledge proofs. This technology allows data to be validated without revealing its actual content, a promising concept for biometric privacy.
But despite all the hype around ZK tech as a cure-all for privacy issues, it doesn’t address concerns about how data is stored.
Even if Worldcoin claims it collects only necessary data, and promises to delete that information once its models are trained, recent leaks suggest that ZK proofs weren’t properly implemented within a secure environment. And on a long term, this could be really bad!
