Worldcoin, the cryptocurrency project known for its Proof of Humanity protocol, has released its audit reports. The audits were conducted by security consulting firms Nethermind and Least Authority. Nethermind identified 26 security issues, of which 24 were fixed during the verification phase. One issue was mitigated, and another was acknowledged. Least Authority discovered three issues and made six suggestions, all of which have been resolved or have planned resolutions.
Worldcoin gained attention in 2021 when it announced its plan to give away free tokens to users who verify their humanness. Verification is done by scanning the user’s iris with a device called an “Orb.” The project was co-founded by Sam Altman, the co-founder of AI developer OpenAI. The motivation behind the project was to find a way for users to verify their humanness without compromising their privacy, as the rise of AI bots posed a potential threat to internet security. The Orb produces a hash of the user’s iris scan but does not keep a copy of the scan.
Criticism of Worldcoin emerged shortly after its public launch on July 25, following nearly two years of development and beta testing. The United Kingdom’s Information Commissioner’s Office (ICO) is reportedly considering investigating the project for potential violations of data protection laws. The French data protection agency CNIL has also questioned the legality of Worldcoin’s data collection practices.
The launch of Worldcoin has divided the crypto community. Some see it as a concerning development that could lead to a dystopian future with diminished privacy. Others view it as a necessary measure to protect against malicious AIs. The controversy surrounding Worldcoin highlights the ongoing debate over the balance between privacy and security in the digital age.
The audit reports conducted by Nethermind and Least Authority cover several security topics, including resistance to DDoS attacks, implementation errors, key storage and encryption management, data leakage, and information integrity. The issues identified were primarily related to dependencies on Semaphore and Ethereum, such as elliptic curve precompile support and Poseidon hash function configuration.
Worldcoin has taken prompt action to address the identified security issues. Almost all issues have been fixed, mitigated, or have planned fixes. Only one security issue remains unresolved, with its severity listed as “undetermined” and acknowledged by the Worldcoin team.
The release of the audit reports demonstrates Worldcoin’s commitment to transparency and security. By subjecting its protocol to independent evaluations, the project aims to reassure users and regulators about the integrity of its data collection practices. The audits serve as a step towards addressing the concerns raised by regulatory bodies and the crypto community regarding privacy and data protection.
Moving forward, Worldcoin will need to navigate the regulatory landscape and address any potential legal challenges it may face. As the project continues to evolve, it will be crucial for Worldcoin to maintain open lines of communication with regulators and stakeholders, as well as involve the broader crypto community in shaping its governance and operational processes.
In conclusion, Worldcoin has released its audit reports, which highlight the security measures taken to address potential vulnerabilities. The project’s Proof of Humanity protocol aims to strike a balance between privacy and security in an increasingly digital world. The audits conducted by Nethermind and Least Authority provide valuable insights into the resilience of the protocol and demonstrate Worldcoin’s commitment to transparency and accountability.
Source link