Intro to zero-knowledge proofs, Semaphore and their application in World ID

Aug 17, 2023 2 Minute Read

The Worldcoin project is committed to preserving users’ privacy.

The protocol recently underwent two security assessments from independent auditors covering both the protocol’s cryptography and its smart contracts. You can find a summary of the most recent security audits and links to the full reports here

When it comes to World ID, the global identity protocol powered by the Worldcoin ecosystem, there are two key protocols/technologies that enable people to use it to digitally prove their uniqueness and humanness in a way that preserves their privacy. These are zero-knowledge proofs and Semaphore. 

What are zero-knowledge proofs?

A zero-knowledge proof (ZKP) is a cryptographic way for one party (the prover) to prove to another party (the verifier) that they possess knowledge without revealing what the underlying information actually is

For example, using ZKPs, a prover can demonstrate to a verifier that a certain statement is true without disclosing any information beyond the statement’s truth. Imagine an ID card that only proves the holder is 18+ without revealing any other information such as name, birthdate, etc.

While the mathematics and cryptography behind ZKPs are very complex, the result of their implementation is not difficult to understand. ZKPs enable secure and private verification of information without revealing actual data, which helps ensure trust and privacy in decentralized systems. For this reason, they have become an important and exciting area of study and development in the crypto and web3 space. 

What is Semaphore?

Semaphore is a generic, open source privacy layer for Ethereum applications based on one of the most compelling zk-technologies: zk-SNARKs (zero-knowledge succinct non-interactive argument of knowledge). 

Using zero knowledge, Semaphore essentially allows Ethereum users (or the users of any other chain capable of verifying Groth16 proofs in a gas efficient manner) to prove their membership of a group and send signals (e.g. votes, endorsements, etc.) without revealing their original identity.

How does World ID use ZKPs and Semaphore?

World ID is designed to enable anonymous use. Actions taken with World ID are not linked to a person's iris images or iris code, and third parties cannot link different actions taken with someone’s World ID through the World ID data. Here’s how that’s possible. 

When a person uses their World ID, a ZKP is used to prevent third parties from knowing the person’s World ID public key or tracking them across applications. ZKPs also protect the use of World ID from being tied to any biometric data or the iris code of the person. 

World ID uses Semaphore to, among other things, confirm the World ID data itself cannot be tracked to a person’s identity nor to verifications in other applications. The protocol uses Semaphore and its trusted setup ceremony for the zk-SNARKs that prove membership of a group and a custom trusted setup for the zkSNARKs to insert newly registered users into the group of verified World ID users.

Learn more

The use of ZKPs and Semaphore in World ID is an example of the Worldcoin project’s commitment to privacy. Additional privacy resources can be found at the following links:

If you’d like to learn more or stay informed about Worldcoin’s growth, technology, upcoming launches and more, sign up for the blog newsletter at the bottom of this page or join the ongoing daily conversations on Twitter, Discord, YouTube and Telegram

Disclaimer

The above content speaks only as of the date indicated. Further, it is subject to risks, uncertainties and assumptions, and so may be incorrect and may change without notice. A full disclaimer can be found in our Terms of Use and Important User Information can be found on our Risks page.

The information in this article is over 12 months old and may be outdated. Please visit world.org/blog for the most recent information about the project.