Proof of unique human

Last night there was an interesting discussion about limiting the number of accounts per person. It was started by @dyamanaka and several others started to chime in. @benjaminbollen suggested a captcha type mechanism to at least prevent or hinder bots. The conversation moved on and this is where I think there is an interesting possibility.

Imagine the network could take some proof of you as a human and this proof were unique. If this was hashed then the network could allocate you the right to create an account (this is like mining). This means every account was mined by a specific human. That would solve many edge cases and allow us to move forward with a huge amount of opportunities.

If we knew each account was a unique individual the network could really start to prove itself very quickly for functions like, voting, ranking of others as well as limiting data uploads per person based on some fairness algorithm (the easy part) that we implement. At the moment it is a pure quid pro quo, but we are rapidly altering that as we now have farmer incentives.

In any case proof of a unique human would be incredible for a great many reasons.

There are several rules here though.

1: Any client side mechanism can be faked.
2: Any input digital information can be faked.
3: Any mechanism that required digital parsing alone can be faked.

@benjaminbollen figured that voice could be used and this lead us to thinking about perhaps speaker recognition. This would be a system where an individual can be recognised via speech. Instead of using this as a password though (some systems do this), we would instead use it as a mining proof. So a speech sample can be proven unique (within parameters, 1% failure) and this proof could be hashed and stored on the network. This storing would allow the network to allow the user to create an account. The account is not linked in this case, the mined human validation only allows you to create a single account, that’s all. This means no privacy loss.

Users could have only one account per person then and identified as a unique human. No more accounts could be created for that user. (need for key dispersal backups here, but ignore for now a person losing access and needing to re-create an account).

The problem is that, if we could make this accurate enough, it would be client side. That means it can be scripted as @Traktion pointed out.

So this is where I think @benjaminbollen had a great point, captchas. What we need is a system where the network challenges a person with a voice captcha type mechanism. This would mean including speech recognition to an extent. So we use a captcha type mechanism to request a person say specific things and when we are happy these are what was said, we analyse the results for speaker recognition for each element of the returned results (make sure same speaker in all utterances). Then we do the mining trick. In this case the network is creating the digital information required for the mining attempt, not trusting any client.

This would mean the network requests from the client several lossless audio files that are analysed. These are then thrown away by the network to remove any link with the person and the mined unique identifier. These requests would be as unknown up front as a traditional captcha. If the client kept these, they are of no use, they have been made one time use only as a mining attempt.

Then we have unique anonymous humans

A good thing for us, is that we are not looking for 100% accurate recognition for network access each time, like a password. We are looking for close enough speaker recognition. At the moment I believe the accuracy is circa 99% so not good enough for passwords, arguably, but probably good enough for us. If 1 person in 100 could create 2 accounts at the moment, then it’s still an issue. It is also a marked improvement on any system I can think of today. It may mean that trolls and such like would have to watch out as reputation may be something that will be manageable by the network (huge caution here, I know).

So please fire in with ways to look at this. think we all can attack the edge cases later (like re-creating accounts, people who cannot speak, lifetime reputation etc.) I see these as easier to fix issues and definitely to be dealt with, but only after we see if we could make a system like this work.These are smaller and easier to fix issues in my mind. If we get the tech side to work we can attack each of the possible downsides after that. This is a very interesting opportunity and a good thing, it can be retrospectively added as a new account type (validated unique human) later if required.

Plus the matrix needs to count each battery, surely? (strokes_white_cat)

It seems that speech recognition of digits is considered almost perfect. If the network could ask the person to speak random single digits one at a time, say 4 of them. Then I think we can employ speaker recognition and mining to confirm this entity as human and unique. Oh for a speech expert, this could be amazing I think.

Yes, this would be an amazing step into voting and other applications that need “proof of unique human.” This is definitely a “must have” down the road if not sooner.

The problem I see is that if computers are good at speech recognition it is also quite likely that they are good at speech synthesis, meaning that answers to these “voice captchas” would be scriptable. In general, captchas will always be a war between computers and humans, and A.I. is developing so quickly now that I find it hard to see a robust, long term solution based on captcha-like techniques.

Is there anything that could be done with cell phone numbers? Those are generally unique and the great majority of people have them. And they have a financial barrier of entry, so you can’t generate tons of accounts because there’s a cost applied to it.

Although I guess this would require the network to connect to an external system to actually validate the phone number by text or phonecall…

Yes this is interesting, I am not sure if the speaker identification can detect an actual human or not. This would be an interesting issue if it can be solved. I think I will contact the developers of the speaker recognition software to see if they can comment at all.

Even if it is possible with AI and if it is hugely expensive it would be fine I think. I Will try and make some intros and see what we can find out. I know there are companies using speech input as a passord, I presume they detect recordings somehow? I am off to investigate now

Here’s an interesting thought. What if you had to pay for a new account in Safecoin? Sounds weird, and circular. But, what if to even get started, you need to have Safecoins. Or MaidSafeCoins. So I can’t even have an account unless someone invites me to the network by transferring me Safecoins. So for someone to create a ton of new accounts, they’d be paying the network and eventually the cost would just be too high. Then, couple this with another barrier of entry, like speaker recognition or captcha or something.

This also adds a strange (but historically successful) level of interest for the network through exclusivity. Invitation systems have always been successful. And its not ACTUAL exclusivity, because it should be pretty easy to get coins. People on Twitter/Facebook would be asking for coins from friends, generating interesting.

Could something like that work?

Very interesting and thought provoking.

Yeah, this is actually exactly what Ripple does (XRP is the internal currency in Ripple).

When you first create a Ripple wallet, it will need to be activated before it can be used. This prevents accounts from being created in an automated fashion, or for fraudulent purposes.

Activating an account involves transferring a minimal number of XRP into the account (this number is currently 20 XRP, though it can change from time to time

Another option is to require some sort of proof-of-work.

I really like this far out idea!

What if we took 1 million safecoin and gave them away to twitter or whatsapp accounts for people to use as access to the network? The trolls would come running form the hills for 1 This could I am sure be done fairly. If we used some of the core pool for this and the network returned 1 million to the core pool through mining (a small adjustment to the algorithm, same outcome).

People could create accoutn and be stuck at the page that asked for the safecoin (they have their wallet address shown) Then the person types that wallet address into twitter or similar (no accounts less than 1 month old or something) and we have some bot that passes a safecoin to that wallet. The user access pay and they are in.

Now safecoin is being used, there would be a strong chance fiat->safecoin places would be set up (they are only $0.02 anyway so not expensive really). We could give every user 5 safecoin for each of their friends.

This would just be a market push, we then ask farmers to throw some safecoin out there on exchanges. It could be the start the currency would benefit from. Sure we are missing something here? Sounds pretty plausible though.

Yes this may have some legs this idea!

That’s great. And what makes MaidSafe unique is that it’s access not to just a wallet, but to another level of the internet. You’ll have access to content and a service otherwise inaccessible. Just for the storage capabilities alone, people would try to get in.

And this money would be eaten by the network, so you couldn’t just, say, open the account, transfer money to another account so that you could start of chain of accounts you control. You’d have to deplete your own Safecoin resources to do this. It wouldn’t prevent people having a few accounts, but it would prevent bots from registering accounts.

I like this approach too. There are lots of details to work out though and I need to learn a lot more about the technical details of MaidSafe before I can contribute to that discussion… but I can add some questions for others to answer.

• What happens to Safecoins that are paid to activate an account? In Ripple this is an account “reserve” that can’t be touched. Other options are that they are destroyed or somehow redistributed to farmers.
• How is the “activation amount” determined? It can’t be a fixed amount of X safecoins, since X would probably be very cheap now but could be extremely expensive in the future when a safecoin is worth much more.

I find this to be a barrier to thos who are technically (computerwise) illiterate and intimidated by the whole notion of new social networks let alone decentralization. A lot of the time I have a hard time getting people to use Friendica or Diaspora because they’re dentralized networks. If maidsafe became an exclusive network this would only inhibit adoption further, especially if you had to pay to get an account. Sorry but i think this is a really bad idea.

If done right I don’t think it has to be more of a barrier than joining anything else. Receive an invite. Click a button. That’s the vision at least.

It’s certainly very hard to get others to try new social networks etc., but in your case, is it really because they’re decentralized? I think that it has a bit to do with usability, but most of all it is because of the huge network effect. Using Diaspora is no fun when all your friends are on Facebook. Google have tried several times to launch a Facebook-killer but even though they have loads of talent and loads of money they don’t seem to succeed.

Here’s the difference, IMO. I’m looking at Friendica and Diaspora now.

The problem with decentralization from a marketing perspective is that it’s not necessarily better than centralization. If your primary concern is NSA snooping and the government shutting down access, then you’re a very specific group of people. That camp, is, unfortunately, small. I guess what I mean is, I don’t think people care as much about decentralization or centralization as they care about functionality and tangible user benefit.

MaidSafe, IMO, gained traction because it offered a concept that was digestible to people. What if we decentralize storage? We could have a dropbox service that costs nothing, doesn’t require advertising to subsidize cost, and creates an economy with virtual currency. It also has the potential to be faster than most centralized systems through distribution.

Damn. That’s a product.

You want to play to strengths. When I look at Diaspora and Friendica (and Twister), I see a less attractive version of something that already exists in a better form, and all I gain from it is decentralization. I’ve never actually seen Facebook fumble on such a scale that the majority of people were planning an exodus.

But if you tell people there’s a safer version of online storage that runs faster and is cheaper, and in some cases can generate you income? That’s a thing. Slap on a little arrogance by adding exclusivity (and really, not much. Pretty low barrier) and you’ve got something there.

EDIT: The exclusivity is also acting as a way to prevent spamming accounts AND gaining attention. If its a product worth trying, people will make the effort. And if they make the effort, with this system they have to engage in some public social networking.

I disagree. Yes, speech synthesis can produce speech, but the voice print that makes a human voice unique is something that cannot be made artificially. In fact a project to give a unique voice to voiceless people ‘harvests human voices’ to give the timber of a unique voice.

Equally it is not unfeasible that in time your voice print could be ‘stolen’ and fitted on top of a synthetic voice. At that time we will have to upgrade to combine visual face recognition.

FYI I sent a note to the creators of some speaker (not speech) recondition software to enquire to the validity of this proposal.

Here is the content ( I will update the list with any reply and then we are in a better position to know where we stand with this). Still mulling over @russell suggestion of forcing payment for each account, there may be ways that would work very well.
####################################################

Hi I am involved in a project called MaidSafe. It is now a community effort and the community is growing fast. You can find some basic info and intro video at our site plus some press releases etc. http://maidsafe.net

There is a community run forum where we discuss many issues. One such issue is that we are trying to tie anonymous accounts with actual humans. In this case, we hope to do a speech captcha type system where the network will ask the user to speak several digits. We then would have the network nodes (in a consensus group) evaluate the speaker recondition. This is not to create a password, purely a one time, “yes this is a human” and we store that fact.

The intent would be to capture the unique elements of that speaker and hash those. The network would store this hash in a key value store with a specific data type (say human access). If this hash space was taken then that users already has an account, otherwise they can create an account. This would prove to be amazing if it were possible. We restarted a discussion on this here Proof of unique human and would be super keen on any input you may have.

MaidSafe is essentially a huge autonomous network that is privacy enhancing, if we identify an account is a unique human then we could have huge opportunities to improve many features of a secure Internet. It would be amazing if you could help even a little. Even to tell us this is not possible and we can move on would be great.

Many thanks and I really appreciate any help you can provide.

I also agree that a one-time off payment for an account is the most direct protection against bots. It leaves the desired question of anonymously and uniquely defining a human being for a later stage, but that is in itself not a bad thing. We can keep working on that, but it would never be ready-to-go in a few months when hopefully SAFE could launch in a beta-version.

I was also giving this ripple approach some thought, and importantly I think we have to be very careful to not raise any barriers for early adoption! @dirvine’s suggestion of boosting this phase with 1 million free safecoins, locked in the activation wallet, is not a bad idea at all! These should be released to the network and not go into a personal wallet. (Imagine giving 1 safecoin now, and it gaining true value: every early adopter will close his account, claim the one safecoin and pay for a much cheaper (0.001 safecoin maybe by that time perhaps) new account! It would suck value out of the coin. Actually, any closing of the account should absorb the coin into the network: you paid this to have the account.

I keep making one comparison from a lesson learned in a very different context: malaria nets. Aid organisations are (too slowly) realising that giving away things for free can have strange side effects. An interesting study showed that a large part of malaria nets that were distributed free of charge were never used as malaria nets. Even though there was an actual threat of malaria people still used the nets for fishing etc, but not for sleeping protected from musquito’s.

When the nets were sold at a (subsidised) price that local families could afford, remarkably almost all nets were used for their purpose and the fight against malaria was much more effective.

I’m digressing but the story shows that it is a good thing to offer things for a price: it registers with people that this has actual value they want to use it wisely. the challenge is putting a price globally that is not too expensive for the majority of the world; it will hence be ridiculously cheap for (almost) anyone in EU/US. I’m thinking fixing it at about EUR 1, and having the amount of safecoins fluctuate on a monthly revision. It could also be 1 safecoin, but we have to be careful it doesn’t look ridiculous as a measure to annoy people.

The software should be designed for an ultra smooth process of registering after the promo-coins are all distributed. The problem here is that the majority of users will only know how to pay in fiat currency. So unless the MaidSafe foundation wants to accept fiat currency for handing out ‘pre mined’ coins, it will always de facto depend on friends of friends (or exchanges) trading their safecoins for fiat.

I’m actually pro for introducing a second fundraiser for the foundation/company in this way; that is if the team still has hair left after the first one :))). You wouldn’t actually be buying safecoins, rather only the account. the coin would be locked in the activation-wallet and return to the network upon closing the account.

It would also still be anonymous: anyone can make a MAID, that instantly gives you access to all the public data on the network (maybe even writing publicly). To activate the private storage, you need the wallet to be filled to the current value in safecoins. Either you make a crypto currency transfer with friends, or go to a MaidSafe official website where you give the wallet address to be activated, and pay with credit card/PayPal/bank transfer. What ever old fashioned way they prefer :).

Small edits, notes on the previous remark: there is actually no need to make use of pre mined coins for the selling of accounts. MaidSafe will also earn safecoins through farming for the early adopters. Actually, anyone with safecoins could set up an account-activation exchange. But it would be nice if the Foundation would be the main beneficiary of this market.

As an investor who already has MSAFE = Safecoins, and I plan to be a vault farmer like many others, I have no problem donating 10% of whatever I farm to go towards “marketing outreach.” If you do decide to make this plan happen, you got my support!

In fact, if you want to take it a step further, I suggest we allow farmers the ability to donate a percentage/amount of their safecoin earnings, to continue fundraising. The MaidSafe Foundation or whomever receives the donations can use it to market, expand development, etc.

We already took a big hit from the last crowd sale, and I refuse to let that be the reason for this project not gaining momentum that it should. If my investment is to make a good return, it is in my best interest to make sure we succeed!