Proof-of-Personhood Bridge

The core function is to serve as a verification gateway that checks a user's proof-of-personhood (PoP) credential (e.g., from Worldcoin, BrightID, or Idena) before permitting a cross-chain transaction. This prevents bots or sybil attackers from bridging assets to farm rewards or manipulate governance on the destination chain.

• Pre-Bridge Attestation: The bridge contract queries a trusted oracle or verifier contract for a valid, non-expired PoP attestation linked to the user's wallet.
• Stateful Validation: Maintains a registry of used credentials to prevent credential reuse across multiple wallets, enforcing a one-human, one-vote principle for bridged actions.

Enables fair distribution of tokens, NFTs, or voting power across ecosystems by tying allocations to verified human identities. This is critical for cross-chain airdrops and governance power delegation.

• Example: A DAO on Ethereum can distribute voting tokens to verified humans on Solana or Base via the bridge, ensuring each recipient is a unique individual.
• Mechanism: The bridge mints a corresponding soulbound token (SBT) or voting NFT on the destination chain only after successful PoP verification, which then acts as the claim ticket or governance right.

Designed with a modular architecture to support multiple, pluggable identity protocols. Instead of being locked to one system, the bridge can integrate various PoP verifiers as adapters.

• Supported Protocols: May include Worldcoin's Orb verification, BrightID's social graph, Idena's proof-of-humanity puzzles, or government ID-based zkProofs.
• Unified Interface: Presents a standard interface (e.g., IVerifier) to the bridge core, allowing the governance to upgrade or add new identity systems without modifying the core bridging logic.

Must account for the differing consensus mechanisms and finality times between the source and destination chains. A PoP bridge adds an extra layer of conditional logic atop standard bridge security models (like optimistic or light client bridges).

• Conditional Finality: A transaction is only considered final on the destination chain once both the asset transfer is secured and the PoP attestation is validated.
• Challenge Periods: In optimistic designs, the PoP attestation itself may be subject to a fraud proof challenge window, allowing the community to dispute fraudulent identity claims.

Implements techniques to protect user privacy while proving humanity. A naive design could link a user's identity across all their blockchain activities.

• Zero-Knowledge Proofs (ZKPs): Users can generate a ZK proof that they hold a valid PoP credential from a trusted issuer without revealing the credential itself or creating a persistent cross-chain identity link.
• Minimal Disclosure: The bridge only learns the binary result (verified/not verified) or a nullifier to prevent double-spending of the credential, not the underlying personal data.

Requires a robust governance framework to manage the trusted set of issuers and handle credential revocation. This is a critical security and decentralization aspect.

• Issuer Registry: A managed list of approved PoP protocol verifier contracts or oracles, often controlled by a decentralized autonomous organization (DAO) of bridge users.
• Revocation Logic: The bridge must check real-time revocation lists or status registries maintained by identity issuers to reject credentials that have been compromised or revoked.

A Proof-of-Personhood Bridge allows a user's verified identity (e.g., from Worldcoin's Orb, Idena, or BrightID) to be attested on another blockchain. This prevents a single user from creating multiple, fraudulent identities (sybil attacks) across chains to manipulate governance votes, claim excessive airdrops, or spam networks. For example, a DAO on Ethereum could use bridged credentials to ensure one-person-one-vote in a cross-chain governance proposal.

Projects distributing tokens based on proven humanity can use a bridge to verify recipients across multiple chains, ensuring fair distribution. This prevents bots and sybils from draining resources meant for real users. A UBI token launched on Polygon could verify eligibility using a personhood proof originally generated on the Optimism network, creating a seamless, fraud-resistant cross-chain distribution system.

Users can carry their social graph, credentials, and reputation scores across decentralized social (DeSo) platforms and community DAOs on different blockchains. A verifiable credential proving you are a long-standing contributor in an Ethereum DAO could be bridged to a governance system on Arbitrum, granting you reputation-based access without starting from zero. This creates a portable, user-centric digital identity layer.

Bridged proof-of-personhood can satisfy Know Your Customer (KYC) requirements for regulated DeFi applications without exposing raw personal data. A user could complete a verification once with a trusted provider, and a zero-knowledge proof of their verified status can be bridged to permissioned lending protocols on other chains. This reduces friction for compliant cross-chain finance while preserving privacy.

Protocols with multi-chain governance (e.g., token voting on Ethereum, execution on a Layer 2) can use bridged personhood proofs to ensure each unique human voter gets one vote, regardless of which chain they hold assets on. This prevents whale voters from splitting holdings across chains to multiply voting power, protecting the one-person-one-vote principle in decentralized decision-making.

Bridges can transmit zero-knowledge proofs (ZKPs) of personhood, allowing users to prove they are a unique human without revealing which specific identity provider they used or any biometric data. This enables private login mechanisms for gated websites, NFT communities, or services across the Web3 ecosystem, moving beyond simple wallet-based authentication to a more robust, privacy-focused standard.

The primary security goal is to prevent a single entity from creating multiple fake identities (Sybils). Bridges rely on the underlying Proof-of-Personhood (PoP) protocol (e.g., Worldcoin's Orb, Idena, BrightID) to provide this guarantee. The security of the entire bridge depends on the cryptographic and procedural robustness of this external verification.

Trust hinges on how the bridge handles sensitive biometric or personal data. Key considerations:

• Zero-Knowledge Proofs (ZKPs): The ideal model where users prove uniqueness without revealing raw data.
• Data Storage: Whether biometric templates are stored centrally or in a decentralized manner.
• Linkability: Risk of the bridge or PoP provider linking on-chain activity to a real-world identity, compromising pseudonymity.

The bridge often creates a trust dependency on the PoP provider's infrastructure and governance. This introduces risks:

• Single Point of Failure: If the provider's verification servers go offline, the bridge is unusable.
• Censorship: The provider could, in theory, deny verification or revoke credentials based on arbitrary rules.
• Governance Capture: Control over the bridge's upgradeability or credential revocation must be carefully decentralized.

A secure bridge must have mechanisms to handle revoked or expired credentials. This involves:

• Revocation Lists: Maintaining and updating a list of invalidated identities on-chain or via attested updates.
• Liveness Proofs: Requiring periodic re-verification to ensure the person is still active and unique, preventing the sale or rental of identities.
• Graceful Exit: Processes for users to voluntarily exit systems and have their on-chain assets or access rights handled fairly.

Beyond the PoP layer, the bridge contract itself is a target. Key vulnerabilities include:

• Signature Verification: Flaws in how the bridge verifies attestations from the PoP provider.
• Oracle Manipulation: If the bridge uses an oracle to fetch verification states, that oracle becomes a critical attack surface.
• Front-running & MEV: In permissionless systems, malicious actors may exploit transaction ordering to steal newly minted soulbound tokens (SBTs) or governance rights.

Users must clearly understand the trust model. This typically involves trusting:

1. The PoP protocol's security and uniqueness guarantee.
2. The bridge developers not to include malicious code.
3. The bridge operators (if any) to relay data honestly. Mitigation relies on comprehensive smart contract audits, open-source code, and decentralized governance over critical parameters.

A cryptographic mechanism for verifying that a digital identity corresponds to a unique human being, not a bot or duplicate account. It is the foundational protocol that a bridge connects to a blockchain.

• Core Goal: Prevent Sybil attacks by establishing unique human identity.
• Methods: Can include biometric verification (e.g., World ID's Orb), social graph analysis, or government ID attestation.
• Output: Typically a verifiable credential or zero-knowledge proof that attests to the holder's 'humanness' without revealing personal data.

A cryptographically signed statement issued by a trusted verifier (like a PoP protocol) that makes a claim about an identity. This is the primary data unit bridged on-chain.

• Structure: Contains the claim (e.g., 'is a unique human'), the subject's identifier, and the verifier's signature.
• On-Chain Use: Once bridged, smart contracts can verify the attestation's signature to gate access to functions, airdrops, or governance rights.
• Example: The Ethereum Attestation Service (EAS) provides a standard schema for creating and verifying on-chain attestations.

A cryptographic method that allows one party (the prover) to prove to another (the verifier) that a statement is true without revealing any information beyond the validity of the statement itself. Crucial for privacy-preserving PoP bridges.

• Role in PoP: A user can generate a ZK proof that they hold a valid PoP credential without exposing the credential itself or their underlying identifier.
• Bridge Function: The bridge often verifies this ZK proof on-chain, enabling private eligibility checks for applications.
• Technology: Commonly implemented using zk-SNARKs or zk-STARKs.

An attack on a network or system where a single adversary creates and controls a large number of fake identities (Sybils) to gain disproportionate influence. Proof-of-Personhood bridges are built specifically to mitigate this.

• Problem: Sybil attacks can manipulate governance voting, drain fair airdrops, and spam social networks.
• Defense: A PoP bridge introduces a cost (the cost of obtaining a verified human identity) that makes large-scale Sybil attacks economically impractical.
• Contrast: Unlike Proof-of-Work (costly computation) or Proof-of-Stake (costly capital), PoP uses the cost of verifying unique humanity.

A W3C standard digital document containing claims about a subject, cryptographically signed by an issuer. It is the portable identity object often managed by PoP protocols and referenced by bridges.

• Components: Includes metadata, claims, and proofs (signatures).
• Portability: Users hold their VCs in a digital wallet and can present them to different verifiers, including cross-chain bridges.
• Interoperability: Standards like Decentralized Identifiers (DIDs) and VCs allow PoP systems to work across multiple blockchains and applications.

An off-chain service or network participant that submits transactions to the blockchain on behalf of users. It is a critical infrastructure component for many PoP bridges.

• Purpose: Allows users to interact with the blockchain without holding the native cryptocurrency for gas fees, improving accessibility.
• Mechanism: The user signs a message (e.g., their attestation proof), and the relayer pays for and broadcasts the transaction. Fees may be covered by the application.
• Security: Uses meta-transactions or account abstraction to ensure the user's intent is executed without the relayer having custody of assets.